@icure/api 8.0.8 → 8.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/model/models.d.ts +1 -0
- package/icc-api/model/models.js +1 -0
- package/icc-api/model/models.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +7 -3
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +3 -2
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/KeyRecovery.js +6 -5
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/RSA.d.ts +4 -1
- package/icc-x-api/crypto/RSA.js +6 -1
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js +2 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/crypto/ShamirKeysManager.js +8 -9
- package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js +4 -3
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js +4 -4
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserSignatureKeysManager.js +9 -5
- package/icc-x-api/crypto/UserSignatureKeysManager.js.map +1 -1
- package/icc-x-api/crypto/utils.d.ts +13 -4
- package/icc-x-api/crypto/utils.js +27 -9
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +16 -14
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.d.ts +2 -2
- package/icc-x-api/icc-calendar-item-x-api.js +17 -17
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +12 -11
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.d.ts +2 -2
- package/icc-x-api/icc-contact-x-api.js +23 -20
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-data-owner-x-api.js +1 -1
- package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.js +17 -16
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +13 -12
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +18 -16
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.js +4 -3
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +12 -11
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +11 -11
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.js +14 -14
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +28 -27
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.js +11 -10
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.js +3 -2
- package/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.js +9 -8
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js +13 -13
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js +4 -1
- package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +17 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +33 -15
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
- package/package.json +1 -1
- package/test/icc-api/api/IccAnonymousAccessApi.d.ts +1 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js +58 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -0
- package/test/icc-api/api/IccDocumentApi.d.ts +1 -0
- package/test/icc-api/api/IccDocumentApi.js +208 -0
- package/test/icc-api/api/IccDocumentApi.js.map +1 -0
- package/test/icc-api/api/IccGroupApi.d.ts +1 -0
- package/test/icc-api/api/IccGroupApi.js +50 -0
- package/test/icc-api/api/IccGroupApi.js.map +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.d.ts +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.js +95 -0
- package/test/icc-api/api/IccRecoveryDataApi.js.map +1 -0
- package/test/icc-api/api/IccRoleApi.d.ts +1 -0
- package/test/icc-api/api/IccRoleApi.js +34 -0
- package/test/icc-api/api/IccRoleApi.js.map +1 -0
- package/test/icc-api/api/IccUserApi.d.ts +1 -0
- package/test/icc-api/api/IccUserApi.js +96 -0
- package/test/icc-api/api/IccUserApi.js.map +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.d.ts +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js +46 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js.map +1 -0
- package/test/icc-api/model/modelHelpersTest.d.ts +1 -0
- package/test/icc-api/model/modelHelpersTest.js +45 -0
- package/test/icc-api/model/modelHelpersTest.js.map +1 -0
- package/test/icc-x-api/auth/group-switch-test.d.ts +1 -0
- package/test/icc-x-api/auth/group-switch-test.js +81 -0
- package/test/icc-x-api/auth/group-switch-test.js.map +1 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.d.ts +2 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js +113 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.d.ts +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js +224 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -0
- package/test/icc-x-api/autofix-anonymity-test.d.ts +1 -0
- package/test/icc-x-api/autofix-anonymity-test.js +108 -0
- package/test/icc-x-api/autofix-anonymity-test.js.map +1 -0
- package/test/icc-x-api/confidential-entities-test.d.ts +1 -0
- package/test/icc-x-api/confidential-entities-test.js +110 -0
- package/test/icc-x-api/confidential-entities-test.js.map +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.d.ts +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js +276 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.d.ts +16 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js +422 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.d.ts +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +588 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -0
