@icure/api 8.0.0-RC.2 → 8.0.0-RC.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (213) hide show
  1. package/icc-api/api/IccAccesslogApi.d.ts +12 -4
  2. package/icc-api/api/IccAccesslogApi.js +23 -18
  3. package/icc-api/api/IccAccesslogApi.js.map +1 -1
  4. package/icc-api/api/IccAgendaApi.d.ts +13 -4
  5. package/icc-api/api/IccAgendaApi.js +42 -19
  6. package/icc-api/api/IccAgendaApi.js.map +1 -1
  7. package/icc-api/api/IccApplicationsettingsApi.d.ts +1 -1
  8. package/icc-api/api/IccApplicationsettingsApi.js +2 -2
  9. package/icc-api/api/IccApplicationsettingsApi.js.map +1 -1
  10. package/icc-api/api/IccArticleApi.d.ts +13 -4
  11. package/icc-api/api/IccArticleApi.js +50 -26
  12. package/icc-api/api/IccArticleApi.js.map +1 -1
  13. package/icc-api/api/IccAuthApi.d.ts +1 -1
  14. package/icc-api/api/IccAuthApi.js +2 -2
  15. package/icc-api/api/IccAuthApi.js.map +1 -1
  16. package/icc-api/api/IccCalendarItemApi.d.ts +8 -4
  17. package/icc-api/api/IccCalendarItemApi.js +15 -22
  18. package/icc-api/api/IccCalendarItemApi.js.map +1 -1
  19. package/icc-api/api/IccCalendarItemTypeApi.d.ts +6 -4
  20. package/icc-api/api/IccCalendarItemTypeApi.js +60 -45
  21. package/icc-api/api/IccCalendarItemTypeApi.js.map +1 -1
  22. package/icc-api/api/IccClassificationApi.d.ts +14 -5
  23. package/icc-api/api/IccClassificationApi.js +22 -12
  24. package/icc-api/api/IccClassificationApi.js.map +1 -1
  25. package/icc-api/api/IccClassificationTemplateApi.d.ts +14 -5
  26. package/icc-api/api/IccClassificationTemplateApi.js +102 -70
  27. package/icc-api/api/IccClassificationTemplateApi.js.map +1 -1
  28. package/icc-api/api/IccCodeApi.d.ts +1 -1
  29. package/icc-api/api/IccCodeApi.js +2 -2
  30. package/icc-api/api/IccCodeApi.js.map +1 -1
  31. package/icc-api/api/IccContactApi.d.ts +11 -4
  32. package/icc-api/api/IccContactApi.js +20 -13
  33. package/icc-api/api/IccContactApi.js.map +1 -1
  34. package/icc-api/api/IccDataownerApi.d.ts +1 -1
  35. package/icc-api/api/IccDataownerApi.js +44 -27
  36. package/icc-api/api/IccDataownerApi.js.map +1 -1
  37. package/icc-api/api/IccDeviceApi.d.ts +1 -1
  38. package/icc-api/api/IccDeviceApi.js +43 -32
  39. package/icc-api/api/IccDeviceApi.js.map +1 -1
  40. package/icc-api/api/IccDoctemplateApi.d.ts +10 -8
  41. package/icc-api/api/IccDoctemplateApi.js +121 -101
  42. package/icc-api/api/IccDoctemplateApi.js.map +1 -1
  43. package/icc-api/api/IccDocumentApi.d.ts +13 -5
  44. package/icc-api/api/IccDocumentApi.js +24 -14
  45. package/icc-api/api/IccDocumentApi.js.map +1 -1
  46. package/icc-api/api/IccEntityrefApi.d.ts +1 -1
  47. package/icc-api/api/IccEntityrefApi.js +27 -16
  48. package/icc-api/api/IccEntityrefApi.js.map +1 -1
  49. package/icc-api/api/IccEntitytemplateApi.d.ts +6 -4
  50. package/icc-api/api/IccEntitytemplateApi.js +118 -97
  51. package/icc-api/api/IccEntitytemplateApi.js.map +1 -1
  52. package/icc-api/api/IccFormApi.d.ts +13 -5
  53. package/icc-api/api/IccFormApi.js +24 -18
  54. package/icc-api/api/IccFormApi.js.map +1 -1
  55. package/icc-api/api/IccFrontendmigrationApi.d.ts +1 -1
  56. package/icc-api/api/IccFrontendmigrationApi.js +19 -10
  57. package/icc-api/api/IccFrontendmigrationApi.js.map +1 -1
  58. package/icc-api/api/IccGroupApi.d.ts +16 -2
  59. package/icc-api/api/IccGroupApi.js +29 -3
  60. package/icc-api/api/IccGroupApi.js.map +1 -1
  61. package/icc-api/api/IccHcpartyApi.d.ts +25 -10
  62. package/icc-api/api/IccHcpartyApi.js +84 -53
  63. package/icc-api/api/IccHcpartyApi.js.map +1 -1
  64. package/icc-api/api/IccHelementApi.d.ts +13 -5
  65. package/icc-api/api/IccHelementApi.js +25 -21
  66. package/icc-api/api/IccHelementApi.js.map +1 -1
  67. package/icc-api/api/IccIcureApi.d.ts +1 -1
  68. package/icc-api/api/IccIcureApi.js +2 -2
  69. package/icc-api/api/IccIcureApi.js.map +1 -1
  70. package/icc-api/api/IccInsuranceApi.d.ts +3 -1
  71. package/icc-api/api/IccInsuranceApi.js +76 -47
  72. package/icc-api/api/IccInsuranceApi.js.map +1 -1
  73. package/icc-api/api/IccInvoiceApi.d.ts +1 -1
  74. package/icc-api/api/IccInvoiceApi.js +5 -11
  75. package/icc-api/api/IccInvoiceApi.js.map +1 -1
  76. package/icc-api/api/IccKeywordApi.d.ts +6 -5
  77. package/icc-api/api/IccKeywordApi.js +59 -45
  78. package/icc-api/api/IccKeywordApi.js.map +1 -1
  79. package/icc-api/api/IccMaintenanceTaskApi.d.ts +13 -4
  80. package/icc-api/api/IccMaintenanceTaskApi.js +22 -12
  81. package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
  82. package/icc-api/api/IccMedexApi.d.ts +1 -1
  83. package/icc-api/api/IccMedexApi.js +19 -10
  84. package/icc-api/api/IccMedexApi.js.map +1 -1
  85. package/icc-api/api/IccMedicallocationApi.d.ts +6 -4
  86. package/icc-api/api/IccMedicallocationApi.js +52 -39
  87. package/icc-api/api/IccMedicallocationApi.js.map +1 -1
  88. package/icc-api/api/IccMessageApi.d.ts +9 -7
  89. package/icc-api/api/IccMessageApi.js +14 -21
  90. package/icc-api/api/IccMessageApi.js.map +1 -1
  91. package/icc-api/api/IccPatientApi.d.ts +13 -5
  92. package/icc-api/api/IccPatientApi.js +23 -13
  93. package/icc-api/api/IccPatientApi.js.map +1 -1
  94. package/icc-api/api/IccPermissionApi.d.ts +1 -1
  95. package/icc-api/api/IccPermissionApi.js +19 -10
  96. package/icc-api/api/IccPermissionApi.js.map +1 -1
  97. package/icc-api/api/IccPlaceApi.d.ts +7 -5
  98. package/icc-api/api/IccPlaceApi.js +53 -40
  99. package/icc-api/api/IccPlaceApi.js.map +1 -1
  100. package/icc-api/api/IccReceiptApi.d.ts +13 -4
  101. package/icc-api/api/IccReceiptApi.js +23 -13
  102. package/icc-api/api/IccReceiptApi.js.map +1 -1
  103. package/icc-api/api/IccReplicationApi.d.ts +1 -1
  104. package/icc-api/api/IccReplicationApi.js +3 -5
  105. package/icc-api/api/IccReplicationApi.js.map +1 -1
  106. package/icc-api/api/IccRoleApi.d.ts +16 -0
  107. package/icc-api/api/IccRoleApi.js +42 -0
  108. package/icc-api/api/IccRoleApi.js.map +1 -0
  109. package/icc-api/api/IccTarificationApi.d.ts +1 -1
  110. package/icc-api/api/IccTarificationApi.js +19 -10
  111. package/icc-api/api/IccTarificationApi.js.map +1 -1
  112. package/icc-api/api/IccTimeTableApi.d.ts +13 -4
  113. package/icc-api/api/IccTimeTableApi.js +21 -9
  114. package/icc-api/api/IccTimeTableApi.js.map +1 -1
  115. package/icc-api/api/IccTopicApi.d.ts +13 -6
  116. package/icc-api/api/IccTopicApi.js +18 -3
  117. package/icc-api/api/IccTopicApi.js.map +1 -1
  118. package/icc-api/api/IccUserApi.d.ts +31 -1
  119. package/icc-api/api/IccUserApi.js +65 -2
  120. package/icc-api/api/IccUserApi.js.map +1 -1
  121. package/icc-api/api/{IccExchangeDataApi.d.ts → internal/IccExchangeDataApi.d.ts} +4 -4
  122. package/icc-api/api/internal/IccExchangeDataApi.js +106 -0
  123. package/icc-api/api/internal/IccExchangeDataApi.js.map +1 -0
  124. package/icc-api/api/{IccExchangeDataMapApi.d.ts → internal/IccExchangeDataMapApi.d.ts} +4 -4
  125. package/icc-api/api/internal/IccExchangeDataMapApi.js +84 -0
  126. package/icc-api/api/internal/IccExchangeDataMapApi.js.map +1 -0
  127. package/icc-api/api/internal/IccRecoveryDataApi.d.ts +19 -0
  128. package/icc-api/api/internal/IccRecoveryDataApi.js +83 -0
  129. package/icc-api/api/internal/IccRecoveryDataApi.js.map +1 -0
  130. package/icc-api/api/{IccSecureDelegationKeyMapApi.d.ts → internal/IccSecureDelegationKeyMapApi.d.ts} +6 -6
  131. package/icc-api/api/{IccSecureDelegationKeyMapApi.js → internal/IccSecureDelegationKeyMapApi.js} +5 -5
  132. package/icc-api/api/internal/IccSecureDelegationKeyMapApi.js.map +1 -0
  133. package/icc-api/model/Group.d.ts +4 -0
  134. package/icc-api/model/Group.js.map +1 -1
  135. package/icc-api/model/Message.d.ts +5 -0
  136. package/icc-api/model/Message.js.map +1 -1
  137. package/icc-api/model/MessageAttachment.d.ts +10 -0
  138. package/icc-api/model/MessageAttachment.js +10 -0
  139. package/icc-api/model/MessageAttachment.js.map +1 -0
  140. package/icc-api/model/PaginatedListInsurance.d.ts +20 -0
  141. package/icc-api/model/PaginatedListInsurance.js +10 -0
  142. package/icc-api/model/PaginatedListInsurance.js.map +1 -0
  143. package/icc-api/model/Role.d.ts +11 -0
  144. package/icc-api/model/Role.js +10 -0
  145. package/icc-api/model/Role.js.map +1 -0
  146. package/icc-api/model/RoleConfiguration.d.ts +6 -0
  147. package/icc-api/model/RoleConfiguration.js +10 -0
  148. package/icc-api/model/RoleConfiguration.js.map +1 -0
  149. package/icc-api/model/RoleSourceEnum.d.ts +11 -0
  150. package/icc-api/model/RoleSourceEnum.js +16 -0
  151. package/icc-api/model/RoleSourceEnum.js.map +1 -0
  152. package/icc-api/model/User.d.ts +19 -0
  153. package/icc-api/model/User.js +6 -0
  154. package/icc-api/model/User.js.map +1 -1
  155. package/icc-api/model/UserTypeEnum.d.ts +9 -0
  156. package/icc-api/model/UserTypeEnum.js +14 -0
  157. package/icc-api/model/UserTypeEnum.js.map +1 -0
  158. package/icc-api/model/internal/ExchangeData.d.ts +20 -4
  159. package/icc-api/model/internal/ExchangeData.js +8 -2
  160. package/icc-api/model/internal/ExchangeData.js.map +1 -1
  161. package/icc-api/model/internal/RecoveryData.d.ts +47 -0
  162. package/icc-api/model/internal/RecoveryData.js +34 -0
  163. package/icc-api/model/internal/RecoveryData.js.map +1 -0
  164. package/icc-api/model/models.d.ts +6 -1
  165. package/icc-api/model/models.js +5 -0
  166. package/icc-api/model/models.js.map +1 -1
  167. package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -0
  168. package/icc-x-api/auth/JwtBridgedAuthService.js +10 -3
  169. package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
  170. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +37 -25
  171. package/icc-x-api/crypto/BaseExchangeDataManager.js +123 -64
  172. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  173. package/icc-x-api/crypto/CryptoPrimitives.d.ts +3 -0
  174. package/icc-x-api/crypto/CryptoPrimitives.js +5 -0
  175. package/icc-x-api/crypto/CryptoPrimitives.js.map +1 -1
  176. package/icc-x-api/crypto/DelegationsDeAnonymization.js +1 -1
  177. package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -1
  178. package/icc-x-api/crypto/ExchangeDataManager.js +14 -6
  179. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  180. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +1 -1
  181. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
  182. package/icc-x-api/crypto/HMACUtils.d.ts +10 -0
  183. package/icc-x-api/crypto/HMACUtils.js +48 -0
  184. package/icc-x-api/crypto/HMACUtils.js.map +1 -0
  185. package/icc-x-api/crypto/SecureDelegationsManager.js +3 -0
  186. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  187. package/icc-x-api/crypto/UserSignatureKeysManager.d.ts +1 -1
  188. package/icc-x-api/crypto/UserSignatureKeysManager.js +2 -2
  189. package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -1
  190. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  191. package/icc-x-api/icc-icure-maintenance-x-api.d.ts +1 -1
  192. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  193. package/icc-x-api/icc-maintenance-task-x-api.d.ts +5 -3
  194. package/icc-x-api/icc-maintenance-task-x-api.js +7 -1
  195. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  196. package/icc-x-api/icc-recovery-x-api.d.ts +0 -0
  197. package/icc-x-api/icc-recovery-x-api.js +2 -0
  198. package/icc-x-api/icc-recovery-x-api.js.map +1 -0
  199. package/icc-x-api/index.d.ts +2 -0
  200. package/icc-x-api/index.js +7 -2
  201. package/icc-x-api/index.js.map +1 -1
  202. package/icc-x-api/storage/KeyStorageImpl.d.ts +1 -0
  203. package/icc-x-api/storage/KeyStorageImpl.js +20 -12
  204. package/icc-x-api/storage/KeyStorageImpl.js.map +1 -1
  205. package/package.json +1 -1
  206. package/icc-api/api/IccDocumentTemplateApi.d.ts +0 -106
  207. package/icc-api/api/IccDocumentTemplateApi.js +0 -223
  208. package/icc-api/api/IccDocumentTemplateApi.js.map +0 -1
  209. package/icc-api/api/IccExchangeDataApi.js +0 -85
  210. package/icc-api/api/IccExchangeDataApi.js.map +0 -1
  211. package/icc-api/api/IccExchangeDataMapApi.js +0 -65
  212. package/icc-api/api/IccExchangeDataMapApi.js.map +0 -1
  213. package/icc-api/api/IccSecureDelegationKeyMapApi.js.map +0 -1
@@ -1 +1 @@
1
- {"version":3,"file":"SecureDelegationsManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wFAAoF;AAKpF,oFAA6E;AAC7E,mCAA2F;AAK3F,oCAAyC;AAIzC,2EAAuE;AACvE,sHAAkH;AAClH,IAAO,mBAAmB,GAAG,qEAAiC,CAAC,mBAAmB,CAAA;AAClF,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AACzD,2EAAuE;AAGvE,MAAa,wBAAwB;IACnC,YACmB,mBAAwC,EACxC,sBAA8C,EAC9C,2BAAwD,EACxD,wBAAkD,EAClD,QAAmC,EACnC,UAA4B,EAC5B,YAA8B,EAC9B,gBAAkC,EAClC,6BAAsC;QARtC,wBAAmB,GAAnB,mBAAmB,CAAqB;QACxC,2BAAsB,GAAtB,sBAAsB,CAAwB;QAC9C,gCAA2B,GAA3B,2BAA2B,CAA6B;QACxD,6BAAwB,GAAxB,wBAAwB,CAA0B;QAClD,aAAQ,GAAR,QAAQ,CAA2B;QACnC,eAAU,GAAV,UAAU,CAAkB;QAC5B,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,kCAA6B,GAA7B,6BAA6B,CAAS;QAGxC,uBAAkB,GAO/B,IAAI,oDAAuB,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IATvD,CAAC;IAWJ;;;;;;;;;;OAUG;IACG,sCAAsC,CAC1C,MAA2C,EAC3C,UAAwC,EACxC,SAAmB,EACnB,eAAyB,EACzB,cAAwB,EACxB,eAA2E;;YAE3E,MAAM,cAAc,GAA4B,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;YAC5E,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAC5D,cAAc,EACd,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,SAAS,EACT,cAAc,EACd,eAAe,EACf,eAAe,CAAC,KAAK,EACrB,SAAS,CACV,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,oBAAoB,GAMpB,EAAE,CAAA;YACR,KAAK,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;gBACvE,IAAI,UAAU,KAAK,MAAM,EAAE;oBACzB,oBAAoB,CAAC,IAAI,CACvB,MAAM,IAAI,CAAC,wBAAwB,CACjC,cAAc,EACd,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,WAAW,EACX,kBAAkB,CAAC,sBAAsB,CAC1C,CACF,CAAA;iBACF;aACF;YACD,MAAM,iBAAiB,GAAG,MAAM,CAAC,WAAW,CAC1C,CAAC,kBAAkB,EAAE,GAAG,oBAAoB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,sBAAsB,EAAE,UAAU,CAAC,CAAC,CACpI,CAAA;YACD,MAAM,gBAAgB,qBACjB,kBAAkB,CAAC,yBAAyB,CAChD,CAAA;YACD,KAAK,MAAM,EAAE,yBAAyB,EAAE,oBAAoB,EAAE,IAAI,oBAAoB,EAAE;gBACtF,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,CAAA;aACtD;YACD,MAAM,mBAAmB,GAAG,MAAM,CAAC,WAAW,CAC5C,oBAAoB;iBACjB,MAAM,CAAC,CAAC,EAAE,uBAAuB,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB,CAAC;iBAClE,GAAG,CAAC,CAAC,EAAE,yBAAyB,EAAE,uBAAuB,EAAE,EAAE,EAAE,CAAC,CAAC,yBAAyB,EAAE,uBAAwB,CAAC,CAAC,CAC1H,CAAA;YACD,MAAM,IAAI,CAAC,sBAAsB,CAAC,sBAAsB,CAAC,mBAAmB,CAAC,CAAA;YAC7E,uCACK,MAAM,KACT,gBAAgB,EAAE,IAAI,mCAAgB,CAAC,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC,IAChF;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,8BAA8B,CAClC,cAAuC,EACvC,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,wBAAwE;;;YAExE,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CACjF,UAAU,EACV,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CAAA;YACD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,uBAAuB,CACrF,gBAAgB,CAAC,mBAAmB,EACpC,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CAAA;YACD,MAAM,wBAAwB,GAAG,IAAI,CAAC,0CAA0C,CAAC,cAAc,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAA;YAC5H,IAAI,wBAAwB,EAAE;gBAC5B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uBAAuB,CACrD,wBAAwB,CAAC,YAAY,EACrC,wBAAwB,CAAC,gBAAgB,EACzC,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EACnB,oBAAoB,CACrB,CAAA;gBACD,OAAO,YAAY,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;aAC3D;iBAAM;gBACL,MAAM,iBAAiB,GAAG,CACxB,MAAM,IAAI,CAAC,wBAAwB,CAAC,oBAAoB,CACtD,gBAAgB,CAAC,mBAAmB,EACpC,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,cAAM,EAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,OAAO;oBACL,KAAK,EAAE,MAAM,IAAI,CAAC,sBAAsB,CACtC,gBAAgB,EAChB,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,wBAAwB,CACzB;iBACF,CAAA;aACF;;KACF;IAEa,uBAAuB,CACnC,YAAoB,EACpB,kBAAoC,EACpC,gBAAqG,EACrG,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B;;YAE9B,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;YAC5I,MAAM,sBAAsB,GAAG,IAAI,GAAG,CACpC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAC/G,CAAA;YACD,MAAM,uBAAuB,GAAG,IAAI,GAAG,CACrC,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAChH,CAAA;YACD,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;YAC9E,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;YAC/F,MAAM,kBAAkB,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;YAChG,IAAI,YAAY,CAAC,MAAM,IAAI,iBAAiB,CAAC,MAAM,IAAI,kBAAkB,CAAC,MAAM,EAAE;gBAChF,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,YAAY,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;gBACjI,MAAM,0BAA0B,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;gBAChJ,MAAM,2BAA2B,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAC/F,kBAAkB,EAClB,gBAAgB,CAAC,WAAW,CAC7B,CAAA;gBACD,OAAO,IAAI,qEAAiC,CAAC;oBAC3C,yBAAyB,EAAE,YAAY;oBACvC,SAAS,EAAE,MAAM,CAAC,WAAW,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;oBAClG,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,0BAA0B,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC9G,eAAe,EAAE,MAAM,CAAC,WAAW,CAAC,2BAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;iBAC/G,CAAC,CAAA;aACH;;gBAAM,OAAO,SAAS,CAAA;QACzB,CAAC;KAAA;IAEa,sBAAsB,CAClC,gBAAqG,EACrG,iBAA2B,EAC3B,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,wBAAwE;;YAExE,OAAO,IAAI,uCAAkB,iCACxB,CAAC,MAAM,IAAI,CAAC,iCAAiC,CAAC,gBAAgB,EAAE,UAAU,EAAE,cAAc,EAAE,mBAAmB,EAAE,oBAAoB,CAAC,CAAC,KAC1I,oBAAoB,EAAE,wBAAwB,EAC9C,iBAAiB,IACjB,CAAA;QACJ,CAAC;KAAA;IAEa,wBAAwB,CACpC,MAA+B,EAC/B,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,WAA4B,EAC5B,mBAAuC;;;YAQvC,sDAAsD;YACtD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CACjF,UAAU,EACV,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