- package/test/icc-x-api/crypto/concurrency.d.ts +1 -0
- package/test/icc-x-api/crypto/concurrency.js +35 -0
- package/test/icc-x-api/crypto/concurrency.js.map +1 -0
- package/test/icc-x-api/crypto/crypto-utils.d.ts +1 -0
- package/test/icc-x-api/crypto/crypto-utils.js +80 -0
- package/test/icc-x-api/crypto/crypto-utils.js.map +1 -0
- package/test/icc-x-api/crypto/cryptoTest.d.ts +2 -0
- package/test/icc-x-api/crypto/cryptoTest.js +302 -0
- package/test/icc-x-api/crypto/cryptoTest.js.map +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.d.ts +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js +166 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +690 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.d.ts +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.js +457 -0
- package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +266 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js +393 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js.map +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.d.ts +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js +213 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js.map +1 -0
- package/test/icc-x-api/crypto/shamir.d.ts +2 -0
- package/test/icc-x-api/crypto/shamir.js +166 -0
- package/test/icc-x-api/crypto/shamir.js.map +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.d.ts +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js +71 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js.map +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js +44 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +246 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.d.ts +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js +142 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -0
- package/test/icc-x-api/filters/filters.d.ts +1 -0
- package/test/icc-x-api/filters/filters.js +49 -0
- package/test/icc-x-api/filters/filters.js.map +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.js +106 -0
- package/test/icc-x-api/icc-accesslog-x-api.js.map +1 -0
- package/test/icc-x-api/icc-auth-api.d.ts +1 -0
- package/test/icc-x-api/icc-auth-api.js +47 -0
- package/test/icc-x-api/icc-auth-api.js.map +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js +150 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js.map +1 -0
- package/test/icc-x-api/icc-contact-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-contact-x-api.js +279 -0
- package/test/icc-x-api/icc-contact-x-api.js.map +1 -0
- package/test/icc-x-api/icc-form-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-form-x-api.js +98 -0
- package/test/icc-x-api/icc-form-x-api.js.map +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.js +153 -0
- package/test/icc-x-api/icc-helement-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-invoice-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-invoice-x-api.js +99 -0
- package/test/icc-x-api/icc-invoice-x-api.js.map +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +221 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-message-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-message-x-api.js +328 -0
- package/test/icc-x-api/icc-message-x-api.js.map +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.js +158 -0
- package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-recovery-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-recovery-x-api.js +170 -0
- package/test/icc-x-api/icc-recovery-x-api.js.map +1 -0
- package/test/icc-x-api/icc-time-table-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-time-table-x-api.js +100 -0
- package/test/icc-x-api/icc-time-table-x-api.js.map +1 -0
- package/test/icc-x-api/icc-topic-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-topic-x-api.js +269 -0
- package/test/icc-x-api/icc-topic-x-api.js.map +1 -0
- package/test/icc-x-api/icc-user-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-user-x-api-test.js +99 -0
- package/test/icc-x-api/icc-user-x-api-test.js.map +1 -0
- package/test/icc-x-api/patient-user.d.ts +2 -0
- package/test/icc-x-api/patient-user.js +104 -0
- package/test/icc-x-api/patient-user.js.map +1 -0
- package/test/icc-x-api/storage/storage.d.ts +1 -0
- package/test/icc-x-api/storage/storage.js +48 -0
- package/test/icc-x-api/storage/storage.js.map +1 -0
- package/test/icc-x-api/test-api-no-parent.d.ts +1 -0
- package/test/icc-x-api/test-api-no-parent.js +79 -0
- package/test/icc-x-api/test-api-no-parent.js.map +1 -0
- package/test/icc-x-api/test-legacy-data-support.d.ts +1 -0
- package/test/icc-x-api/test-legacy-data-support.js +376 -0
- package/test/icc-x-api/test-legacy-data-support.js.map +1 -0
- package/test/icc-x-api/utils/graph-test.d.ts +1 -0
- package/test/icc-x-api/utils/graph-test.js +54 -0
- package/test/icc-x-api/utils/graph-test.js.map +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.d.ts +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js +364 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -0
- package/test/support/CSM-185.d.ts +1 -0
- package/test/support/CSM-185.js +124 -0
- package/test/support/CSM-185.js.map +1 -0
- package/test/support/CSM-243.d.ts +1 -0
- package/test/support/CSM-243.js +120 -0
- package/test/support/CSM-243.js.map +1 -0
- package/test/support/CSM-87.d.ts +0 -0
- package/test/support/CSM-87.js +21 -0
- package/test/support/CSM-87.js.map +1 -0
- package/test/support/CSM-93.d.ts +1 -0
- package/test/support/CSM-93.js +112 -0
- package/test/support/CSM-93.js.map +1 -0
- package/test/utils/FakeDataOwnerApi.d.ts +32 -0
- package/test/utils/FakeDataOwnerApi.js +136 -0
- package/test/utils/FakeDataOwnerApi.js.map +1 -0
- package/test/utils/FakeEncryptionKeysManager.d.ts +35 -0
- package/test/utils/FakeEncryptionKeysManager.js +87 -0
- package/test/utils/FakeEncryptionKeysManager.js.map +1 -0
- package/test/utils/FakeExchangeDataApi.d.ts +30 -0
- package/test/utils/FakeExchangeDataApi.js +74 -0
- package/test/utils/FakeExchangeDataApi.js.map +1 -0
- package/test/utils/FakeExchangeDataManager.d.ts +40 -0
- package/test/utils/FakeExchangeDataManager.js +89 -0
- package/test/utils/FakeExchangeDataManager.js.map +1 -0
- package/test/utils/FakeExchangeDataMapManager.d.ts +12 -0
- package/test/utils/FakeExchangeDataMapManager.js +38 -0
- package/test/utils/FakeExchangeDataMapManager.js.map +1 -0
- package/test/utils/FakeGenericApi.d.ts +16 -0
- package/test/utils/FakeGenericApi.js +65 -0
- package/test/utils/FakeGenericApi.js.map +1 -0
- package/test/utils/FakeSignatureKeysManager.d.ts +16 -0
- package/test/utils/FakeSignatureKeysManager.js +54 -0
- package/test/utils/FakeSignatureKeysManager.js.map +1 -0
- package/test/utils/TestApi.d.ts +3 -0
- package/test/utils/TestApi.js +30 -0
- package/test/utils/TestApi.js.map +1 -0
- package/test/utils/TestCollectionUtils.d.ts +1 -0
- package/test/utils/TestCollectionUtils.js +109 -0
- package/test/utils/TestCollectionUtils.js.map +1 -0
- package/test/utils/TestCryptoStrategies.d.ts +42 -0
- package/test/utils/TestCryptoStrategies.js +80 -0
- package/test/utils/TestCryptoStrategies.js.map +1 -0
- package/test/utils/TestStorage.d.ts +23 -0
- package/test/utils/TestStorage.js +61 -0
- package/test/utils/TestStorage.js.map +1 -0
- package/test/utils/test_utils.d.ts +76 -0
- package/test/utils/test_utils.js +419 -0
- package/test/utils/test_utils.js.map +1 -0
|
@@ -16,10 +16,11 @@ const models = require("../icc-api/model/models");
|
|
|
16
16
|
const AuthenticationProvider_1 = require("./auth/AuthenticationProvider");
|
|
17
17
|
const SecureDelegation_1 = require("../icc-api/model/SecureDelegation");
|
|
18
18
|
var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
|
|
19
|
+
const utils_1 = require("./utils");
|
|
19
20
|
// noinspection JSUnusedGlobalSymbols
|
|
20
21
|
class IccFormXApi extends icc_api_1.IccFormApi {
|
|
21
22
|
get headers() {
|
|
22
|
-
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h,
|
|
23
|
+
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, utils_1.EntityWithDelegationTypeName.Form));
|
|
23
24
|
}
|
|
24
25
|
constructor(host, headers, crypto, dataOwnerApi, autofillAuthor, authenticationProvider = new AuthenticationProvider_1.NoAuthenticationProvider(), fetchImpl = typeof window !== 'undefined'
|
|
25
26
|
? window.fetch
|
|
@@ -52,12 +53,12 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
52
53
|
const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user);
|
|
53
54
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
54
55
|
throw new Error('Can only initialise entities as current data owner.');
|
|
55
|
-
const sfk = (_h = options.preferredSfk) !== null && _h !== void 0 ? _h : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type:
|
|
56
|
+
const sfk = (_h = options.preferredSfk) !== null && _h !== void 0 ? _h : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }));
|
|
56
57
|
if (!sfk)
|
|
57
58
|
throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`);
|
|
58
59
|
const extraDelegations = Object.assign(Object.assign({}, Object.fromEntries([...((_k = (_j = user.autoDelegations) === null || _j === void 0 ? void 0 : _j.all) !== null && _k !== void 0 ? _k : []), ...((_m = (_l = user.autoDelegations) === null || _l === void 0 ? void 0 : _l.medicalInformation) !== null && _m !== void 0 ? _m : [])].map((d) => [d, AccessLevelEnum.WRITE]))), ((_o = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _o !== void 0 ? _o : {}));
|
|
59
60
|
return new models.Form(yield this.crypto.xapi