CAAA;YACD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,uBAAuB,CACrF,gBAAgB,CAAC,mBAAmB,EACpC,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CAAA;YACD,MAAM,iBAAiB,GAAG,CACxB,MAAM,IAAI,CAAC,wBAAwB,CAAC,oBAAoB,CACtD,gBAAgB,CAAC,mBAAmB,EACpC,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,cAAM,EAAC,CAAC,CAAC,CAAC,CAAA;YACvB,MAAM,yBAAyB,GAAG,iBAAiB;iBAChD,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;gBAClB,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAA;YAC1C,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3C,MAAM,YAAY,GAAG,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACpD,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,CAAA;YACrH,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAC1E,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,CACrB,CAAA;YACD,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC;gBACtC,SAAS,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,iBAAiB;gBACrD,QAAQ,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,gBAAgB;gBACnD,SAAS,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,SAAS;gBAC7C,cAAc,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,cAAc;gBACvD,eAAe,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,eAAe;gBACzD,iBAAiB,EAAE,mBAAmB,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC1E,cAAc,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,cAAc;gBACvD,uBAAuB,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,uBAAuB;gBACzE,WAAW,EAAE,WAAW;aACzB,CAAC,CAAA;YACF,OAAO;gBACL,sBAAsB,EAAE,YAAY;gBACpC,yBAAyB,EAAE,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1D,UAAU;gBACV,uBAAuB,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,uBAAuB;gBACzE,yBAAyB,EAAE,eAAe;aAC3C,CAAA;;KACF;IAEa,iCAAiC,CAC7C,gBAAqG,EACrG,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B;;YAU9B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,kBAAkB,GACtB,UAAU,KAAK,MAAM;gBACnB,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,MAAM,EAAE,gBAAgB,CAAC,YAAY,CAAC;gBAC3E,CAAC,CAAC,MAAM,IAAI,CAAC,iCAAiC,CAAC,MAAM,EAAE,UAAU,EAAE,gBAAgB,CAAC,YAAY,CAAC,CAAA;YACrG,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,cAAc,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAChI,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAC/I,MAAM,wBAAwB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAClJ,uCACK,kBAAkB,KACrB,SAAS,EAAE,kBAAkB,EAC7B,cAAc,EAAE,uBAAuB,EACvC,eAAe,EAAE,wBAAwB,IAC1C;QACH,CAAC;KAAA;IAEa,iCAAiC,CAC7C,MAAc,EACd,UAAkB,EAClB,YAA0B;;YAO1B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAA;YAC5D,IAAI,CAAC,YAAY,CAAC,4BAA4B,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACrF,OAAO;oBACL,iBAAiB,EAAE,MAAM;oBACzB,gBAAgB,EAAE,UAAU;oBAC5B,cAAc,EAAE,YAAY,CAAC,EAAE;iBAChC,CAAA;aACF;iBAAM,IAAI,YAAY,CAAC,4BAA4B,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBAC3F,OAAO;oBACL,iBAAiB,EAAE,MAAM;oBACzB,uBAAuB,EAAE,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CACnF,YAAY,CAAC,EAAG,EAChB,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CACxH;iBACF,CAAA;aACF;iBAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,IAAI,IAAI,CAAC,6BAA6B,EAAE;gBAC3F,MAAM,kCAAkC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAA;gBACzF,MAAM,oBAAoB,GAAgC,EAAE,CAAA;gBAC5D,KAAK,MAAM,MAAM,IAAI,CAAC,GAAG,YAAY,CAAC,8BAA8B,EAAE,GAAG,YAAY,CAAC,gCAAgC,CAAC,EAAE;oBACvH,MAAM,MAAM,GAAG,IAAA,qBAAa,EAAC,MAAM,CAAC,CAAA;oBACpC,MAAM,UAAU,GAAG,YAAY,CAAC,8BAA8B,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;oBACrG,IAAI,kCAAkC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;wBAClD,oBAAoB,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAA;qBACpH;iBACF;gBACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM;oBAC3C,MAAM,IAAI,KAAK,CAAC,wFAAwF,CAAC,CAAA;gBAC3G,OAAO;oBACL,gBAAgB,EAAE,UAAU;oBAC5B,uBAAuB,EAAE,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAG,EAAE,oBAAoB,CAAC;iBAC9H,CAAA;aACF;;gBAAM,OAAO,EAAE,CAAA;QAClB,CAAC;KAAA;IAEO,6BAA6B,CACnC,MAAc,EACd,YAA0B;QAO1B,IAAI,IAAI,CAAC,6BAA6B,EAAE;YACtC,OAAO,EAAE,CAAA;SACV;aAAM;YACL,OAAO;gBACL,cAAc,EAAE,YAAY,CAAC,EAAE;gBAC/B,iBAAiB,EAAE,MAAM;gBACzB,gBAAgB,EAAE,MAAM;aACzB,CAAA;SACF;IACH,CAAC;IAEa,gBAAgB,CAAC,WAAmB;;YAChD,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,WAAW,EAAE,GAAS,EAAE;gBACzD,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;gBACjF,OAAO;oBACL,IAAI,EAAE;wBACJ,4BAA4B,EAAE,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,CAAC,iBAAiB,CAAC;wBAC3G,8BAA8B,EAAE,KAAK,CAAC,IAAI,CAAC,IAAA,+BAAuB,EAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;wBAC3F,gCAAgC,EAAE,KAAK,CAAC,IAAI,CAAC,IAAA,iCAAyB,EAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;qBAChG;iBACF,CAAA;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAEO,0CAA0C,CAChD,MAA6C,EAC7C,MAAgB;;QAEhB,MAAM,gBAAgB,GAAG,MAAA,MAAM,CAAC,gBAAgB,mCAAI,EAAE,CAAA;QACtD,MAAM,uBAAuB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,eAAC,OAAA,MAAA,MAAA,gBAAgB,CAAC,gBAAgB,0CAAG,IAAI,CAAC,mCAAI,EAAE,CAAA,EAAA,CAAC,CAAC,CAAC,CAAA;QAC9H,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;;YAC/C,MAAM,iBAAiB,GAAG,MAAA,gBAAgB,CAAC,iBAAiB,0CAAG,IAAI,CAAC,CAAA;YACpE,OAAO,iBAAiB,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAA;QAC7F,CAAC,CAAC,CAAA;QACF,IACE,gBAAgB,CAAC,MAAM,GAAG,CAAC;YAC3B,uBAAuB,CAAC,MAAM,GAAG,CAAC;YAClC,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA,MAAA,gBAAgB,CAAC,CAAC,CAAC,0CAAE,YAAY,CAAA,IAAI,uBAAuB,CAAC,CAAC,CAAC,MAAK,MAAA,gBAAgB,CAAC,CAAC,CAAC,0CAAE,YAAY,CAAA,CAAC;YAEzI,MAAM,IAAI,KAAK,CAAC,kFAAkF,CAAC,CAAA;QACrG,MAAM,yBAAyB,GAAG,uBAAuB,CAAC,CAAC,CAAC,CAAA;QAC5D,MAAM,yBAAyB,GAAG,MAAA,gBAAgB,CAAC,iBAAiB,0CAAG,yBAAyB,CAAC,CAAA;QACjG,OAAO,CACL,MAAA,gBAAgB,CAAC,CAAC,CAAC,mCACnB,CAAC,CAAC,CAAC,yBAAyB,IAAI,CAAC,CAAC,yBAAyB;YACzD,CAAC,CAAC,EAAE,YAAY,EAAE,yBAAyB,EAAE,gBAAgB,EAAE,yBAAyB,EAAE;YAC1F,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;IACH,CAAC;CACF;AA5ZD,4DA4ZC","sourcesContent":["import { EntityShareRequest } from '../../icc-api/model/requests/EntityShareRequest'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { EncryptedEntityWithType, EntityWithDelegationTypeName } from '../utils/EntityWithDelegationTypeName'\nimport { LruTemporisedAsyncCache } from '../utils/lru-temporised-async-cache'\nimport { fingerprintV2, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { ExchangeDataManager } from './ExchangeDataManager'\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { SecureDelegationsEncryption } from './SecureDelegationsEncryption'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, ua2hex } from '../utils'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { EntityShareOrMetadataUpdateRequest } from '../../icc-api/model/requests/EntityShareOrMetadataUpdateRequest'\nimport { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { EntitySharedMetadataUpdateRequest } from '../../icc-api/model/requests/EntitySharedMetadataUpdateRequest'\nimport EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { SecurityMetadata } from '../../icc-api/model/SecurityMetadata'\nimport { ExchangeDataMapManager } from './ExchangeDataMapManager'\n\nexport class SecureDelegationsManager {\n constructor(\n private readonly exchangeDataManager: ExchangeDataManager,\n private readonly exchangeDataMapManager: ExchangeDataMapManager,\n private readonly secureDelegationsEncryption: SecureDelegationsEncryption,\n private readonly accessControlSecretUtils: AccessControlSecretUtils,\n private readonly userKeys: UserEncryptionKeysManager,\n private readonly primitives: CryptoPrimitives,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly cryptoStrategies: CryptoStrategies,\n private readonly selfNeedsAnonymousDelegations: boolean\n ) {}\n\n private readonly dataOwnerInfoCache: LruTemporisedAsyncCache<\n string,\n {\n requiresAnonymousDelegations: boolean\n availablePublicKeysHexWithSha1: string[]\n availablePublicKeysHexWithSha256: string[]\n }\n > = new LruTemporisedAsyncCache(100, () => 30 * 60 * 1000)\n\n /**\n * Note: this method does not save the updated entity.\n * @param entity an entity, must already have secret foreign keys initialised.\n * @param entityType the type of the entity\n * @param secretIds the initial secret ids to include and share with the auto-delegations\n * @param owningEntityIds the initial owning entity ids to include and share with the auto-delegations\n * @param encryptionKeys the initial encryption keys to include and share with the auto-delegations\n * @param autoDelegations the data owners which will initially have access to the entity in addition to the current data owner and the access level\n * they will have on the entity.\n * @return the entity with the security metadata initialised for the provided parameters.\n */\n async entityWithInitialisedEncryptedMetadata<T extends EncryptedEntity>(\n entity: T & { secretForeignKeys: string[] },\n entityType: EntityWithDelegationTypeName,\n secretIds: string[],\n owningEntityIds: string[],\n encryptionKeys: string[],\n autoDelegations: { [delegateId: string]: SecureDelegation.AccessLevelEnum }\n ): Promise<T> {\n const entityWithType: EncryptedEntityWithType = { entity, type: entityType }\n const rootDelegationInfo = await this.makeSecureDelegationInfo(\n entityWithType,\n await this.dataOwnerApi.getCurrentDataOwnerId(),\n secretIds,\n encryptionKeys,\n owningEntityIds,\n AccessLevelEnum.WRITE,\n undefined\n )\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const otherDelegationsInfo: {\n canonicalDelegationKey: string\n canonicalAccessControlKey: string\n delegation: SecureDelegation\n delegationKeyEquivalences: { [p: string]: string }\n encryptedExchangeDataId: { [fp: string]: string } | undefined\n }[] = []\n for (const [delegateId, permissions] of Object.entries(autoDelegations)) {\n if (delegateId !== selfId) {\n otherDelegationsInfo.push(\n await this.makeSecureDelegationInfo(\n entityWithType,\n delegateId,\n secretIds,\n encryptionKeys,\n owningEntityIds,\n permissions,\n rootDelegationInfo.canonicalDelegationKey\n )\n )\n }\n }\n const secureDelegations = Object.fromEntries(\n [rootDelegationInfo, ...otherDelegationsInfo].map(({ canonicalDelegationKey, delegation }) => [canonicalDelegationKey, delegation])\n )\n const keysEquivalences = {\n ...rootDelegationInfo.delegationKeyEquivalences,\n }\n for (const { delegationKeyEquivalences: otherKeyEquivalences } of otherDelegationsInfo) {\n Object.assign(keysEquivalences, otherKeyEquivalences)\n }\n const newExchangeDataMaps = Object.fromEntries(\n otherDelegationsInfo\n .filter(({ encryptedExchangeDataId }) => !!encryptedExchangeDataId)\n .map(({ canonicalAccessControlKey, encryptedExchangeDataId }) => [canonicalAccessControlKey, encryptedExchangeDataId!])\n )\n await this.exchangeDataMapManager.createExchangeDataMaps(newExchangeDataMaps)\n return {\n ...entity,\n securityMetadata: new SecurityMetadata({ secureDelegations, keysEquivalences }),\n }\n }\n\n /**\n * Make a request for sharing an entity with a delegate or to update existing shared metadata by adding additional secretIds, encryptionKeys or\n * owningEntityIds if there is already some metadata shared between the current data owner and the delegate. In case there is already a delegation\n * for the delegate, and it already contains all the provided metadata, this method returns undefined, since there is no need to make any request to\n * share the provided data.\n * @param entityWithType an entity with type\n * @param delegateId the id of the delegate\n * @param shareSecretIds the secret ids to share\n * @param shareEncryptionKeys the encryption keys to share\n * @param shareOwningEntityIds the owning entity ids to share\n * @param newDelegationPermissions the permissions to grant to the delegate in case a new delegation needs to be created. If this method creates an\n * update request instead of a share request, this parameter is ignored.\n * @return the request to share the entity, or the request to update the shared metadata for the entity, or undefined if there is no need to update\n * the entity to allow the delegate to access the provided data.\n */\n async makeShareOrUpdateRequestParams(\n entityWithType: EncryptedEntityWithType,\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n newDelegationPermissions: EntityShareRequest.RequestedPermissionInternal\n ): Promise<EntityShareOrMetadataUpdateRequest | undefined> {\n const exchangeDataInfo = await this.exchangeDataManager.getOrCreateEncryptionDataTo(\n delegateId,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n const accessControlHashes = await this.accessControlSecretUtils.secureDelegationKeysFor(\n exchangeDataInfo.accessControlSecret,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n const existingSecureDelegation = this.getExistingCanonicalKeyAndSecureDelegation(entityWithType.entity, accessControlHashes)\n if (existingSecureDelegation) {\n const updateParams = await this.makeUpdateRequestParams(\n existingSecureDelegation.canonicalKey,\n existingSecureDelegation.secureDelegation,\n exchangeDataInfo,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds\n )\n return updateParams ? { update: updateParams } : undefined\n } else {\n const accessControlKeys = (\n await this.accessControlSecretUtils.accessControlKeysFor(\n exchangeDataInfo.accessControlSecret,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n ).map((x) => ua2hex(x))\n return {\n share: await this.makeShareRequestParams(\n exchangeDataInfo,\n accessControlKeys,\n delegateId,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds,\n newDelegationPermissions\n ),\n }\n }\n }\n\n private async makeUpdateRequestParams(\n canonicalKey: string,\n existingDelegation: SecureDelegation,\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[]\n ): Promise<EntitySharedMetadataUpdateRequest | undefined> {\n const existingSecretIds = new Set(await this.secureDelegationsEncryption.decryptSecretIds(existingDelegation, exchangeDataInfo.exchangeKey))\n const existingEncryptionKeys = new Set(\n await this.secureDelegationsEncryption.decryptEncryptionKeys(existingDelegation, exchangeDataInfo.exchangeKey)\n )\n const existingOwningEntityIds = new Set(\n await this.secureDelegationsEncryption.decryptOwningEntityIds(existingDelegation, exchangeDataInfo.exchangeKey)\n )\n const newSecretIds = shareSecretIds.filter((id) => !existingSecretIds.has(id))\n const newEncryptionKeys = shareEncryptionKeys.filter((key) => !existingEncryptionKeys.has(key))\n const newOwningEntityIds = shareOwningEntityIds.filter((id) => !existingOwningEntityIds.has(id))\n if (newSecretIds.length || newEncryptionKeys.length || newOwningEntityIds.length) {\n const encryptedNewSecretIds = await this.secureDelegationsEncryption.encryptSecretIds(newSecretIds, exchangeDataInfo.exchangeKey)\n const encryptedNewEncryptionKeys = await this.secureDelegationsEncryption.encryptEncryptionKeys(newEncryptionKeys, exchangeDataInfo.exchangeKey)\n const encryptedNewOwningEntityIds = await this.secureDelegationsEncryption.encryptOwningEntityIds(\n newOwningEntityIds,\n exchangeDataInfo.exchangeKey\n )\n return new EntitySharedMetadataUpdateRequest({\n metadataAccessControlHash: canonicalKey,\n secretIds: Object.fromEntries(encryptedNewSecretIds.map((id) => [id, EntryUpdateTypeEnum.CREATE])),\n encryptionKeys: Object.fromEntries(encryptedNewEncryptionKeys.map((key) => [key, EntryUpdateTypeEnum.CREATE])),\n owningEntityIds: Object.fromEntries(encryptedNewOwningEntityIds.map((id) => [id, EntryUpdateTypeEnum.CREATE])),\n })\n } else return undefined\n }\n\n private async makeShareRequestParams(\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n accessControlKeys: string[],\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n newDelegationPermissions: EntityShareRequest.RequestedPermissionInternal\n ): Promise<EntityShareRequest> {\n return new EntityShareRequest({\n ...(await this.makeSecureDelegationEncryptedData(exchangeDataInfo, delegateId, shareSecretIds, shareEncryptionKeys, shareOwningEntityIds)),\n requestedPermissions: newDelegationPermissions,\n accessControlKeys,\n })\n }\n\n private async makeSecureDelegationInfo(\n entity: EncryptedEntityWithType,\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n permissions: AccessLevelEnum,\n parentDelegationKey: string | undefined\n ): Promise<{\n canonicalDelegationKey: string\n canonicalAccessControlKey: string\n delegation: SecureDelegation\n encryptedExchangeDataId: { [fp: string]: string } | undefined\n delegationKeyEquivalences: { [alias: string]: string }\n }> {\n // Be wary of explicit delegator and explicit delegate\n const exchangeDataInfo = await this.exchangeDataManager.getOrCreateEncryptionDataTo(\n delegateId,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n const accessControlHashes = await this.accessControlSecretUtils.secureDelegationKeysFor(\n exchangeDataInfo.accessControlSecret,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n const accessControlKeys = (\n await this.accessControlSecretUtils.accessControlKeysFor(\n exchangeDataInfo.accessControlSecret,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n ).map((x) => ua2hex(x))\n const accessControlKeysToHashes = accessControlKeys\n .map((key, index) => {\n return [key, accessControlHashes[index]]\n })\n .sort((a, b) => a[1].localeCompare(b[1]))\n\n const canonicalKey = accessControlKeysToHashes[0][1]\n const keyEquivalences = Object.fromEntries(accessControlKeysToHashes.slice(1).map((hash) => [hash[1], canonicalKey]))\n const encryptedDelegationInfo = await this.makeSecureDelegationEncryptedData(\n exchangeDataInfo,\n delegateId,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds\n )\n const delegation = new SecureDelegation({\n delegator: encryptedDelegationInfo?.explicitDelegator,\n delegate: encryptedDelegationInfo?.explicitDelegate,\n secretIds: encryptedDelegationInfo?.secretIds,\n encryptionKeys: encryptedDelegationInfo?.encryptionKeys,\n owningEntityIds: encryptedDelegationInfo?.owningEntityIds,\n parentDelegations: parentDelegationKey ? [parentDelegationKey] : undefined,\n exchangeDataId: encryptedDelegationInfo?.exchangeDataId,\n encryptedExchangeDataId: encryptedDelegationInfo?.encryptedExchangeDataId,\n permissions: permissions,\n })\n return {\n canonicalDelegationKey: canonicalKey,\n canonicalAccessControlKey: accessControlKeysToHashes[0][0],\n delegation,\n encryptedExchangeDataId: encryptedDelegationInfo?.encryptedExchangeDataId,\n delegationKeyEquivalences: keyEquivalences,\n }\n }\n\n private async makeSecureDelegationEncryptedData(\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[]\n ): Promise<{\n explicitDelegator?: string\n explicitDelegate?: string\n secretIds?: string[]\n encryptionKeys?: string[]\n owningEntityIds?: string[]\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string } // TODO if secure delegation info, check cache before calculating\n }> {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const exchangeDataIdInfo =\n delegateId === selfId\n ? this.makeExchangeDataIdInfoForSelf(selfId, exchangeDataInfo.exchangeData)\n : await this.makeExchangeDataIdInfoForDelegate(selfId, delegateId, exchangeDataInfo.exchangeData)\n const encryptedSecretIds = await this.secureDelegationsEncryption.encryptSecretIds(shareSecretIds, exchangeDataInfo.exchangeKey)\n const encryptedEncryptionKeys = await this.secureDelegationsEncryption.encryptEncryptionKeys(shareEncryptionKeys, exchangeDataInfo.exchangeKey)\n const encryptedOwningEntityIds = await this.secureDelegationsEncryption.encryptOwningEntityIds(shareOwningEntityIds, exchangeDataInfo.exchangeKey)\n return {\n ...exchangeDataIdInfo,\n secretIds: encryptedSecretIds,\n encryptionKeys: encryptedEncryptionKeys,\n owningEntityIds: encryptedOwningEntityIds,\n }\n }\n\n private async makeExchangeDataIdInfoForDelegate(\n selfId: string,\n delegateId: string,\n exchangeData: ExchangeData\n ): Promise<{\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n explicitDelegator?: string\n explicitDelegate?: string\n }> {\n const delegateInfo = await this.getDataOwnerInfo(delegateId)\n if (!delegateInfo.requiresAnonymousDelegations && !this.selfNeedsAnonymousDelegations) {\n return {\n explicitDelegator: selfId,\n explicitDelegate: delegateId,\n exchangeDataId: exchangeData.id,\n }\n } else if (delegateInfo.requiresAnonymousDelegations && !this.selfNeedsAnonymousDelegations) {\n return {\n explicitDelegator: selfId,\n encryptedExchangeDataId: await this.secureDelegationsEncryption.encryptExchangeDataId(\n exchangeData.id!,\n Object.fromEntries(this.userKeys.getSelfVerifiedKeys().map((keyInfo) => [keyInfo.fingerprint, keyInfo.pair.publicKey]))\n ),\n }\n } else if (!delegateInfo.requiresAnonymousDelegations && this.selfNeedsAnonymousDelegations) {\n const fingerprintsOfVerifiedExchangeData = new Set(Object.keys(exchangeData.exchangeKey))\n const delegateVerifiedKeys: { [fp: string]: CryptoKey } = {}\n for (const keyHex of [...delegateInfo.availablePublicKeysHexWithSha1, ...delegateInfo.availablePublicKeysHexWithSha256]) {\n const currFp = fingerprintV2(keyHex)\n const shaVersion = delegateInfo.availablePublicKeysHexWithSha1.includes(keyHex) ? 'sha-1' : 'sha-256'\n if (fingerprintsOfVerifiedExchangeData.has(currFp)) {\n delegateVerifiedKeys[currFp] = await this.primitives.RSA.importKey('spki', hex2ua(keyHex), ['encrypt'], shaVersion)\n }\n }\n if (!Object.keys(delegateVerifiedKeys).length)\n throw new Error('Illegal state: could not find any verified key for delegate in verified exchange data.')\n return {\n explicitDelegate: delegateId,\n encryptedExchangeDataId: await this.secureDelegationsEncryption.encryptExchangeDataId(exchangeData.id!, delegateVerifiedKeys),\n }\n } else return {}\n }\n\n private makeExchangeDataIdInfoForSelf(\n selfId: string,\n exchangeData: ExchangeData\n ): {\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n explicitDelegator?: string\n explicitDelegate?: string\n } {\n if (this.selfNeedsAnonymousDelegations) {\n return {}\n } else {\n return {\n exchangeDataId: exchangeData.id,\n explicitDelegator: selfId,\n explicitDelegate: selfId,\n }\n }\n }\n\n private async getDataOwnerInfo(dataOwnerId: string) {\n return this.dataOwnerInfoCache.get(dataOwnerId, async () => {\n const dataOwnerWithType = await this.dataOwnerApi.getCryptoActorStub(dataOwnerId)\n return {\n item: {\n requiresAnonymousDelegations: this.cryptoStrategies.dataOwnerRequiresAnonymousDelegation(dataOwnerWithType),\n availablePublicKeysHexWithSha1: Array.from(hexPublicKeysWithSha1Of(dataOwnerWithType.stub)),\n availablePublicKeysHexWithSha256: Array.from(hexPublicKeysWithSha256Of(dataOwnerWithType.stub)),\n },\n }\n })\n }\n\n private getExistingCanonicalKeyAndSecureDelegation(\n entity: EncryptedEntityStub | EncryptedEntity,\n hashes: string[]\n ): { canonicalKey: string; secureDelegation: SecureDelegation } | undefined {\n const securityMetadata = entity.securityMetadata ?? {}\n const canonicalByEquivalences = Array.from(new Set(hashes.flatMap((hash) => securityMetadata.keysEquivalences?.[hash] ?? [])))\n const directRetrievals = hashes.flatMap((hash) => {\n const retrievedMetadata = securityMetadata.secureDelegations?.[hash]\n return retrievedMetadata ? { canonicalKey: hash, secureDelegation: retrievedMetadata } : []\n })\n if (\n directRetrievals.length > 1 ||\n canonicalByEquivalences.length > 1 ||\n (!!canonicalByEquivalences[0] && !!directRetrievals[0]?.canonicalKey && canonicalByEquivalences[0] !== directRetrievals[0]?.canonicalKey)\n )\n throw new Error('Illegal state: multiple secure delegations matching equivalent hashes of entity.')\n const canonicalFromEquivalences = canonicalByEquivalences[0]\n const retrievedFromEquivalences = securityMetadata.secureDelegations?.[canonicalFromEquivalences]\n return (\n directRetrievals[0] ??\n (!!canonicalFromEquivalences && !!retrievedFromEquivalences\n ? { canonicalKey: canonicalFromEquivalences, secureDelegation: retrievedFromEquivalences }\n : undefined)\n )\n }\n}\n"]}
1
+ {"version":3,"file":"SecureDelegationsManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/SecureDelegationsManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wFAAoF;AAKpF,oFAA6E;AAC7E,mCAA2F;AAK3F,oCAAyC;AAIzC,2EAAuE;AACvE,sHAAkH;AAClH,IAAO,mBAAmB,GAAG,qEAAiC,CAAC,mBAAmB,CAAA;AAClF,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AACzD,2EAAuE;AAGvE,MAAa,wBAAwB;IACnC,YACmB,mBAAwC,EACxC,sBAA8C,EAC9C,2BAAwD,EACxD,wBAAkD,EAClD,QAAmC,EACnC,UAA4B,EAC5B,YAA8B,EAC9B,gBAAkC,EAClC,6BAAsC;QARtC,wBAAmB,GAAnB,mBAAmB,CAAqB;QACxC,2BAAsB,GAAtB,sBAAsB,CAAwB;QAC9C,gCAA2B,GAA3B,2BAA2B,CAA6B;QACxD,6BAAwB,GAAxB,wBAAwB,CAA0B;QAClD,aAAQ,GAAR,QAAQ,CAA2B;QACnC,eAAU,GAAV,UAAU,CAAkB;QAC5B,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,qBAAgB,GAAhB,gBAAgB,CAAkB;QAClC,kCAA6B,GAA7B,6BAA6B,CAAS;QAGxC,uBAAkB,GAO/B,IAAI,oDAAuB,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAA;IATvD,CAAC;IAWJ;;;;;;;;;;OAUG;IACG,sCAAsC,CAC1C,MAA2C,EAC3C,UAAwC,EACxC,SAAmB,EACnB,eAAyB,EACzB,cAAwB,EACxB,eAA2E;;YAE3E,MAAM,cAAc,GAA4B,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;YAC5E,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAC5D,cAAc,EACd,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,SAAS,EACT,cAAc,EACd,eAAe,EACf,eAAe,CAAC,KAAK,EACrB,SAAS,CACV,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,oBAAoB,GAMpB,EAAE,CAAA;YACR,KAAK,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;gBACvE,IAAI,UAAU,KAAK,MAAM,EAAE;oBACzB,oBAAoB,CAAC,IAAI,CACvB,MAAM,IAAI,CAAC,wBAAwB,CACjC,cAAc,EACd,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,WAAW,EACX,kBAAkB,CAAC,sBAAsB,CAC1C,CACF,CAAA;iBACF;aACF;YACD,MAAM,iBAAiB,GAAG,MAAM,CAAC,WAAW,CAC1C,CAAC,kBAAkB,EAAE,GAAG,oBAAoB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,sBAAsB,EAAE,UAAU,CAAC,CAAC,CACpI,CAAA;YACD,MAAM,gBAAgB,qBACjB,kBAAkB,CAAC,yBAAyB,CAChD,CAAA;YACD,KAAK,MAAM,EAAE,yBAAyB,EAAE,oBAAoB,EAAE,IAAI,oBAAoB,EAAE;gBACtF,MAAM,CAAC,MAAM,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,CAAA;aACtD;YACD,MAAM,mBAAmB,GAAG,MAAM,CAAC,WAAW,CAC5C,oBAAoB;iBACjB,MAAM,CAAC,CAAC,EAAE,uBAAuB,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,uBAAuB,CAAC;iBAClE,GAAG,CAAC,CAAC,EAAE,yBAAyB,EAAE,uBAAuB,EAAE,EAAE,EAAE,CAAC,CAAC,yBAAyB,EAAE,uBAAwB,CAAC,CAAC,CAC1H,CAAA;YACD,MAAM,IAAI,CAAC,sBAAsB,CAAC,sBAAsB,CAAC,mBAAmB,CAAC,CAAA;YAC7E,uCACK,MAAM,KACT,gBAAgB,EAAE,IAAI,mCAAgB,CAAC,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC,IAChF;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,8BAA8B,CAClC,cAAuC,EACvC,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,wBAAwE;;;YAExE,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CACjF,UAAU,EACV,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CAAA;YACD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,uBAAuB,CACrF,gBAAgB,CAAC,mBAAmB,EACpC,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CAAA;YACD,MAAM,wBAAwB,GAAG,IAAI,CAAC,0CAA0C,CAAC,cAAc,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAA;YAC5H,IAAI,wBAAwB,EAAE;gBAC5B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,uBAAuB,CACrD,wBAAwB,CAAC,YAAY,EACrC,wBAAwB,CAAC,gBAAgB,EACzC,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EACnB,oBAAoB,CACrB,CAAA;gBACD,OAAO,YAAY,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;aAC3D;iBAAM;gBACL,MAAM,iBAAiB,GAAG,CACxB,MAAM,IAAI,CAAC,wBAAwB,CAAC,oBAAoB,CACtD,gBAAgB,CAAC,mBAAmB,EACpC,cAAc,CAAC,IAAI,EACnB,MAAA,cAAc,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CAC9C,CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,cAAM,EAAC,CAAC,CAAC,CAAC,CAAA;gBACvB,OAAO;oBACL,KAAK,EAAE,MAAM,IAAI,CAAC,sBAAsB,CACtC,gBAAgB,EAChB,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,wBAAwB,CACzB;iBACF,CAAA;aACF;;KACF;IAEa,uBAAuB,CACnC,YAAoB,EACpB,kBAAoC,EACpC,gBAAqG,EACrG,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B;;YAE9B,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAA;YAC5I,MAAM,sBAAsB,GAAG,IAAI,GAAG,CACpC,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAC/G,CAAA;YACD,MAAM,uBAAuB,GAAG,IAAI,GAAG,CACrC,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAChH,CAAA;YACD,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;YAC9E,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAA;YAC/F,MAAM,kBAAkB,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,uBAAuB,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;YAChG,IAAI,YAAY,CAAC,MAAM,IAAI,iBAAiB,CAAC,MAAM,IAAI,kBAAkB,CAAC,MAAM,EAAE;gBAChF,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,YAAY,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;gBACjI,MAAM,0BAA0B,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;gBAChJ,MAAM,2BAA2B,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAC/F,kBAAkB,EAClB,gBAAgB,CAAC,WAAW,CAC7B,CAAA;gBACD,OAAO,IAAI,qEAAiC,CAAC;oBAC3C,yBAAyB,EAAE,YAAY;oBACvC,SAAS,EAAE,MAAM,CAAC,WAAW,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;oBAClG,cAAc,EAAE,MAAM,CAAC,WAAW,CAAC,0BAA0B,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC9G,eAAe,EAAE,MAAM,CAAC,WAAW,CAAC,2BAA2B,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;iBAC/G,CAAC,CAAA;aACH;;gBAAM,OAAO,SAAS,CAAA;QACzB,CAAC;KAAA;IAEa,sBAAsB,CAClC,gBAAqG,EACrG,iBAA2B,EAC3B,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,wBAAwE;;YAExE,OAAO,IAAI,uCAAkB,iCACxB,CAAC,MAAM,IAAI,CAAC,iCAAiC,CAAC,gBAAgB,EAAE,UAAU,EAAE,cAAc,EAAE,mBAAmB,EAAE,oBAAoB,CAAC,CAAC,KAC1I,oBAAoB,EAAE,wBAAwB,EAC9C,iBAAiB,IACjB,CAAA;QACJ,CAAC;KAAA;IAEa,wBAAwB,CACpC,MAA+B,EAC/B,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B,EAC9B,WAA4B,EAC5B,mBAAuC;;;YAQvC,sDAAsD;YACtD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,2BAA2B,CACjF,UAAU,EACV,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CAAA;YACD,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,uBAAuB,CACrF,gBAAgB,CAAC,mBAAmB,EACpC,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CAAA;YACD,MAAM,iBAAiB,GAAG,CACxB,MAAM,IAAI,CAAC,wBAAwB,CAAC,oBAAoB,CACtD,gBAAgB,CAAC,mBAAmB,EACpC,MAAM,CAAC,IAAI,EACX,MAAA,MAAM,CAAC,MAAM,CAAC,iBAAiB,mCAAI,EAAE,CACtC,CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,cAAM,EAAC,CAAC,CAAC,CAAC,CAAA;YACvB,MAAM,yBAAyB,GAAG,iBAAiB;iBAChD,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;gBAClB,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAA;YAC1C,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAE3C,MAAM,YAAY,GAAG,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YACpD,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,CAAA;YACrH,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAC1E,gBAAgB,EAChB,UAAU,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,CACrB,CAAA;YACD,MAAM,UAAU,GAAG,IAAI,mCAAgB,CAAC;gBACtC,SAAS,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,iBAAiB;gBACrD,QAAQ,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,gBAAgB;gBACnD,SAAS,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,SAAS;gBAC7C,cAAc,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,cAAc;gBACvD,eAAe,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,eAAe;gBACzD,iBAAiB,EAAE,mBAAmB,CAAC,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC1E,cAAc,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,cAAc;gBACvD,uBAAuB,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,uBAAuB;gBACzE,WAAW,EAAE,WAAW;aACzB,CAAC,CAAA;YACF,OAAO;gBACL,sBAAsB,EAAE,YAAY;gBACpC,yBAAyB,EAAE,yBAAyB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1D,UAAU;gBACV,uBAAuB,EAAE,uBAAuB,aAAvB,uBAAuB,uBAAvB,uBAAuB,CAAE,uBAAuB;gBACzE,yBAAyB,EAAE,eAAe;aAC3C,CAAA;;KACF;IAEa,iCAAiC,CAC7C,gBAAqG,EACrG,UAAkB,EAClB,cAAwB,EACxB,mBAA6B,EAC7B,oBAA8B;;YAU9B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,kBAAkB,GACtB,UAAU,KAAK,MAAM;gBACnB,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,MAAM,EAAE,gBAAgB,CAAC,YAAY,CAAC;gBAC3E,CAAC,CAAC,MAAM,IAAI,CAAC,iCAAiC,CAAC,MAAM,EAAE,UAAU,EAAE,gBAAgB,CAAC,YAAY,CAAC,CAAA;YACrG,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,gBAAgB,CAAC,cAAc,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAChI,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAC/I,MAAM,wBAAwB,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,gBAAgB,CAAC,WAAW,CAAC,CAAA;YAClJ,uCACK,kBAAkB,KACrB,SAAS,EAAE,kBAAkB,EAC7B,cAAc,EAAE,uBAAuB,EACvC,eAAe,EAAE,wBAAwB,IAC1C;QACH,CAAC;KAAA;IAEa,iCAAiC,CAC7C,MAAc,EACd,UAAkB,EAClB,YAA0B;;YAO1B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAA;YAC5D,IAAI,CAAC,YAAY,CAAC,4BAA4B,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACrF,OAAO;oBACL,iBAAiB,EAAE,MAAM;oBACzB,gBAAgB,EAAE,UAAU;oBAC5B,cAAc,EAAE,YAAY,CAAC,EAAE;iBAChC,CAAA;aACF;iBAAM,IAAI,YAAY,CAAC,4BAA4B,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBAC3F,OAAO;oBACL,iBAAiB,EAAE,MAAM;oBACzB,uBAAuB,EAAE,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CACnF,YAAY,CAAC,EAAG,EAChB,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CACxH;iBACF,CAAA;aACF;iBAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,IAAI,IAAI,CAAC,6BAA6B,EAAE;gBAC3F;;mBAEG;gBACH,MAAM,kCAAkC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAA;gBACzF,MAAM,oBAAoB,GAAgC,EAAE,CAAA;gBAC5D,KAAK,MAAM,MAAM,IAAI,CAAC,GAAG,YAAY,CAAC,8BAA8B,EAAE,GAAG,YAAY,CAAC,gCAAgC,CAAC,EAAE;oBACvH,MAAM,MAAM,GAAG,IAAA,qBAAa,EAAC,MAAM,CAAC,CAAA;oBACpC,MAAM,UAAU,GAAG,YAAY,CAAC,8BAA8B,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;oBACrG,IAAI,kCAAkC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;wBAClD,oBAAoB,CAAC,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAA;qBACpH;iBACF;gBACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM;oBAC3C,MAAM,IAAI,KAAK,CAAC,wFAAwF,CAAC,CAAA;gBAC3G,OAAO;oBACL,gBAAgB,EAAE,UAAU;oBAC5B,uBAAuB,EAAE,MAAM,IAAI,CAAC,2BAA2B,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAG,EAAE,oBAAoB,CAAC;iBAC9H,CAAA;aACF;;gBAAM,OAAO,EAAE,CAAA;QAClB,CAAC;KAAA;IAEO,6BAA6B,CACnC,MAAc,EACd,YAA0B;QAO1B,IAAI,IAAI,CAAC,6BAA6B,EAAE;YACtC,OAAO,EAAE,CAAA;SACV;aAAM;YACL,OAAO;gBACL,cAAc,EAAE,YAAY,CAAC,EAAE;gBAC/B,iBAAiB,EAAE,MAAM;gBACzB,gBAAgB,EAAE,MAAM;aACzB,CAAA;SACF;IACH,CAAC;IAEa,gBAAgB,CAAC,WAAmB;;YAChD,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,WAAW,EAAE,GAAS,EAAE;gBACzD,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAA;gBACjF,OAAO;oBACL,IAAI,EAAE;wBACJ,4BAA4B,EAAE,IAAI,CAAC,gBAAgB,CAAC,oCAAoC,CAAC,iBAAiB,CAAC;wBAC3G,8BAA8B,EAAE,KAAK,CAAC,IAAI,CAAC,IAAA,+BAAuB,EAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;wBAC3F,gCAAgC,EAAE,KAAK,CAAC,IAAI,CAAC,IAAA,iCAAyB,EAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;qBAChG;iBACF,CAAA;YACH,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC;KAAA;IAEO,0CAA0C,CAChD,MAA6C,EAC7C,MAAgB;;QAEhB,MAAM,gBAAgB,GAAG,MAAA,MAAM,CAAC,gBAAgB,mCAAI,EAAE,CAAA;QACtD,MAAM,uBAAuB,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,eAAC,OAAA,MAAA,MAAA,gBAAgB,CAAC,gBAAgB,0CAAG,IAAI,CAAC,mCAAI,EAAE,CAAA,EAAA,CAAC,CAAC,CAAC,CAAA;QAC9H,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;;YAC/C,MAAM,iBAAiB,GAAG,MAAA,gBAAgB,CAAC,iBAAiB,0CAAG,IAAI,CAAC,CAAA;YACpE,OAAO,iBAAiB,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAA;QAC7F,CAAC,CAAC,CAAA;QACF,IACE,gBAAgB,CAAC,MAAM,GAAG,CAAC;YAC3B,uBAAuB,CAAC,MAAM,GAAG,CAAC;YAClC,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA,MAAA,gBAAgB,CAAC,CAAC,CAAC,0CAAE,YAAY,CAAA,IAAI,uBAAuB,CAAC,CAAC,CAAC,MAAK,MAAA,gBAAgB,CAAC,CAAC,CAAC,0CAAE,YAAY,CAAA,CAAC;YAEzI,MAAM,IAAI,KAAK,CAAC,kFAAkF,CAAC,CAAA;QACrG,MAAM,yBAAyB,GAAG,uBAAuB,CAAC,CAAC,CAAC,CAAA;QAC5D,MAAM,yBAAyB,GAAG,MAAA,gBAAgB,CAAC,iBAAiB,0CAAG,yBAAyB,CAAC,CAAA;QACjG,OAAO,CACL,MAAA,gBAAgB,CAAC,CAAC,CAAC,mCACnB,CAAC,CAAC,CAAC,yBAAyB,IAAI,CAAC,CAAC,yBAAyB;YACzD,CAAC,CAAC,EAAE,YAAY,EAAE,yBAAyB,EAAE,gBAAgB,EAAE,yBAAyB,EAAE;YAC1F,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;IACH,CAAC;CACF;AA/ZD,4DA+ZC","sourcesContent":["import { EntityShareRequest } from '../../icc-api/model/requests/EntityShareRequest'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { UserEncryptionKeysManager } from './UserEncryptionKeysManager'\nimport { CryptoStrategies } from './CryptoStrategies'\nimport { EncryptedEntityWithType, EntityWithDelegationTypeName } from '../utils/EntityWithDelegationTypeName'\nimport { LruTemporisedAsyncCache } from '../utils/lru-temporised-async-cache'\nimport { fingerprintV2, hexPublicKeysWithSha1Of, hexPublicKeysWithSha256Of } from './utils'\nimport { ExchangeDataManager } from './ExchangeDataManager'\nimport { ExchangeData } from '../../icc-api/model/internal/ExchangeData'\nimport { SecureDelegationsEncryption } from './SecureDelegationsEncryption'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, ua2hex } from '../utils'\nimport { AccessControlSecretUtils } from './AccessControlSecretUtils'\nimport { EntityShareOrMetadataUpdateRequest } from '../../icc-api/model/requests/EntityShareOrMetadataUpdateRequest'\nimport { EncryptedEntity, EncryptedEntityStub } from '../../icc-api/model/models'\nimport { SecureDelegation } from '../../icc-api/model/SecureDelegation'\nimport { EntitySharedMetadataUpdateRequest } from '../../icc-api/model/requests/EntitySharedMetadataUpdateRequest'\nimport EntryUpdateTypeEnum = EntitySharedMetadataUpdateRequest.EntryUpdateTypeEnum\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { SecurityMetadata } from '../../icc-api/model/SecurityMetadata'\nimport { ExchangeDataMapManager } from './ExchangeDataMapManager'\n\nexport class SecureDelegationsManager {\n constructor(\n private readonly exchangeDataManager: ExchangeDataManager,\n private readonly exchangeDataMapManager: ExchangeDataMapManager,\n private readonly secureDelegationsEncryption: SecureDelegationsEncryption,\n private readonly accessControlSecretUtils: AccessControlSecretUtils,\n private readonly userKeys: UserEncryptionKeysManager,\n private readonly primitives: CryptoPrimitives,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly cryptoStrategies: CryptoStrategies,\n private readonly selfNeedsAnonymousDelegations: boolean\n ) {}\n\n private readonly dataOwnerInfoCache: LruTemporisedAsyncCache<\n string,\n {\n requiresAnonymousDelegations: boolean\n availablePublicKeysHexWithSha1: string[]\n availablePublicKeysHexWithSha256: string[]\n }\n > = new LruTemporisedAsyncCache(100, () => 30 * 60 * 1000)\n\n /**\n * Note: this method does not save the updated entity.\n * @param entity an entity, must already have secret foreign keys initialised.\n * @param entityType the type of the entity\n * @param secretIds the initial secret ids to include and share with the auto-delegations\n * @param owningEntityIds the initial owning entity ids to include and share with the auto-delegations\n * @param encryptionKeys the initial encryption keys to include and share with the auto-delegations\n * @param autoDelegations the data owners which will initially have access to the entity in addition to the current data owner and the access level\n * they will have on the entity.\n * @return the entity with the security metadata initialised for the provided parameters.\n */\n async entityWithInitialisedEncryptedMetadata<T extends EncryptedEntity>(\n entity: T & { secretForeignKeys: string[] },\n entityType: EntityWithDelegationTypeName,\n secretIds: string[],\n owningEntityIds: string[],\n encryptionKeys: string[],\n autoDelegations: { [delegateId: string]: SecureDelegation.AccessLevelEnum }\n ): Promise<T> {\n const entityWithType: EncryptedEntityWithType = { entity, type: entityType }\n const rootDelegationInfo = await this.makeSecureDelegationInfo(\n entityWithType,\n await this.dataOwnerApi.getCurrentDataOwnerId(),\n secretIds,\n encryptionKeys,\n owningEntityIds,\n AccessLevelEnum.WRITE,\n undefined\n )\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const otherDelegationsInfo: {\n canonicalDelegationKey: string\n canonicalAccessControlKey: string\n delegation: SecureDelegation\n delegationKeyEquivalences: { [p: string]: string }\n encryptedExchangeDataId: { [fp: string]: string } | undefined\n }[] = []\n for (const [delegateId, permissions] of Object.entries(autoDelegations)) {\n if (delegateId !== selfId) {\n otherDelegationsInfo.push(\n await this.makeSecureDelegationInfo(\n entityWithType,\n delegateId,\n secretIds,\n encryptionKeys,\n owningEntityIds,\n permissions,\n rootDelegationInfo.canonicalDelegationKey\n )\n )\n }\n }\n const secureDelegations = Object.fromEntries(\n [rootDelegationInfo, ...otherDelegationsInfo].map(({ canonicalDelegationKey, delegation }) => [canonicalDelegationKey, delegation])\n )\n const keysEquivalences = {\n ...rootDelegationInfo.delegationKeyEquivalences,\n }\n for (const { delegationKeyEquivalences: otherKeyEquivalences } of otherDelegationsInfo) {\n Object.assign(keysEquivalences, otherKeyEquivalences)\n }\n const newExchangeDataMaps = Object.fromEntries(\n otherDelegationsInfo\n .filter(({ encryptedExchangeDataId }) => !!encryptedExchangeDataId)\n .map(({ canonicalAccessControlKey, encryptedExchangeDataId }) => [canonicalAccessControlKey, encryptedExchangeDataId!])\n )\n await this.exchangeDataMapManager.createExchangeDataMaps(newExchangeDataMaps)\n return {\n ...entity,\n securityMetadata: new SecurityMetadata({ secureDelegations, keysEquivalences }),\n }\n }\n\n /**\n * Make a request for sharing an entity with a delegate or to update existing shared metadata by adding additional secretIds, encryptionKeys or\n * owningEntityIds if there is already some metadata shared between the current data owner and the delegate. In case there is already a delegation\n * for the delegate, and it already contains all the provided metadata, this method returns undefined, since there is no need to make any request to\n * share the provided data.\n * @param entityWithType an entity with type\n * @param delegateId the id of the delegate\n * @param shareSecretIds the secret ids to share\n * @param shareEncryptionKeys the encryption keys to share\n * @param shareOwningEntityIds the owning entity ids to share\n * @param newDelegationPermissions the permissions to grant to the delegate in case a new delegation needs to be created. If this method creates an\n * update request instead of a share request, this parameter is ignored.\n * @return the request to share the entity, or the request to update the shared metadata for the entity, or undefined if there is no need to update\n * the entity to allow the delegate to access the provided data.\n */\n async makeShareOrUpdateRequestParams(\n entityWithType: EncryptedEntityWithType,\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n newDelegationPermissions: EntityShareRequest.RequestedPermissionInternal\n ): Promise<EntityShareOrMetadataUpdateRequest | undefined> {\n const exchangeDataInfo = await this.exchangeDataManager.getOrCreateEncryptionDataTo(\n delegateId,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n const accessControlHashes = await this.accessControlSecretUtils.secureDelegationKeysFor(\n exchangeDataInfo.accessControlSecret,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n const existingSecureDelegation = this.getExistingCanonicalKeyAndSecureDelegation(entityWithType.entity, accessControlHashes)\n if (existingSecureDelegation) {\n const updateParams = await this.makeUpdateRequestParams(\n existingSecureDelegation.canonicalKey,\n existingSecureDelegation.secureDelegation,\n exchangeDataInfo,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds\n )\n return updateParams ? { update: updateParams } : undefined\n } else {\n const accessControlKeys = (\n await this.accessControlSecretUtils.accessControlKeysFor(\n exchangeDataInfo.accessControlSecret,\n entityWithType.type,\n entityWithType.entity.secretForeignKeys ?? []\n )\n ).map((x) => ua2hex(x))\n return {\n share: await this.makeShareRequestParams(\n exchangeDataInfo,\n accessControlKeys,\n delegateId,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds,\n newDelegationPermissions\n ),\n }\n }\n }\n\n private async makeUpdateRequestParams(\n canonicalKey: string,\n existingDelegation: SecureDelegation,\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[]\n ): Promise<EntitySharedMetadataUpdateRequest | undefined> {\n const existingSecretIds = new Set(await this.secureDelegationsEncryption.decryptSecretIds(existingDelegation, exchangeDataInfo.exchangeKey))\n const existingEncryptionKeys = new Set(\n await this.secureDelegationsEncryption.decryptEncryptionKeys(existingDelegation, exchangeDataInfo.exchangeKey)\n )\n const existingOwningEntityIds = new Set(\n await this.secureDelegationsEncryption.decryptOwningEntityIds(existingDelegation, exchangeDataInfo.exchangeKey)\n )\n const newSecretIds = shareSecretIds.filter((id) => !existingSecretIds.has(id))\n const newEncryptionKeys = shareEncryptionKeys.filter((key) => !existingEncryptionKeys.has(key))\n const newOwningEntityIds = shareOwningEntityIds.filter((id) => !existingOwningEntityIds.has(id))\n if (newSecretIds.length || newEncryptionKeys.length || newOwningEntityIds.length) {\n const encryptedNewSecretIds = await this.secureDelegationsEncryption.encryptSecretIds(newSecretIds, exchangeDataInfo.exchangeKey)\n const encryptedNewEncryptionKeys = await this.secureDelegationsEncryption.encryptEncryptionKeys(newEncryptionKeys, exchangeDataInfo.exchangeKey)\n const encryptedNewOwningEntityIds = await this.secureDelegationsEncryption.encryptOwningEntityIds(\n newOwningEntityIds,\n exchangeDataInfo.exchangeKey\n )\n return new EntitySharedMetadataUpdateRequest({\n metadataAccessControlHash: canonicalKey,\n secretIds: Object.fromEntries(encryptedNewSecretIds.map((id) => [id, EntryUpdateTypeEnum.CREATE])),\n encryptionKeys: Object.fromEntries(encryptedNewEncryptionKeys.map((key) => [key, EntryUpdateTypeEnum.CREATE])),\n owningEntityIds: Object.fromEntries(encryptedNewOwningEntityIds.map((id) => [id, EntryUpdateTypeEnum.CREATE])),\n })\n } else return undefined\n }\n\n private async makeShareRequestParams(\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n accessControlKeys: string[],\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n newDelegationPermissions: EntityShareRequest.RequestedPermissionInternal\n ): Promise<EntityShareRequest> {\n return new EntityShareRequest({\n ...(await this.makeSecureDelegationEncryptedData(exchangeDataInfo, delegateId, shareSecretIds, shareEncryptionKeys, shareOwningEntityIds)),\n requestedPermissions: newDelegationPermissions,\n accessControlKeys,\n })\n }\n\n private async makeSecureDelegationInfo(\n entity: EncryptedEntityWithType,\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[],\n permissions: AccessLevelEnum,\n parentDelegationKey: string | undefined\n ): Promise<{\n canonicalDelegationKey: string\n canonicalAccessControlKey: string\n delegation: SecureDelegation\n encryptedExchangeDataId: { [fp: string]: string } | undefined\n delegationKeyEquivalences: { [alias: string]: string }\n }> {\n // Be wary of explicit delegator and explicit delegate\n const exchangeDataInfo = await this.exchangeDataManager.getOrCreateEncryptionDataTo(\n delegateId,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n const accessControlHashes = await this.accessControlSecretUtils.secureDelegationKeysFor(\n exchangeDataInfo.accessControlSecret,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n const accessControlKeys = (\n await this.accessControlSecretUtils.accessControlKeysFor(\n exchangeDataInfo.accessControlSecret,\n entity.type,\n entity.entity.secretForeignKeys ?? []\n )\n ).map((x) => ua2hex(x))\n const accessControlKeysToHashes = accessControlKeys\n .map((key, index) => {\n return [key, accessControlHashes[index]]\n })\n .sort((a, b) => a[1].localeCompare(b[1]))\n\n const canonicalKey = accessControlKeysToHashes[0][1]\n const keyEquivalences = Object.fromEntries(accessControlKeysToHashes.slice(1).map((hash) => [hash[1], canonicalKey]))\n const encryptedDelegationInfo = await this.makeSecureDelegationEncryptedData(\n exchangeDataInfo,\n delegateId,\n shareSecretIds,\n shareEncryptionKeys,\n shareOwningEntityIds\n )\n const delegation = new SecureDelegation({\n delegator: encryptedDelegationInfo?.explicitDelegator,\n delegate: encryptedDelegationInfo?.explicitDelegate,\n secretIds: encryptedDelegationInfo?.secretIds,\n encryptionKeys: encryptedDelegationInfo?.encryptionKeys,\n owningEntityIds: encryptedDelegationInfo?.owningEntityIds,\n parentDelegations: parentDelegationKey ? [parentDelegationKey] : undefined,\n exchangeDataId: encryptedDelegationInfo?.exchangeDataId,\n encryptedExchangeDataId: encryptedDelegationInfo?.encryptedExchangeDataId,\n permissions: permissions,\n })\n return {\n canonicalDelegationKey: canonicalKey,\n canonicalAccessControlKey: accessControlKeysToHashes[0][0],\n delegation,\n encryptedExchangeDataId: encryptedDelegationInfo?.encryptedExchangeDataId,\n delegationKeyEquivalences: keyEquivalences,\n }\n }\n\n private async makeSecureDelegationEncryptedData(\n exchangeDataInfo: { exchangeData: ExchangeData; accessControlSecret: string; exchangeKey: CryptoKey },\n delegateId: string,\n shareSecretIds: string[],\n shareEncryptionKeys: string[],\n shareOwningEntityIds: string[]\n ): Promise<{\n explicitDelegator?: string\n explicitDelegate?: string\n secretIds?: string[]\n encryptionKeys?: string[]\n owningEntityIds?: string[]\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string } // TODO if secure delegation info, check cache before calculating\n }> {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const exchangeDataIdInfo =\n delegateId === selfId\n ? this.makeExchangeDataIdInfoForSelf(selfId, exchangeDataInfo.exchangeData)\n : await this.makeExchangeDataIdInfoForDelegate(selfId, delegateId, exchangeDataInfo.exchangeData)\n const encryptedSecretIds = await this.secureDelegationsEncryption.encryptSecretIds(shareSecretIds, exchangeDataInfo.exchangeKey)\n const encryptedEncryptionKeys = await this.secureDelegationsEncryption.encryptEncryptionKeys(shareEncryptionKeys, exchangeDataInfo.exchangeKey)\n const encryptedOwningEntityIds = await this.secureDelegationsEncryption.encryptOwningEntityIds(shareOwningEntityIds, exchangeDataInfo.exchangeKey)\n return {\n ...exchangeDataIdInfo,\n secretIds: encryptedSecretIds,\n encryptionKeys: encryptedEncryptionKeys,\n owningEntityIds: encryptedOwningEntityIds,\n }\n }\n\n private async makeExchangeDataIdInfoForDelegate(\n selfId: string,\n delegateId: string,\n exchangeData: ExchangeData\n ): Promise<{\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n explicitDelegator?: string\n explicitDelegate?: string\n }> {\n const delegateInfo = await this.getDataOwnerInfo(delegateId)\n if (!delegateInfo.requiresAnonymousDelegations && !this.selfNeedsAnonymousDelegations) {\n return {\n explicitDelegator: selfId,\n explicitDelegate: delegateId,\n exchangeDataId: exchangeData.id,\n }\n } else if (delegateInfo.requiresAnonymousDelegations && !this.selfNeedsAnonymousDelegations) {\n return {\n explicitDelegator: selfId,\n encryptedExchangeDataId: await this.secureDelegationsEncryption.encryptExchangeDataId(\n exchangeData.id!,\n Object.fromEntries(this.userKeys.getSelfVerifiedKeys().map((keyInfo) => [keyInfo.fingerprint, keyInfo.pair.publicKey]))\n ),\n }\n } else if (!delegateInfo.requiresAnonymousDelegations && this.selfNeedsAnonymousDelegations) {\n /**\n * Important: this requires that the exchange data signature also validates the authenticity of the public keys included in there.\n */\n const fingerprintsOfVerifiedExchangeData = new Set(Object.keys(exchangeData.exchangeKey))\n const delegateVerifiedKeys: { [fp: string]: CryptoKey } = {}\n for (const keyHex of [...delegateInfo.availablePublicKeysHexWithSha1, ...delegateInfo.availablePublicKeysHexWithSha256]) {\n const currFp = fingerprintV2(keyHex)\n const shaVersion = delegateInfo.availablePublicKeysHexWithSha1.includes(keyHex) ? 'sha-1' : 'sha-256'\n if (fingerprintsOfVerifiedExchangeData.has(currFp)) {\n delegateVerifiedKeys[currFp] = await this.primitives.RSA.importKey('spki', hex2ua(keyHex), ['encrypt'], shaVersion)\n }\n }\n if (!Object.keys(delegateVerifiedKeys).length)\n throw new Error('Illegal state: could not find any verified key for delegate in verified exchange data.')\n return {\n explicitDelegate: delegateId,\n encryptedExchangeDataId: await this.secureDelegationsEncryption.encryptExchangeDataId(exchangeData.id!, delegateVerifiedKeys),\n }\n } else return {}\n }\n\n private makeExchangeDataIdInfoForSelf(\n selfId: string,\n exchangeData: ExchangeData\n ): {\n exchangeDataId?: string\n encryptedExchangeDataId?: { [fp: string]: string }\n explicitDelegator?: string\n explicitDelegate?: string\n } {\n if (this.selfNeedsAnonymousDelegations) {\n return {}\n } else {\n return {\n exchangeDataId: exchangeData.id,\n explicitDelegator: selfId,\n explicitDelegate: selfId,\n }\n }\n }\n\n private async getDataOwnerInfo(dataOwnerId: string) {\n return this.dataOwnerInfoCache.get(dataOwnerId, async () => {\n const dataOwnerWithType = await this.dataOwnerApi.getCryptoActorStub(dataOwnerId)\n return {\n item: {\n requiresAnonymousDelegations: this.cryptoStrategies.dataOwnerRequiresAnonymousDelegation(dataOwnerWithType),\n availablePublicKeysHexWithSha1: Array.from(hexPublicKeysWithSha1Of(dataOwnerWithType.stub)),\n availablePublicKeysHexWithSha256: Array.from(hexPublicKeysWithSha256Of(dataOwnerWithType.stub)),\n },\n }\n })\n }\n\n private getExistingCanonicalKeyAndSecureDelegation(\n entity: EncryptedEntityStub | EncryptedEntity,\n hashes: string[]\n ): { canonicalKey: string; secureDelegation: SecureDelegation } | undefined {\n const securityMetadata = entity.securityMetadata ?? {}\n const canonicalByEquivalences = Array.from(new Set(hashes.flatMap((hash) => securityMetadata.keysEquivalences?.[hash] ?? [])))\n const directRetrievals = hashes.flatMap((hash) => {\n const retrievedMetadata = securityMetadata.secureDelegations?.[hash]\n return retrievedMetadata ? { canonicalKey: hash, secureDelegation: retrievedMetadata } : []\n })\n if (\n directRetrievals.length > 1 ||\n canonicalByEquivalences.length > 1 ||\n (!!canonicalByEquivalences[0] && !!directRetrievals[0]?.canonicalKey && canonicalByEquivalences[0] !== directRetrievals[0]?.canonicalKey)\n )\n throw new Error('Illegal state: multiple secure delegations matching equivalent hashes of entity.')\n const canonicalFromEquivalences = canonicalByEquivalences[0]\n const retrievedFromEquivalences = securityMetadata.secureDelegations?.[canonicalFromEquivalences]\n return (\n directRetrievals[0] ??\n (!!canonicalFromEquivalences && !!retrievedFromEquivalences\n ? { canonicalKey: canonicalFromEquivalences, secureDelegation: retrievedFromEquivalences }\n : undefined)\n )\n }\n}\n"]}
@@ -19,7 +19,7 @@ export declare class UserSignatureKeysManager {
19
19
  /**
20
20
  * Get all available keys which can be used to verify the authenticity of a signature which should have been created
21
21
  * by the current data owner.
22
- * @param fingerprint
22
+ * @param fingerprint v1 fingerprint of the key to retrieve.
23
23
  * @return all available verification keys by fingerprint.
24
24
  */
25
25
  getSignatureVerificationKey(fingerprint: string): Promise<CryptoKey | undefined>;
@@ -53,7 +53,7 @@ class UserSignatureKeysManager {
53
53
  /**
54
54
  * Get all available keys which can be used to verify the authenticity of a signature which should have been created
55
55
  * by the current data owner.
56
- * @param fingerprint
56
+ * @param fingerprint v1 fingerprint of the key to retrieve.
57
57
  * @return all available verification keys by fingerprint.
58
58
  */
59
59
  getSignatureVerificationKey(fingerprint) {
@@ -63,7 +63,7 @@ class UserSignatureKeysManager {
63
63
  return cached;
64
64
  const loaded = yield this.iCureStorage.loadSignatureVerificationKey(yield this.dataOwnerApi.getCurrentDataOwnerId(), fingerprint);
65
65
  if (loaded) {
66
- const imported = yield this.primitives.RSA.importKey('jwk', loaded, ['verify'], 'sha-256');
66
+ const imported = yield this.primitives.RSA.importVerificationKey('jwk', loaded);
67
67
  this.verificationKeysCache.set(fingerprint, imported);
68
68
  return imported;
69
69
  }
@@ -1 +1 @@
1
- {"version":3,"file":"UserSignatureKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/UserSignatureKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,oCAAmD;AAEnD,mCAAuC;AAEvC,MAAa,wBAAwB;IACnC,YACmB,YAAgC,EAChC,YAA8B,EAC9B,UAA4B;QAF5B,iBAAY,GAAZ,YAAY,CAAoB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAGvC,uBAAkB,GAKV,SAAS,CAAA;QACjB,0BAAqB,GAAG,IAAI,GAAG,EAAqB,CAAA;IARzD,CAAC;IAUJ;;OAEG;IACG,2BAA2B;;YAI/B,IAAI,IAAI,CAAC,kBAAkB;gBAAE,OAAO,IAAI,CAAC,kBAAkB,CAAA;YAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACtE,IAAI,QAAQ,EAAE;gBACZ,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAC,IAAA,gBAAQ,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/D,IAAI,CAAC,kBAAkB,GAAG;oBACxB,WAAW;oBACX,OAAO,EAAE;wBACP,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC;wBACpF,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;qBACtF;iBACF,CAAA;gBACD,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;iBAAM;gBACL,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAA;gBAC1E,MAAM,WAAW,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC3G,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,WAAW,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAA;gBACzI,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,SAAS,CAAC,CAAA;gBACpE,IAAI,CAAC,kBAAkB,GAAG,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;gBACjE,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB;;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAC1D,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,WAAW,CAAC,CAAA;YACjI,IAAI,MAAM,EAAE;gBACV,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,SAAS,CAAC,CAAA;gBAC1F,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;gBACrD,OAAO,QAAQ,CAAA;aAChB;QACH,CAAC;KAAA;CACF;AA7DD,4DA6DC","sourcesContent":["import { IcureStorageFacade } from '../storage/IcureStorageFacade'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, jwk2spki, ua2hex } from '../utils'\nimport { KeyPair } from './RSA'\nimport { fingerprintV1 } from './utils'\n\nexport class UserSignatureKeysManager {\n constructor(\n private readonly iCureStorage: IcureStorageFacade,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives\n ) {}\n\n private signatureKeysCache:\n | {\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }\n | undefined = undefined\n private verificationKeysCache = new Map<string, CryptoKey>()\n\n /**\n * Get a key which can be used to sign data in order to allow verification of the data authenticity in the future.\n */\n async getOrCreateSignatureKeyPair(): Promise<{\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }> {\n if (this.signatureKeysCache) return this.signatureKeysCache\n const dataOwnerId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const existing = await this.iCureStorage.loadSignatureKey(dataOwnerId)\n if (existing) {\n const fingerprint = fingerprintV1(jwk2spki(existing.publicKey))\n this.signatureKeysCache = {\n fingerprint,\n keyPair: {\n privateKey: await this.primitives.RSA.importSignatureKey('jwk', existing.privateKey),\n publicKey: await this.primitives.RSA.importVerificationKey('jwk', existing.publicKey),\n },\n }\n return this.signatureKeysCache\n } else {\n const generatedPair = await this.primitives.RSA.generateSignatureKeyPair()\n const fingerprint = ua2hex(await this.primitives.RSA.exportKey(generatedPair.publicKey, 'spki')).slice(-32)\n await this.iCureStorage.saveSignatureKeyPair(dataOwnerId, fingerprint, await this.primitives.RSA.exportKeys(generatedPair, 'jwk', 'jwk'))\n this.verificationKeysCache.set(fingerprint, generatedPair.publicKey)\n this.signatureKeysCache = { fingerprint, keyPair: generatedPair }\n return this.signatureKeysCache\n }\n }\n\n /**\n * Get all available keys which can be used to verify the authenticity of a signature which should have been created\n * by the current data owner.\n * @param fingerprint\n * @return all available verification keys by fingerprint.\n */\n async getSignatureVerificationKey(fingerprint: string): Promise<CryptoKey | undefined> {\n const cached = this.verificationKeysCache.get(fingerprint)\n if (cached) return cached\n const loaded = await this.iCureStorage.loadSignatureVerificationKey(await this.dataOwnerApi.getCurrentDataOwnerId(), fingerprint)\n if (loaded) {\n const imported = await this.primitives.RSA.importKey('jwk', loaded, ['verify'], 'sha-256')\n this.verificationKeysCache.set(fingerprint, imported)\n return imported\n }\n }\n}\n"]}
1
+ {"version":3,"file":"UserSignatureKeysManager.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/UserSignatureKeysManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAGA,oCAAmD;AAEnD,mCAAuC;AAEvC,MAAa,wBAAwB;IACnC,YACmB,YAAgC,EAChC,YAA8B,EAC9B,UAA4B;QAF5B,iBAAY,GAAZ,YAAY,CAAoB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAGvC,uBAAkB,GAKV,SAAS,CAAA;QACjB,0BAAqB,GAAG,IAAI,GAAG,EAAqB,CAAA;IARzD,CAAC;IAUJ;;OAEG;IACG,2BAA2B;;YAI/B,IAAI,IAAI,CAAC,kBAAkB;gBAAE,OAAO,IAAI,CAAC,kBAAkB,CAAA;YAC3D,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YACnE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAA;YACtE,IAAI,QAAQ,EAAE;gBACZ,MAAM,WAAW,GAAG,IAAA,qBAAa,EAAC,IAAA,gBAAQ,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/D,IAAI,CAAC,kBAAkB,GAAG;oBACxB,WAAW;oBACX,OAAO,EAAE;wBACP,UAAU,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC;wBACpF,SAAS,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;qBACtF;iBACF,CAAA;gBACD,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;iBAAM;gBACL,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,wBAAwB,EAAE,CAAA;gBAC1E,MAAM,WAAW,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;gBAC3G,MAAM,IAAI,CAAC,YAAY,CAAC,oBAAoB,CAAC,WAAW,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAA;gBACzI,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,aAAa,CAAC,SAAS,CAAC,CAAA;gBACpE,IAAI,CAAC,kBAAkB,GAAG,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE,CAAA;gBACjE,OAAO,IAAI,CAAC,kBAAkB,CAAA;aAC/B;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACG,2BAA2B,CAAC,WAAmB;;YACnD,MAAM,MAAM,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAC1D,IAAI,MAAM;gBAAE,OAAO,MAAM,CAAA;YACzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,4BAA4B,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,WAAW,CAAC,CAAA;YACjI,IAAI,MAAM,EAAE;gBACV,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAA;gBAC/E,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;gBACrD,OAAO,QAAQ,CAAA;aAChB;QACH,CAAC;KAAA;CACF;AA7DD,4DA6DC","sourcesContent":["import { IcureStorageFacade } from '../storage/IcureStorageFacade'\nimport { IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { hex2ua, jwk2spki, ua2hex } from '../utils'\nimport { KeyPair } from './RSA'\nimport { fingerprintV1 } from './utils'\n\nexport class UserSignatureKeysManager {\n constructor(\n private readonly iCureStorage: IcureStorageFacade,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives\n ) {}\n\n private signatureKeysCache:\n | {\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }\n | undefined = undefined\n private verificationKeysCache = new Map<string, CryptoKey>()\n\n /**\n * Get a key which can be used to sign data in order to allow verification of the data authenticity in the future.\n */\n async getOrCreateSignatureKeyPair(): Promise<{\n fingerprint: string\n keyPair: KeyPair<CryptoKey>\n }> {\n if (this.signatureKeysCache) return this.signatureKeysCache\n const dataOwnerId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const existing = await this.iCureStorage.loadSignatureKey(dataOwnerId)\n if (existing) {\n const fingerprint = fingerprintV1(jwk2spki(existing.publicKey))\n this.signatureKeysCache = {\n fingerprint,\n keyPair: {\n privateKey: await this.primitives.RSA.importSignatureKey('jwk', existing.privateKey),\n publicKey: await this.primitives.RSA.importVerificationKey('jwk', existing.publicKey),\n },\n }\n return this.signatureKeysCache\n } else {\n const generatedPair = await this.primitives.RSA.generateSignatureKeyPair()\n const fingerprint = ua2hex(await this.primitives.RSA.exportKey(generatedPair.publicKey, 'spki')).slice(-32)\n await this.iCureStorage.saveSignatureKeyPair(dataOwnerId, fingerprint, await this.primitives.RSA.exportKeys(generatedPair, 'jwk', 'jwk'))\n this.verificationKeysCache.set(fingerprint, generatedPair.publicKey)\n this.signatureKeysCache = { fingerprint, keyPair: generatedPair }\n return this.signatureKeysCache\n }\n }\n\n /**\n * Get all available keys which can be used to verify the authenticity of a signature which should have been created\n * by the current data owner.\n * @param fingerprint v1 fingerprint of the key to retrieve.\n * @return all available verification keys by fingerprint.\n */\n async getSignatureVerificationKey(fingerprint: string): Promise<CryptoKey | undefined> {\n const cached = this.verificationKeysCache.get(fingerprint)\n if (cached) return cached\n const loaded = await this.iCureStorage.loadSignatureVerificationKey(await this.dataOwnerApi.getCurrentDataOwnerId(), fingerprint)\n if (loaded) {\n const imported = await this.primitives.RSA.importVerificationKey('jwk', loaded)\n this.verificationKeysCache.set(fingerprint, imported)\n return imported\n }\n }\n}\n"]}
@@ -1 +1 @@
1
- {"version":3,"file":"icc-calendar-item-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-calendar-item-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAA2C;AAE3C,4BAA2B;AAE3B,oDAA4F;AAE5F,wCAA+C;AAE/C,0EAAgG;AAGhG,qFAAiF;AACjF,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAC3E,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAEzD,mCAAuE;AAGvE,MAAa,mBAAoB,SAAQ,4BAAkB;IAMzD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAA;IACvH,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,gBAA+B,CAAC,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC,EAChE,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAd1C,SAAI,GAAQ,IAAI,CAAA;QAwBd,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAC7E,CAAC;IAED,WAAW,CACT,IAAU,EACV,EAAsB,EACtB,UAEI,EAAE;QAEN,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;IACzD,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,kBAAkB,CACtB,IAAiB,EACjB,OAA8B,EAC9B,EAAO,EACP,UAGI,EAAE;;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAA;YAChI,MAAM,YAAY,mCACb,CAAC,EAAE,aAAF,EAAE,cAAF,EAAE,GAAI,EAAE,CAAC,KACb,KAAK,EAAE,wCAAwC,EAC/C,EAAE,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EACjD,OAAO,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC5C,QAAQ,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC9C,WAAW,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC5G,MAAM,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EACjE,KAAK,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,KAAK,mCAAI,EAAE,EACtB,IAAI,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,mCAAI,EAAE,GACrB,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO;gBACjB,CAAC,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBACjI,CAAC,CAAC,SAAS,CAAA;YACb,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAC7F,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,qBAAY,CACrB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,YAAY,EAAE,cAAc,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBACrH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAEK,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,aAAa,GAAG,MAAM,OAAM,4CAA4C,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YACtG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;QACrD,CAAC;KAAA;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK;aACT,qDAAqD,CAAC,SAAS,EAAE,WAAW,CAAC;aAC7E,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAA;IACpE,CAAC;IAED,kBAAkB,CAAC,IAAmB;QACpC,MAAM,IAAI,KAAK,CAAC,mGAAmG,CAAC,CAAA;IACtH,CAAC;IAEK,6BAA6B,CAAC,IAAiB,EAAE,IAA0B;;;;;YAC/E,OAAO,IAAI;gBACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;qBACpC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAM,kBAAkB,YAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;qBACnD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;qBAC3E,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,CAAC,IAAI,CAAA;QACV,CAAC;KAAA;IAED,uBAAuB,CAAC,IAAiB,EAAE,cAAsB;QAC/D,OAAO,KAAK;aACT,eAAe,CAAC,cAAc,CAAC;aAC/B,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;aAC/F,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,eAAe,CAAC,cAAsB;QACpC,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,wBAAwB,CAAC,IAAiB;QACxC,OAAO,KAAK,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,gBAAgB;QACd,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,+BAA+B,CAAC,IAAiB,EAAE,IAAuB;QACxE,OAAO,KAAK,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IAC5I,CAAC;IAED,uBAAuB,CAAC,IAAuB;QAC7C,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,4CAA4C,CAC1C,IAAiB,EACjB,SAAiB,EACjB,OAAe,EACf,SAAiB;QAEjB,OAAO,KAAK;aACT,oCAAoC,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC;aACnE,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,oCAAoC,CAAC,SAAkB,EAAE,OAAgB,EAAE,SAAkB;QAC3F,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,uCAAuC,CACrC,IAAiB,EACjB,SAAiB,EACjB,OAAe,EACf,QAAgB;QAEhB,OAAO,KAAK;aACT,+BAA+B,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC;aAC7D,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,+BAA+B,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB;QACrF,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,kBAAkB,CAAC,IAAmB;QACpC,MAAM,IAAI,KAAK,CAAC,mGAAmG,CAAC,CAAA;IACtH,CAAC;IAED;;;;;;;;;;OAUG;IACH,8BAA8B,CAAC,YAAiC;QAC9D,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,KAA2B,YAAY,EAAlC,iBAAiB,UAAK,YAAY,EAA9E,2CAA+D,CAAe,CAAA;QACpF,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAEK,6BAA6B,CAAC,IAAiB,EAAE,IAA0B;;YAC/E,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEO,QAAQ,CAAC,SAAiB,EAAE,IAAyB;QAC3D,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;aAClD,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;aACnD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,aAAyC;QAClE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAA;IACjF,CAAC;IAEO,SAAS,CAAC,SAAiB,EAAE,aAAyC;QAC5E,OAAO,OAAO,CAAC,GAAG,CAChB,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,qBAAY,CAAC,IAAI,CAAC,CAAC,CAC3H,CACF,CAAA;IACH,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,aAAyC;QAC9D,OAAO,OAAO,CAAC,GAAG,CAChB,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,qBAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAC3I,CAAA;IACH,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,YAAiC;;YACxD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;QACtG,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,YAAiC;;YACpD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,CAAA;QACxF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS,CACb,UAAkB,EAClB,YAAiC,EACjC,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACpE,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,YAAiC,EACjC,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACpF,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,YAAiC,EACjC,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,YAAY,EAAE,cAAc,CAAC,CAAA;YACpH,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,YAAY,CAAA;YACjH,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,EAC/C,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CACtC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAoB;QAEpB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,CAAA;IAC3G,CAAC;IAED,mBAAmB,CAAC,MAAoB;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IACvF,CAAC;IAED;;;;;;;;OAQG;IACG,aAAa,CAAC,YAAiC,EAAE,OAAuB,EAAE,sBAAgC;;;YAC9G,IAAI,CAAC,CAAC,CAAA,MAAA,YAAY,CAAC,iBAAiB,0CAAE,MAAM,CAAA;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,YAAY,CAAC,EAAE,iCAAiC,CAAC,CAAA;YAChI,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAA;YAC5G,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;YAChH,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,4CAA4C,OAAO,CAAC,EAAE,sEAAsE,CAAC,CAAA;aAC9I;YACD,MAAM,mBAAmB,GAAG;gBAC1B,cAAc,EAAE,EAAc;gBAC9B,mBAAmB,EAAE,EAAc;gBACnC,oBAAoB,EAAE,CAAC,OAAO,CAAC,EAAG,CAAC;gBACnC,oBAAoB,EAAE,uBAAuB,CAAC,SAAS;aACxD,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAC5E,cAAc,EACd;gBACE;oBACE,MAAM,EAAE,YAAY;oBACpB,gBAAgB,EAAE,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC,CAAC;iBACrF;aACF,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CACtC,CAAA;YACD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,IAAI,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,EAAE,EAAE;gBACtF,MAAM,eAAe,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,YAAY,CAAC,EAAE,CAAC,CAAA;gBACzF,IAAI,CAAC,eAAe,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE;oBAC3E,MAAM,IAAI,KAAK,CAAC,gDAAgD,YAAY,CAAC,EAAE,EAAE,CAAC,CAAA;iBACnF;qBAAM;oBACL,MAAM,IAAI,KAAK,CAAC,mCAAmC,YAAY,CAAC,EAAE,IAAI,YAAY,CAAC,GAAG,EAAE,CAAC,CAAA;iBAC1F;aACF;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAClF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,kCAAO,eAAe,KAAE,iBAAiB,EAAE,CAAC,GAAG,CAAC,IAAG,CAAA;YAC3F,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;;KAChD;IAED,uCAAuC,CAAC,MAAoB,EAAE,SAAmB;QAC/E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IAC9H,CAAC;CACF;AA1ZD,kDA0ZC","sourcesContent":["import * as i18n from './rsrc/contact.i18n'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, CalendarItem, EncryptedEntityStub, User } from '../icc-api/model/models'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccCalendarItemApi } from '../icc-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\n\nexport class IccCalendarItemXApi extends IccCalendarItemApi implements EncryptedEntityXApi<models.CalendarItem> {\n i18n: any = i18n\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n private readonly encryptedFields: EncryptedFieldsManifest\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, 'CalendarItem'))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n encryptedKeys: Array<string> = ['details', 'title', 'patientId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'CalendarItem.')\n }\n\n newInstance(\n user: User,\n ci: any | CalendarItem,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n } = {}\n ) {\n return this.newInstancePatient(user, null, ci, options)\n }\n\n /**\n * Creates a new instance of calendar item with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this calendar item refers to.\n * @param ci initialised data for the calendar item. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the classcalendar itemification. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of calendar item.\n */\n async newInstancePatient(\n user: models.User,\n patient: models.Patient | null,\n ci: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ): Promise<models.CalendarItem> {\n if (!patient && options.preferredSfk) throw new Error('You need to specify parent patient in order to use secret foreign keys.')\n const calendarItem = {\n ...(ci ?? {}),\n _type: 'org.taktik.icure.entities.CalendarItem',\n id: ci?.id ?? this.crypto.primitives.randomUuid(),\n created: ci?.created ?? new Date().getTime(),\n modified: ci?.modified ?? new Date().getTime(),\n responsible: ci?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: ci?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: ci?.codes ?? [],\n tags: ci?.tags ?? [],\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient\n ? options?.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' }))\n : undefined\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new CalendarItem(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(calendarItem, 'CalendarItem', patient?.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: 'Patient' }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<Array<models.CalendarItem>> {\n const calendarItems = await super.findCalendarItemsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, calendarItems)\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<models.CalendarItem> | any> {\n return super\n .findCalendarItemsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys)\n .then((calendarItems) => this.decrypt(hcPartyId, calendarItems))\n }\n\n createCalendarItem(body?: CalendarItem): never {\n throw new Error('Cannot call a method that must encrypt a calendar item without providing a user for de/encryption')\n }\n\n async createCalendarItemWithHcParty(user: models.User, body?: models.CalendarItem): Promise<models.CalendarItem | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((items) => super.createCalendarItem(items[0]))\n .then((ci) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [ci]))\n .then((cis) => cis[0])\n : null\n }\n\n getCalendarItemWithUser(user: models.User, calendarItemId: string): Promise<CalendarItem | any> {\n return super\n .getCalendarItem(calendarItemId)\n .then((calendarItem) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [calendarItem]))\n .then((cis) => cis[0])\n }\n\n getCalendarItem(calendarItemId: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsWithUser(user: models.User): Promise<Array<CalendarItem> | any> {\n return super.getCalendarItems().then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItems(): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsWithIdsWithUser(user: models.User, body?: models.ListOfIds): Promise<Array<CalendarItem> | any> {\n return super.getCalendarItemsWithIds(body).then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItemsWithIds(body?: models.ListOfIds): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsByPeriodAndHcPartyIdWithUser(\n user: models.User,\n startDate: number,\n endDate: number,\n hcPartyId: string\n ): Promise<Array<CalendarItem> | any> {\n return super\n .getCalendarItemsByPeriodAndHcPartyId(startDate, endDate, hcPartyId)\n .then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItemsByPeriodAndHcPartyId(startDate?: number, endDate?: number, hcPartyId?: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarsByPeriodAndAgendaIdWithUser(\n user: models.User,\n startDate: number,\n endDate: number,\n agendaId: string\n ): Promise<Array<CalendarItem> | any> {\n return super\n .getCalendarsByPeriodAndAgendaId(startDate, endDate, agendaId)\n .then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarsByPeriodAndAgendaId(startDate?: number, endDate?: number, agendaId?: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n modifyCalendarItem(body?: CalendarItem): never {\n throw new Error('Cannot call a method that must encrypt a calendar item without providing a user for de/encryption')\n }\n\n /**\n * Remove the following delegation objects from the\n * CalendarItem instance: cryptedForeignKeys, secretForeignKeys.\n *\n * The delegations & encryptionKeys objects are not removed because\n * in the case the CalendarItem is saved in the DB & then encrypted,\n * if later we remove the patient from it, it'd reset the delegations\n * and encryptionKeys thus impossibilitating further access.\n *\n * @param calendarItem The Calendar Item object\n */\n resetCalendarDelegationObjects(calendarItem: models.CalendarItem): models.CalendarItem {\n const { cryptedForeignKeys, secretForeignKeys, ...resetCalendarItem } = calendarItem\n return resetCalendarItem\n }\n\n async modifyCalendarItemWithHcParty(user: models.User, body?: models.CalendarItem): Promise<models.CalendarItem | any> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private modifyAs(dataOwner: string, body: models.CalendarItem): Promise<models.CalendarItem> {\n return this.encryptAs(dataOwner, [_.cloneDeep(body)])\n .then((items) => super.modifyCalendarItem(items[0]))\n .then((ci) => this.decrypt(dataOwner, [ci]))\n .then((cis) => cis[0])\n }\n\n encrypt(user: models.User, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems)\n }\n\n private encryptAs(dataOwner: string, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return Promise.all(\n calendarItems.map((x) =>\n this.crypto.xapi.tryEncryptEntity(x, 'CalendarItem', this.encryptedFields, false, false, (json) => new CalendarItem(json))\n )\n )\n }\n\n decrypt(hcpId: string, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return Promise.all(\n calendarItems.map((x) => this.crypto.xapi.decryptEntity(x, 'CalendarItem', (json) => new CalendarItem(json)).then(({ entity }) => entity))\n )\n }\n\n /**\n * @param calendarItem a calendar item\n * @return the id of the patient that the calendar item refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(calendarItem: models.CalendarItem): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: calendarItem, type: 'CalendarItem' }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given calendar item\n */\n async hasWriteAccess(calendarItem: models.CalendarItem): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: calendarItem, type: 'CalendarItem' })\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the calendar item.\n * @param calendarItem item the calendar item to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async shareWith(\n delegateId: string,\n calendarItem: models.CalendarItem,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.CalendarItem> {\n return this.shareWithMany(calendarItem, { [delegateId]: options })\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param calendarItem item the calendar item to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n calendarItem: models.CalendarItem,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.CalendarItem> {\n return (await this.tryShareWithMany(calendarItem, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param calendarItem item the calendar item to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async tryShareWithMany(\n calendarItem: models.CalendarItem,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.CalendarItem>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(calendarItem, 'CalendarItem')\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : calendarItem\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: 'CalendarItem' },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareCalendarItems(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: CalendarItem\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: 'CalendarItem' })\n }\n\n getEncryptionKeysOf(entity: CalendarItem): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: 'CalendarItem' }, undefined)\n }\n\n /**\n * Links a calendar item with a patient. Note that this operation is not reversible: it is not possible to change the patient linked to a calendar\n * item.\n * @param calendarItem a calendar item\n * @param patient the patient which will be linked to the calendar item.\n * @param shareLinkWithDelegates data owners other than the current data owner which will also be able to decrypt the id of the newly linked\n * patient. If any of these data owners do not already have access to the calendar item, they will be granted read access (no write).\n * @return the updated calendar item\n */\n async linkToPatient(calendarItem: models.CalendarItem, patient: models.Patient, shareLinkWithDelegates: string[]): Promise<models.CalendarItem> {\n if (!!calendarItem.secretForeignKeys?.length) throw new Error(`Calendar item ${calendarItem.id} is already linked to a patient`)\n const delegates = [...new Set([await this.dataOwnerApi.getCurrentDataOwnerId(), ...shareLinkWithDelegates])]\n const sfk = await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' })\n if (!sfk) {\n throw new Error(`Could not find any secret id for patient ${patient.id} which is shared with the topmost ancestor of the current data owner`)\n }\n const individualShareData = {\n shareSecretIds: [] as string[],\n shareEncryptionKeys: [] as string[],\n shareOwningEntityIds: [patient.id!],\n requestedPermissions: RequestedPermissionEnum.FULL_READ,\n }\n const shared = await this.crypto.xapi.bulkShareOrUpdateEncryptedEntityMetadata(\n 'CalendarItem',\n [\n {\n entity: calendarItem,\n dataForDelegates: Object.fromEntries(delegates.map((d) => [d, individualShareData])),\n },\n ],\n (x) => this.bulkShareCalendarItems(x)\n )\n if (!shared.updatedEntities.length || shared.updatedEntities[0].id !== calendarItem.id) {\n const errorsForEntity = shared.updateErrors.filter((e) => e.entityId === calendarItem.id)\n if (!errorsForEntity.length || !errorsForEntity.find((x) => x.code === 409)) {\n throw new Error(`Unexpected error while linking calendar item ${calendarItem.id}`)\n } else {\n throw new Error(`Outdated calendar item revision ${calendarItem.id}-${calendarItem.rev}`)\n }\n }\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const sharedDecrypted = (await this.decrypt(self, [shared.updatedEntities[0]]))[0]\n const withSfk = await this.modifyAs(self, { ...sharedDecrypted, secretForeignKeys: [sfk] })\n return (await this.decrypt(self, [withSfk]))[0]\n }\n\n createDelegationDeAnonymizationMetadata(entity: CalendarItem, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: 'CalendarItem' }, delegates)\n }\n}\n"]}
1
+ {"version":3,"file":"icc-calendar-item-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-calendar-item-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAA2C;AAE3C,4BAA2B;AAE3B,oDAA4D;AAE5D,wCAA+C;AAE/C,0EAAgG;AAGhG,qFAAiF;AACjF,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAC3E,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAEzD,mCAAuE;AAGvE,MAAa,mBAAoB,SAAQ,4BAAkB;IAMzD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAA;IACvH,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,gBAA+B,CAAC,SAAS,EAAE,OAAO,EAAE,WAAW,CAAC,EAChE,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAd1C,SAAI,GAAQ,IAAI,CAAA;QAwBd,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,eAAe,CAAC,CAAA;IAC7E,CAAC;IAED,WAAW,CACT,IAAU,EACV,EAAsB,EACtB,UAEI,EAAE;QAEN,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,CAAC,CAAA;IACzD,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,kBAAkB,CACtB,IAAiB,EACjB,OAA8B,EAC9B,EAAO,EACP,UAGI,EAAE;;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAA;YAChI,MAAM,YAAY,mCACb,CAAC,EAAE,aAAF,EAAE,cAAF,EAAE,GAAI,EAAE,CAAC,KACb,KAAK,EAAE,wCAAwC,EAC/C,EAAE,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EACjD,OAAO,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC5C,QAAQ,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC9C,WAAW,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC5G,MAAM,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EACjE,KAAK,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,KAAK,mCAAI,EAAE,EACtB,IAAI,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,mCAAI,EAAE,GACrB,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO;gBACjB,CAAC,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;gBACjI,CAAC,CAAC,SAAS,CAAA;YACb,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAC7F,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,qBAAY,CACrB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,YAAY,EAAE,cAAc,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBACrH,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAEK,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,aAAa,GAAG,MAAM,OAAM,4CAA4C,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YACtG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;QACrD,CAAC;KAAA;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK;aACT,qDAAqD,CAAC,SAAS,EAAE,WAAW,CAAC;aAC7E,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAA;IACpE,CAAC;IAED,kBAAkB,CAAC,IAAmB;QACpC,MAAM,IAAI,KAAK,CAAC,mGAAmG,CAAC,CAAA;IACtH,CAAC;IAEK,6BAA6B,CAAC,IAAiB,EAAE,IAA0B;;;;;YAC/E,OAAO,IAAI;gBACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;qBACpC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAM,kBAAkB,YAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;qBACnD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;qBAC3E,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC,CAAC,IAAI,CAAA;QACV,CAAC;KAAA;IAED,uBAAuB,CAAC,IAAiB,EAAE,cAAsB;QAC/D,OAAO,KAAK;aACT,eAAe,CAAC,cAAc,CAAC;aAC/B,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC;aAC/F,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,eAAe,CAAC,cAAsB;QACpC,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,wBAAwB,CAAC,IAAiB;QACxC,OAAO,KAAK,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACjI,CAAC;IAED,gBAAgB;QACd,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,+BAA+B,CAAC,IAAiB,EAAE,IAAuB;QACxE,OAAO,KAAK,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IAC5I,CAAC;IAED,uBAAuB,CAAC,IAAuB;QAC7C,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,4CAA4C,CAC1C,IAAiB,EACjB,SAAiB,EACjB,OAAe,EACf,SAAiB;QAEjB,OAAO,KAAK;aACT,oCAAoC,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC;aACnE,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,oCAAoC,CAAC,SAAkB,EAAE,OAAgB,EAAE,SAAkB;QAC3F,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,uCAAuC,CACrC,IAAiB,EACjB,SAAiB,EACjB,OAAe,EACf,QAAgB;QAEhB,OAAO,KAAK;aACT,+BAA+B,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC;aAC7D,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAC,CAAA;IACpG,CAAC;IAED,+BAA+B,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB;QACrF,MAAM,IAAI,KAAK,CAAC,sGAAsG,CAAC,CAAA;IACzH,CAAC;IAED,kBAAkB,CAAC,IAAmB;QACpC,MAAM,IAAI,KAAK,CAAC,mGAAmG,CAAC,CAAA;IACtH,CAAC;IAED;;;;;;;;;;OAUG;IACH,8BAA8B,CAAC,YAAiC;QAC9D,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,KAA2B,YAAY,EAAlC,iBAAiB,UAAK,YAAY,EAA9E,2CAA+D,CAAe,CAAA;QACpF,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAEK,6BAA6B,CAAC,IAAiB,EAAE,IAA0B;;YAC/E,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEO,QAAQ,CAAC,SAAiB,EAAE,IAAyB;QAC3D,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;aAClD,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;aACnD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,aAAyC;QAClE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,aAAa,CAAC,CAAA;IACjF,CAAC;IAEO,SAAS,CAAC,SAAiB,EAAE,aAAyC;QAC5E,OAAO,OAAO,CAAC,GAAG,CAChB,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,qBAAY,CAAC,IAAI,CAAC,CAAC,CAC3H,CACF,CAAA;IACH,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,aAAyC;QAC9D,OAAO,OAAO,CAAC,GAAG,CAChB,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,cAAc,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,qBAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAC3I,CAAA;IACH,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,YAAiC;;YACxD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;QACtG,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,YAAiC;;YACpD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,CAAA;QACxF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS,CACb,UAAkB,EAClB,YAAiC,EACjC,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACpE,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,YAAiC,EACjC,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACpF,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,YAAiC,EACjC,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,YAAY,EAAE,cAAc,CAAC,CAAA;YACpH,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,YAAY,CAAA;YACjH,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,EAC/C,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CACtC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAoB;QAEpB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,CAAA;IAC3G,CAAC;IAED,mBAAmB,CAAC,MAAoB;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IACvF,CAAC;IAED;;;;;;;;OAQG;IACG,aAAa,CAAC,YAAiC,EAAE,OAAuB,EAAE,sBAAgC;;;YAC9G,IAAI,CAAC,CAAC,CAAA,MAAA,YAAY,CAAC,iBAAiB,0CAAE,MAAM,CAAA;gBAAE,MAAM,IAAI,KAAK,CAAC,iBAAiB,YAAY,CAAC,EAAE,iCAAiC,CAAC,CAAA;YAChI,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAAE,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAA;YAC5G,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;YAChH,IAAI,CAAC,GAAG,EAAE;gBACR,MAAM,IAAI,KAAK,CAAC,4CAA4C,OAAO,CAAC,EAAE,sEAAsE,CAAC,CAAA;aAC9I;YACD,MAAM,mBAAmB,GAAG;gBAC1B,cAAc,EAAE,EAAc;gBAC9B,mBAAmB,EAAE,EAAc;gBACnC,oBAAoB,EAAE,CAAC,OAAO,CAAC,EAAG,CAAC;gBACnC,oBAAoB,EAAE,uBAAuB,CAAC,SAAS;aACxD,CAAA;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAC5E,cAAc,EACd;gBACE;oBACE,MAAM,EAAE,YAAY;oBACpB,gBAAgB,EAAE,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC,CAAC;iBACrF;aACF,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CACtC,CAAA;YACD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,IAAI,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,YAAY,CAAC,EAAE,EAAE;gBACtF,MAAM,eAAe,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,YAAY,CAAC,EAAE,CAAC,CAAA;gBACzF,IAAI,CAAC,eAAe,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE;oBAC3E,MAAM,IAAI,KAAK,CAAC,gDAAgD,YAAY,CAAC,EAAE,EAAE,CAAC,CAAA;iBACnF;qBAAM;oBACL,MAAM,IAAI,KAAK,CAAC,mCAAmC,YAAY,CAAC,EAAE,IAAI,YAAY,CAAC,GAAG,EAAE,CAAC,CAAA;iBAC1F;aACF;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAClF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,kCAAO,eAAe,KAAE,iBAAiB,EAAE,CAAC,GAAG,CAAC,IAAG,CAAA;YAC3F,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;;KAChD;IAED,uCAAuC,CAAC,MAAoB,EAAE,SAAmB;QAC/E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IAC9H,CAAC;CACF;AA1ZD,kDA0ZC","sourcesContent":["import * as i18n from './rsrc/contact.i18n'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { CalendarItem, User } from '../icc-api/model/models'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccCalendarItemApi } from '../icc-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\n\nexport class IccCalendarItemXApi extends IccCalendarItemApi implements EncryptedEntityXApi<models.CalendarItem> {\n i18n: any = i18n\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n private readonly encryptedFields: EncryptedFieldsManifest\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, 'CalendarItem'))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n encryptedKeys: Array<string> = ['details', 'title', 'patientId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'CalendarItem.')\n }\n\n newInstance(\n user: User,\n ci: any | CalendarItem,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n } = {}\n ) {\n return this.newInstancePatient(user, null, ci, options)\n }\n\n /**\n * Creates a new instance of calendar item with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this calendar item refers to.\n * @param ci initialised data for the calendar item. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the classcalendar itemification. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of calendar item.\n */\n async newInstancePatient(\n user: models.User,\n patient: models.Patient | null,\n ci: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ): Promise<models.CalendarItem> {\n if (!patient && options.preferredSfk) throw new Error('You need to specify parent patient in order to use secret foreign keys.')\n const calendarItem = {\n ...(ci ?? {}),\n _type: 'org.taktik.icure.entities.CalendarItem',\n id: ci?.id ?? this.crypto.primitives.randomUuid(),\n created: ci?.created ?? new Date().getTime(),\n modified: ci?.modified ?? new Date().getTime(),\n responsible: ci?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: ci?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: ci?.codes ?? [],\n tags: ci?.tags ?? [],\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient\n ? options?.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' }))\n : undefined\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new CalendarItem(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(calendarItem, 'CalendarItem', patient?.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: 'Patient' }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<Array<models.CalendarItem>> {\n const calendarItems = await super.findCalendarItemsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, calendarItems)\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<models.CalendarItem> | any> {\n return super\n .findCalendarItemsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys)\n .then((calendarItems) => this.decrypt(hcPartyId, calendarItems))\n }\n\n createCalendarItem(body?: CalendarItem): never {\n throw new Error('Cannot call a method that must encrypt a calendar item without providing a user for de/encryption')\n }\n\n async createCalendarItemWithHcParty(user: models.User, body?: models.CalendarItem): Promise<models.CalendarItem | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((items) => super.createCalendarItem(items[0]))\n .then((ci) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [ci]))\n .then((cis) => cis[0])\n : null\n }\n\n getCalendarItemWithUser(user: models.User, calendarItemId: string): Promise<CalendarItem | any> {\n return super\n .getCalendarItem(calendarItemId)\n .then((calendarItem) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [calendarItem]))\n .then((cis) => cis[0])\n }\n\n getCalendarItem(calendarItemId: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsWithUser(user: models.User): Promise<Array<CalendarItem> | any> {\n return super.getCalendarItems().then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItems(): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsWithIdsWithUser(user: models.User, body?: models.ListOfIds): Promise<Array<CalendarItem> | any> {\n return super.getCalendarItemsWithIds(body).then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItemsWithIds(body?: models.ListOfIds): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarItemsByPeriodAndHcPartyIdWithUser(\n user: models.User,\n startDate: number,\n endDate: number,\n hcPartyId: string\n ): Promise<Array<CalendarItem> | any> {\n return super\n .getCalendarItemsByPeriodAndHcPartyId(startDate, endDate, hcPartyId)\n .then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarItemsByPeriodAndHcPartyId(startDate?: number, endDate?: number, hcPartyId?: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n getCalendarsByPeriodAndAgendaIdWithUser(\n user: models.User,\n startDate: number,\n endDate: number,\n agendaId: string\n ): Promise<Array<CalendarItem> | any> {\n return super\n .getCalendarsByPeriodAndAgendaId(startDate, endDate, agendaId)\n .then((calendarItems) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems))\n }\n\n getCalendarsByPeriodAndAgendaId(startDate?: number, endDate?: number, agendaId?: string): never {\n throw new Error('Cannot call a method that must en/decrypt a calendar item without providing a user for de/encryption')\n }\n\n modifyCalendarItem(body?: CalendarItem): never {\n throw new Error('Cannot call a method that must encrypt a calendar item without providing a user for de/encryption')\n }\n\n /**\n * Remove the following delegation objects from the\n * CalendarItem instance: cryptedForeignKeys, secretForeignKeys.\n *\n * The delegations & encryptionKeys objects are not removed because\n * in the case the CalendarItem is saved in the DB & then encrypted,\n * if later we remove the patient from it, it'd reset the delegations\n * and encryptionKeys thus impossibilitating further access.\n *\n * @param calendarItem The Calendar Item object\n */\n resetCalendarDelegationObjects(calendarItem: models.CalendarItem): models.CalendarItem {\n const { cryptedForeignKeys, secretForeignKeys, ...resetCalendarItem } = calendarItem\n return resetCalendarItem\n }\n\n async modifyCalendarItemWithHcParty(user: models.User, body?: models.CalendarItem): Promise<models.CalendarItem | any> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private modifyAs(dataOwner: string, body: models.CalendarItem): Promise<models.CalendarItem> {\n return this.encryptAs(dataOwner, [_.cloneDeep(body)])\n .then((items) => super.modifyCalendarItem(items[0]))\n .then((ci) => this.decrypt(dataOwner, [ci]))\n .then((cis) => cis[0])\n }\n\n encrypt(user: models.User, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, calendarItems)\n }\n\n private encryptAs(dataOwner: string, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return Promise.all(\n calendarItems.map((x) =>\n this.crypto.xapi.tryEncryptEntity(x, 'CalendarItem', this.encryptedFields, false, false, (json) => new CalendarItem(json))\n )\n )\n }\n\n decrypt(hcpId: string, calendarItems: Array<models.CalendarItem>): Promise<Array<models.CalendarItem>> {\n return Promise.all(\n calendarItems.map((x) => this.crypto.xapi.decryptEntity(x, 'CalendarItem', (json) => new CalendarItem(json)).then(({ entity }) => entity))\n )\n }\n\n /**\n * @param calendarItem a calendar item\n * @return the id of the patient that the calendar item refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(calendarItem: models.CalendarItem): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: calendarItem, type: 'CalendarItem' }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given calendar item\n */\n async hasWriteAccess(calendarItem: models.CalendarItem): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: calendarItem, type: 'CalendarItem' })\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the calendar item.\n * @param calendarItem item the calendar item to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async shareWith(\n delegateId: string,\n calendarItem: models.CalendarItem,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.CalendarItem> {\n return this.shareWithMany(calendarItem, { [delegateId]: options })\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param calendarItem item the calendar item to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n calendarItem: models.CalendarItem,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.CalendarItem> {\n return (await this.tryShareWithMany(calendarItem, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing calendar item with other data owners, allowing them to access the non-encrypted data of the calendar item and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param calendarItem item the calendar item to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * calendar item does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this calendar item refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async tryShareWithMany(\n calendarItem: models.CalendarItem,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.CalendarItem>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(calendarItem, 'CalendarItem')\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : calendarItem\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: 'CalendarItem' },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareCalendarItems(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: CalendarItem\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: 'CalendarItem' })\n }\n\n getEncryptionKeysOf(entity: CalendarItem): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: 'CalendarItem' }, undefined)\n }\n\n /**\n * Links a calendar item with a patient. Note that this operation is not reversible: it is not possible to change the patient linked to a calendar\n * item.\n * @param calendarItem a calendar item\n * @param patient the patient which will be linked to the calendar item.\n * @param shareLinkWithDelegates data owners other than the current data owner which will also be able to decrypt the id of the newly linked\n * patient. If any of these data owners do not already have access to the calendar item, they will be granted read access (no write).\n * @return the updated calendar item\n */\n async linkToPatient(calendarItem: models.CalendarItem, patient: models.Patient, shareLinkWithDelegates: string[]): Promise<models.CalendarItem> {\n if (!!calendarItem.secretForeignKeys?.length) throw new Error(`Calendar item ${calendarItem.id} is already linked to a patient`)\n const delegates = [...new Set([await this.dataOwnerApi.getCurrentDataOwnerId(), ...shareLinkWithDelegates])]\n const sfk = await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' })\n if (!sfk) {\n throw new Error(`Could not find any secret id for patient ${patient.id} which is shared with the topmost ancestor of the current data owner`)\n }\n const individualShareData = {\n shareSecretIds: [] as string[],\n shareEncryptionKeys: [] as string[],\n shareOwningEntityIds: [patient.id!],\n requestedPermissions: RequestedPermissionEnum.FULL_READ,\n }\n const shared = await this.crypto.xapi.bulkShareOrUpdateEncryptedEntityMetadata(\n 'CalendarItem',\n [\n {\n entity: calendarItem,\n dataForDelegates: Object.fromEntries(delegates.map((d) => [d, individualShareData])),\n },\n ],\n (x) => this.bulkShareCalendarItems(x)\n )\n if (!shared.updatedEntities.length || shared.updatedEntities[0].id !== calendarItem.id) {\n const errorsForEntity = shared.updateErrors.filter((e) => e.entityId === calendarItem.id)\n if (!errorsForEntity.length || !errorsForEntity.find((x) => x.code === 409)) {\n throw new Error(`Unexpected error while linking calendar item ${calendarItem.id}`)\n } else {\n throw new Error(`Outdated calendar item revision ${calendarItem.id}-${calendarItem.rev}`)\n }\n }\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n const sharedDecrypted = (await this.decrypt(self, [shared.updatedEntities[0]]))[0]\n const withSfk = await this.modifyAs(self, { ...sharedDecrypted, secretForeignKeys: [sfk] })\n return (await this.decrypt(self, [withSfk]))[0]\n }\n\n createDelegationDeAnonymizationMetadata(entity: CalendarItem, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: 'CalendarItem' }, delegates)\n }\n}\n"]}
@@ -4,7 +4,7 @@ import { IccCryptoXApi } from './icc-crypto-x-api';
4
4
  import { KeyPairUpdateRequest } from './maintenance/KeyPairUpdateRequest';
5
5
  import { IccDataOwnerXApi } from './icc-data-owner-x-api';
6
6
  import { User } from '../icc-api/model/User';
7
- import { IccExchangeDataApi } from '../icc-api/api/IccExchangeDataApi';
7
+ import { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi';
8
8
  import { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum';
9
9
  /**
10
10
  * Api for interpreting maintenance tasks and applying required client-side actions.
@@ -1 +1 @@
1
- {"version":3,"file":"icc-icure-maintenance-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-icure-maintenance-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,sEAAkE;AAClE,mCAAgC;AAChC,gEAA4D;AAC5D,wEAAoE;AACpE,wEAAoE;AAEpE,6EAAyE;AAGzE,wEAAoE;AAEpE,0EAAsE;AACtE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD;;GAEG;AACH,MAAa,uBAAuB;IAClC,YACmB,MAAqB,EACrB,QAAgC,EAChC,YAA8B,EAC9B,eAAmC;QAHnC,WAAM,GAAN,MAAM,CAAe;QACrB,aAAQ,GAAR,QAAQ,CAAwB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,oBAAe,GAAf,eAAe,CAAoB;IACnD,CAAC;IAEJ,iEAAiE;IAEjE;;;;;OAKG;IACG,kBAAkB,CAAC,MAA4B;;YACnD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAClD,MAAM,CAAC,oBAAoB,EAC3B,MAAM,CAAC,YAAY,EACnB,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAChD,CAAA;YACD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QACnG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,mCAAmC,CAAC,IAAU,EAAE,OAA2B,EAAE,mBAAyC;;YAC1H,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAA;YACzE,IAAI,CAAC,mBAAmB,EAAE;gBACxB,IAAI,eAAe,KAAK,QAAQ,EAAE;oBAChC,OAAO,CAAC,IAAI,CAAC,sGAAsG,CAAC,CAAA;oBACpH,OAAM;iBACP;qBAAM;oBACL,mBAAmB;wBACjB,eAAe,KAAK,qCAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO,EAAE,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAA;iBAC/H;aACF;YACD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAClG,MAAM,cAAc,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gCAAgC,GAAG,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;iBACtG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;iBACxD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;iBAClD,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,MAAM,CAAC,CAAA;YAC9C,MAAM,gCAAgC,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,sCAAsC,CACxG,MAAM,EACN,CAAC,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAC5C,CAAA;YACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gCAAgC,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAA;YAClH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,MAAM,aAAa,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBAC1D,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,CAAC;iBACvD,CAAC,CAAC,CAAA;gBACH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;oBACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,EAAE;wBACxE,mBAAmB,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,eAAe,CAAC,KAAK,EAAE;qBACxE,CAAC,CAAA;oBACF,IAAI,QAAQ,EAAE;wBACZ,sBAAsB;wBACtB,MAAM,IAAI,CAAC,QAAQ,CAAC,6BAA6B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;qBAClE;iBACF;aACF;QACH,CAAC;KAAA;IAEa,sBAAsB,CAAC,WAAmB,EAAE,eAAoC;;YAC5F,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,CACtG,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;gBACvD,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,WAAW;gBACrB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,EAAE,CACzF,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrE,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,OAAO,CAAC,GAAG,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;QACjC,CAAC;KAAA;IAEO,qBAAqB,CAAC,OAAe,EAAE,eAAuB;QACpE,OAAO,IAAI,iCAAe,CAAC;YACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;YACvC,QAAQ,EAAE,2CAAoB,CAAC,SAAS;YACxC,MAAM,EAAE,iCAAe,CAAC,UAAU,CAAC,OAAO;YAC1C,UAAU,EAAE;gBACV,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,gBAAgB;oBACzC,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,OAAO;qBACrB,CAAC;iBACH,CAAC;gBACF,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,iBAAiB;oBAC1C,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,eAAe;qBAC7B,CAAC;iBACH,CAAC;aACH;SACF,CAAC,CAAA;IACJ,CAAC;CACF;AArHD,0DAqHC","sourcesContent":["import { KeyPair } from './crypto/RSA'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { MaintenanceTask } from '../icc-api/model/MaintenanceTask'\nimport { ua2hex } from './utils'\nimport { PropertyStub } from '../icc-api/model/PropertyStub'\nimport { PropertyTypeStub } from '../icc-api/model/PropertyTypeStub'\nimport { TypedValueObject } from '../icc-api/model/TypedValueObject'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { KeyPairUpdateRequest } from './maintenance/KeyPairUpdateRequest'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { User } from '../icc-api/model/User'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { IccExchangeDataApi } from '../icc-api/api/IccExchangeDataApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\ntype ExchangeKeyInfo = { delegator: string; delegate: string; fingerprints: Set<string> }\n\n/**\n * Api for interpreting maintenance tasks and applying required client-side actions.\n */\nexport class IccIcureMaintenanceXApi {\n constructor(\n private readonly crypto: IccCryptoXApi,\n private readonly tasksApi: IccMaintenanceTaskXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly exchangeDataApi: IccExchangeDataApi\n ) {}\n\n // TODO api to get all tasks for current owner from owner with id\n\n /**\n * Applies a key pair update request between another data owner and the current data owner to allow the other data owner to access existing exchange\n * keys shared with the current data owner. IMPORTANT: it is your responsibility to verify the authenticity of the public key / update request\n * before calling this method: this method assumes the new public key for the concerned data owner is authentic.\n * @param update a keypair update request to the current data owner.\n */\n async applyKeyPairUpdate(update: KeyPairUpdateRequest) {\n await this.crypto.exchangeKeys.base.giveAccessBackTo(\n update.concernedDataOwnerId,\n update.newPublicKey,\n this.crypto.userKeysManager.getDecryptionKeys()\n )\n await this.crypto.exchangeData.giveAccessBackTo(update.concernedDataOwnerId, update.newPublicKey)\n }\n\n /**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates the necessary maintenance tasks to request access to existing exchange keys with the new key pair for the current user.\n * @param user the user which owns the new key pair.\n * @param keypair a new key pair for the current user.\n * @param requestToOwnerTypes specifies the types of data owner that have shared data with the current data owner or which were given access to data\n * from the current data owner will receive a 'give access back' request. If not specified, the value be inferred from the current data owner type.\n */\n async createMaintenanceTasksForNewKeypair(user: User, keypair: KeyPair<CryptoKey>, requestToOwnerTypes?: DataOwnerTypeEnum[]): Promise<void> {\n const currentUserType = await this.dataOwnerApi.getCurrentDataOwnerType()\n if (!requestToOwnerTypes) {\n if (currentUserType === 'device') {\n console.warn('Current data owner is a device and there is no need to create maintenance tasks for updated keypair.')\n return\n } else {\n requestToOwnerTypes =\n currentUserType === DataOwnerTypeEnum.Patient ? [DataOwnerTypeEnum.Patient, DataOwnerTypeEnum.Hcp] : [DataOwnerTypeEnum.Hcp]\n }\n }\n const hexNewPubKey = ua2hex(await this.crypto.primitives.RSA.exportKey(keypair.publicKey, 'spki'))\n const hexNewPubKeyFp = hexNewPubKey.slice(-32)\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const requestDataOwnersForExchangeKeys = (await this.getExchangeKeysInfosOf(selfId, requestToOwnerTypes))\n .filter((info) => !info.fingerprints.has(hexNewPubKeyFp))\n .flatMap((info) => [info.delegate, info.delegator])\n .filter((dataOwner) => dataOwner !== selfId)\n const requestDataOwnersForExchangeData = await this.exchangeDataApi.getExchangeDataParticipantCounterparts(\n selfId,\n [...new Set(requestToOwnerTypes)].join(',')\n )\n const requestDataOwners = [...new Set([...requestDataOwnersForExchangeKeys, ...requestDataOwnersForExchangeData])]\n if (requestDataOwners.length > 0) {\n const tasksToCreate = requestDataOwners.map((dataOwner) => ({\n delegate: dataOwner,\n task: this.createMaintenanceTask(selfId, hexNewPubKey),\n }))\n for (const taskToCreate of tasksToCreate) {\n const instance = await this.tasksApi.newInstance(user, taskToCreate.task, {\n additionalDelegates: { [taskToCreate.delegate]: AccessLevelEnum.WRITE },\n })\n if (instance) {\n // TODO create in bulk\n await this.tasksApi.createMaintenanceTaskWithUser(user, instance)\n }\n }\n }\n }\n\n private async getExchangeKeysInfosOf(dataOwnerId: string, otherOwnerTypes: DataOwnerTypeEnum[]): Promise<ExchangeKeyInfo[]> {\n const allExchangeKeys = await this.crypto.exchangeKeys.base.getAllExchangeKeysWith(dataOwnerId, otherOwnerTypes)\n const infoTo = Object.entries(allExchangeKeys.keysToOwner).flatMap(([delegatorId, delegatorFpToKeys]) =>\n Object.values(delegatorFpToKeys).map((encryptedKeys) => ({\n delegator: delegatorId,\n delegate: dataOwnerId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n const infoFrom = Object.values(allExchangeKeys.keysFromOwner).flatMap((delegateIdToKeys) =>\n Object.entries(delegateIdToKeys).map(([delegateId, encryptedKeys]) => ({\n delegator: dataOwnerId,\n delegate: delegateId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n return [...infoFrom, ...infoTo]\n }\n\n private createMaintenanceTask(ownerId: string, concernedPubKey: string) {\n return new MaintenanceTask({\n id: this.crypto.primitives.randomUuid(),\n taskType: KeyPairUpdateRequest.TASK_TYPE,\n status: MaintenanceTask.StatusEnum.Pending,\n properties: [\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_ID_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: ownerId,\n }),\n }),\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_PUB_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: concernedPubKey,\n }),\n }),\n ],\n })\n }\n}\n"]}
1
+ {"version":3,"file":"icc-icure-maintenance-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-icure-maintenance-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,sEAAkE;AAClE,mCAAgC;AAChC,gEAA4D;AAC5D,wEAAoE;AACpE,wEAAoE;AAEpE,6EAAyE;AAGzE,wEAAoE;AAEpE,0EAAsE;AACtE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD;;GAEG;AACH,MAAa,uBAAuB;IAClC,YACmB,MAAqB,EACrB,QAAgC,EAChC,YAA8B,EAC9B,eAAmC;QAHnC,WAAM,GAAN,MAAM,CAAe;QACrB,aAAQ,GAAR,QAAQ,CAAwB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,oBAAe,GAAf,eAAe,CAAoB;IACnD,CAAC;IAEJ,iEAAiE;IAEjE;;;;;OAKG;IACG,kBAAkB,CAAC,MAA4B;;YACnD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAClD,MAAM,CAAC,oBAAoB,EAC3B,MAAM,CAAC,YAAY,EACnB,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAChD,CAAA;YACD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QACnG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,mCAAmC,CAAC,IAAU,EAAE,OAA2B,EAAE,mBAAyC;;YAC1H,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAA;YACzE,IAAI,CAAC,mBAAmB,EAAE;gBACxB,IAAI,eAAe,KAAK,QAAQ,EAAE;oBAChC,OAAO,CAAC,IAAI,CAAC,sGAAsG,CAAC,CAAA;oBACpH,OAAM;iBACP;qBAAM;oBACL,mBAAmB;wBACjB,eAAe,KAAK,qCAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO,EAAE,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAA;iBAC/H;aACF;YACD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAClG,MAAM,cAAc,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gCAAgC,GAAG,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;iBACtG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;iBACxD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;iBAClD,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,MAAM,CAAC,CAAA;YAC9C,MAAM,gCAAgC,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,sCAAsC,CACxG,MAAM,EACN,CAAC,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAC5C,CAAA;YACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gCAAgC,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAA;YAClH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,MAAM,aAAa,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBAC1D,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,CAAC;iBACvD,CAAC,CAAC,CAAA;gBACH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;oBACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,EAAE;wBACxE,mBAAmB,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,eAAe,CAAC,KAAK,EAAE;qBACxE,CAAC,CAAA;oBACF,IAAI,QAAQ,EAAE;wBACZ,sBAAsB;wBACtB,MAAM,IAAI,CAAC,QAAQ,CAAC,6BAA6B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;qBAClE;iBACF;aACF;QACH,CAAC;KAAA;IAEa,sBAAsB,CAAC,WAAmB,EAAE,eAAoC;;YAC5F,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,CACtG,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;gBACvD,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,WAAW;gBACrB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,EAAE,CACzF,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrE,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,OAAO,CAAC,GAAG,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;QACjC,CAAC;KAAA;IAEO,qBAAqB,CAAC,OAAe,EAAE,eAAuB;QACpE,OAAO,IAAI,iCAAe,CAAC;YACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;YACvC,QAAQ,EAAE,2CAAoB,CAAC,SAAS;YACxC,MAAM,EAAE,iCAAe,CAAC,UAAU,CAAC,OAAO;YAC1C,UAAU,EAAE;gBACV,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,gBAAgB;oBACzC,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,OAAO;qBACrB,CAAC;iBACH,CAAC;gBACF,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,iBAAiB;oBAC1C,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,eAAe;qBAC7B,CAAC;iBACH,CAAC;aACH;SACF,CAAC,CAAA;IACJ,CAAC;CACF;AArHD,0DAqHC","sourcesContent":["import { KeyPair } from './crypto/RSA'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { MaintenanceTask } from '../icc-api/model/MaintenanceTask'\nimport { ua2hex } from './utils'\nimport { PropertyStub } from '../icc-api/model/PropertyStub'\nimport { PropertyTypeStub } from '../icc-api/model/PropertyTypeStub'\nimport { TypedValueObject } from '../icc-api/model/TypedValueObject'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { KeyPairUpdateRequest } from './maintenance/KeyPairUpdateRequest'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { User } from '../icc-api/model/User'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\ntype ExchangeKeyInfo = { delegator: string; delegate: string; fingerprints: Set<string> }\n\n/**\n * Api for interpreting maintenance tasks and applying required client-side actions.\n */\nexport class IccIcureMaintenanceXApi {\n constructor(\n private readonly crypto: IccCryptoXApi,\n private readonly tasksApi: IccMaintenanceTaskXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly exchangeDataApi: IccExchangeDataApi\n ) {}\n\n // TODO api to get all tasks for current owner from owner with id\n\n /**\n * Applies a key pair update request between another data owner and the current data owner to allow the other data owner to access existing exchange\n * keys shared with the current data owner. IMPORTANT: it is your responsibility to verify the authenticity of the public key / update request\n * before calling this method: this method assumes the new public key for the concerned data owner is authentic.\n * @param update a keypair update request to the current data owner.\n */\n async applyKeyPairUpdate(update: KeyPairUpdateRequest) {\n await this.crypto.exchangeKeys.base.giveAccessBackTo(\n update.concernedDataOwnerId,\n update.newPublicKey,\n this.crypto.userKeysManager.getDecryptionKeys()\n )\n await this.crypto.exchangeData.giveAccessBackTo(update.concernedDataOwnerId, update.newPublicKey)\n }\n\n /**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates the necessary maintenance tasks to request access to existing exchange keys with the new key pair for the current user.\n * @param user the user which owns the new key pair.\n * @param keypair a new key pair for the current user.\n * @param requestToOwnerTypes specifies the types of data owner that have shared data with the current data owner or which were given access to data\n * from the current data owner will receive a 'give access back' request. If not specified, the value be inferred from the current data owner type.\n */\n async createMaintenanceTasksForNewKeypair(user: User, keypair: KeyPair<CryptoKey>, requestToOwnerTypes?: DataOwnerTypeEnum[]): Promise<void> {\n const currentUserType = await this.dataOwnerApi.getCurrentDataOwnerType()\n if (!requestToOwnerTypes) {\n if (currentUserType === 'device') {\n console.warn('Current data owner is a device and there is no need to create maintenance tasks for updated keypair.')\n return\n } else {\n requestToOwnerTypes =\n currentUserType === DataOwnerTypeEnum.Patient ? [DataOwnerTypeEnum.Patient, DataOwnerTypeEnum.Hcp] : [DataOwnerTypeEnum.Hcp]\n }\n }\n const hexNewPubKey = ua2hex(await this.crypto.primitives.RSA.exportKey(keypair.publicKey, 'spki'))\n const hexNewPubKeyFp = hexNewPubKey.slice(-32)\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const requestDataOwnersForExchangeKeys = (await this.getExchangeKeysInfosOf(selfId, requestToOwnerTypes))\n .filter((info) => !info.fingerprints.has(hexNewPubKeyFp))\n .flatMap((info) => [info.delegate, info.delegator])\n .filter((dataOwner) => dataOwner !== selfId)\n const requestDataOwnersForExchangeData = await this.exchangeDataApi.getExchangeDataParticipantCounterparts(\n selfId,\n [...new Set(requestToOwnerTypes)].join(',')\n )\n const requestDataOwners = [...new Set([...requestDataOwnersForExchangeKeys, ...requestDataOwnersForExchangeData])]\n if (requestDataOwners.length > 0) {\n const tasksToCreate = requestDataOwners.map((dataOwner) => ({\n delegate: dataOwner,\n task: this.createMaintenanceTask(selfId, hexNewPubKey),\n }))\n for (const taskToCreate of tasksToCreate) {\n const instance = await this.tasksApi.newInstance(user, taskToCreate.task, {\n additionalDelegates: { [taskToCreate.delegate]: AccessLevelEnum.WRITE },\n })\n if (instance) {\n // TODO create in bulk\n await this.tasksApi.createMaintenanceTaskWithUser(user, instance)\n }\n }\n }\n }\n\n private async getExchangeKeysInfosOf(dataOwnerId: string, otherOwnerTypes: DataOwnerTypeEnum[]): Promise<ExchangeKeyInfo[]> {\n const allExchangeKeys = await this.crypto.exchangeKeys.base.getAllExchangeKeysWith(dataOwnerId, otherOwnerTypes)\n const infoTo = Object.entries(allExchangeKeys.keysToOwner).flatMap(([delegatorId, delegatorFpToKeys]) =>\n Object.values(delegatorFpToKeys).map((encryptedKeys) => ({\n delegator: delegatorId,\n delegate: dataOwnerId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n const infoFrom = Object.values(allExchangeKeys.keysFromOwner).flatMap((delegateIdToKeys) =>\n Object.entries(delegateIdToKeys).map(([delegateId, encryptedKeys]) => ({\n delegator: dataOwnerId,\n delegate: delegateId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n return [...infoFrom, ...infoTo]\n }\n\n private createMaintenanceTask(ownerId: string, concernedPubKey: string) {\n return new MaintenanceTask({\n id: this.crypto.primitives.randomUuid(),\n taskType: KeyPairUpdateRequest.TASK_TYPE,\n status: MaintenanceTask.StatusEnum.Pending,\n properties: [\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_ID_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: ownerId,\n }),\n }),\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_PUB_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: concernedPubKey,\n }),\n }),\n ],\n })\n }\n}\n"]}
@@ -2,7 +2,7 @@ import { IccMaintenanceTaskApi } from '../icc-api/api/IccMaintenanceTaskApi';
2
2
  import { IccCryptoXApi } from './icc-crypto-x-api';
3
3
  import * as models from '../icc-api/model/models';
4
4
  import { IccHcpartyXApi } from './icc-hcparty-x-api';
5
- import { DocIdentifier, MaintenanceTask } from '../icc-api/model/models';
5
+ import { DocIdentifier, ListOfIds, MaintenanceTask } from '../icc-api/model/models';
6
6
  import { IccDataOwnerXApi } from './icc-data-owner-x-api';
7
7
  import { AuthenticationProvider } from './auth/AuthenticationProvider';
8
8
  import { SecureDelegation } from '../icc-api/model/SecureDelegation';
@@ -49,8 +49,10 @@ export declare class IccMaintenanceTaskXApi extends IccMaintenanceTaskApi implem
49
49
  createMaintenanceTask(body?: models.MaintenanceTask): never;
50
50
  createMaintenanceTaskWithUser(user: models.User, body?: models.MaintenanceTask): Promise<models.MaintenanceTask | null>;
51
51
  filterMaintenanceTasksBy(startDocumentId?: string, limit?: number, body?: models.FilterChainMaintenanceTask): never;
52
- deleteMaintenanceTask(_maintenanceTaskIds: string): never;
53
- deleteMaintenanceTaskWithUser(user: models.User, maintenanceTaskId: string): Promise<Array<DocIdentifier>> | never;
52
+ deleteMaintenanceTask(_maintenanceTaskId: string): never;
53
+ deleteMaintenanceTaskWithUser(user: models.User, maintenanceTaskId: string): Promise<DocIdentifier> | never;
54
+ deleteMaintenanceTasks(_maintenanceTaskIds: ListOfIds): never;
55
+ deleteMaintenanceTasksWithUser(user: models.User, maintenanceTaskIds: ListOfIds): Promise<Array<DocIdentifier>> | never;
54
56
  filterMaintenanceTasksByWithUser(user: models.User, startDocumentId?: string, limit?: number, body?: models.FilterChainMaintenanceTask): Promise<models.PaginatedListMaintenanceTask>;
55
57
  getMaintenanceTask(maintenanceTaskId: string): never;
56
58
  getMaintenanceTaskWithUser(user: models.User, maintenanceTaskId: string): Promise<models.MaintenanceTask | any>;
@@ -74,12 +74,18 @@ class IccMaintenanceTaskXApi extends IccMaintenanceTaskApi_1.IccMaintenanceTaskA
74
74
  filterMaintenanceTasksBy(startDocumentId, limit, body) {
75
75
  throw new Error('Cannot call a method that returns maintenance tasks without providing a user for de/encryption');
76
76
  }
77
- deleteMaintenanceTask(_maintenanceTaskIds) {
77
+ deleteMaintenanceTask(_maintenanceTaskId) {
78
78
  throw new Error('Cannot call a method that returns maintenance tasks without providing a user for de/encryption');
79
79
  }
80
80
  deleteMaintenanceTaskWithUser(user, maintenanceTaskId) {
81
81
  return super.deleteMaintenanceTask(maintenanceTaskId);
82
82
  }
83
+ deleteMaintenanceTasks(_maintenanceTaskIds) {
84
+ throw new Error('Cannot call a method that returns maintenance tasks without providing a user for de/encryption');
85
+ }
86
+ deleteMaintenanceTasksWithUser(user, maintenanceTaskIds) {
87
+ return super.deleteMaintenanceTasks(maintenanceTaskIds);
88
+ }
83
89
  filterMaintenanceTasksByWithUser(user, startDocumentId, limit, body) {
84
90
  return super
85
91
  .filterMaintenanceTasksBy(startDocumentId, limit, body)