|
|
60
|
-
.entityWithInitialisedEncryptedMetadata(form,
|
|
61
|
+
.entityWithInitialisedEncryptedMetadata(form, utils_1.EntityWithDelegationTypeName.Form, patient.id, sfk, true, false, extraDelegations)
|
|
61
62
|
.then((x) => x.updatedEntity));
|
|
62
63
|
});
|
|
63
64
|
}
|
|
@@ -80,7 +81,7 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
80
81
|
*/
|
|
81
82
|
findBy(hcpartyId, patient, usingPost = false) {
|
|
82
83
|
return __awaiter(this, void 0, void 0, function* () {
|
|
83
|
-
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type:
|
|
84
|
+
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, hcpartyId);
|
|
84
85
|
const topmostParentId = (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0];
|
|
85
86
|
let forms = yield (usingPost
|
|
86
87
|
? this.findFormsByHCPartyPatientForeignKeysUsingPost(hcpartyId, undefined, undefined, undefined, _.uniq(extractedKeys))
|
|
@@ -89,7 +90,7 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
89
90
|
});
|
|
90
91
|
}
|
|
91
92
|
decrypt(hcpartyId, forms) {
|
|
92
|
-
return Promise.all(forms.map((form) => this.crypto.xapi.decryptEntity(form,
|
|
93
|
+
return Promise.all(forms.map((form) => this.crypto.xapi.decryptEntity(form, utils_1.EntityWithDelegationTypeName.Form, (x) => new models.Form(x)).then(({ entity }) => entity)));
|
|
93
94
|
}
|
|
94
95
|
/**
|
|
95
96
|
* @param form a form
|
|
@@ -98,7 +99,7 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
98
99
|
*/
|
|
99
100
|
decryptPatientIdOf(form) {
|
|
100
101
|
return __awaiter(this, void 0, void 0, function* () {
|
|
101
|
-
return this.crypto.xapi.owningEntityIdsOf({ entity: form, type:
|
|
102
|
+
return this.crypto.xapi.owningEntityIdsOf({ entity: form, type: utils_1.EntityWithDelegationTypeName.Form }, undefined);
|
|
102
103
|
});
|
|
103
104
|
}
|
|
104
105
|
/**
|
|
@@ -106,7 +107,7 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
106
107
|
*/
|
|
107
108
|
hasWriteAccess(form) {
|
|
108
109
|
return __awaiter(this, void 0, void 0, function* () {
|
|
109
|
-
return this.crypto.xapi.hasWriteAccess({ entity: form, type:
|
|
110
|
+
return this.crypto.xapi.hasWriteAccess({ entity: form, type: utils_1.EntityWithDelegationTypeName.Form });
|
|
110
111
|
});
|
|
111
112
|
}
|
|
112
113
|
/**
|
|
@@ -164,10 +165,10 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
164
165
|
return __awaiter(this, void 0, void 0, function* () {
|
|
165
166
|
const self = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
166
167
|
// All entities should have an encryption key.
|
|
167
|
-
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(form,
|
|
168
|
+
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(form, utils_1.EntityWithDelegationTypeName.Form);
|
|
168
169
|
const updatedEntity = entityWithEncryptionKey ? yield this.modifyForm(entityWithEncryptionKey) : form;
|
|
169
170
|
return this.crypto.xapi
|
|
170
|
-
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type:
|
|
171
|
+
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type: utils_1.EntityWithDelegationTypeName.Form }, true, Object.fromEntries(Object.entries(delegates).map(([delegateId, options]) => [
|
|
171
172
|
delegateId,
|
|
172
173
|
{
|
|
173
174
|
requestedPermissions: options.requestedPermissions,
|
|
@@ -180,13 +181,13 @@ class IccFormXApi extends icc_api_1.IccFormApi {
|
|
|
180
181
|
});
|
|
181
182
|
}
|
|
182
183
|
getDataOwnersWithAccessTo(entity) {
|
|
183
|
-
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type:
|
|
184
|
+
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: utils_1.EntityWithDelegationTypeName.Form });
|
|
184
185
|
}
|
|
185
186
|
getEncryptionKeysOf(entity) {
|
|
186
|
-
return this.crypto.xapi.encryptionKeysOf({ entity, type:
|
|
187
|
+
return this.crypto.xapi.encryptionKeysOf({ entity, type: utils_1.EntityWithDelegationTypeName.Form }, undefined);
|
|
187
188
|
}
|
|
188
189
|
createDelegationDeAnonymizationMetadata(entity, delegates) {
|
|
189
|
-
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type:
|
|
190
|
+
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: utils_1.EntityWithDelegationTypeName.Form }, delegates);
|
|
190
191
|
}
|
|
191
192
|
}
|
|
192
193
|
exports.IccFormXApi = IccFormXApi;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-form-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-form-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAuC;AAGvC,4BAA2B;AAC3B,kDAAiD;AAGjD,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AASzD,qCAAqC;AACrC,MAAa,WAAY,SAAQ,oBAAU;IAIzC,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAA;IAClH,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QARtC,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,IAAS,EAAE,EACX,UAGI,EAAE;;;YAEN,MAAM,IAAI,mCACL,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,gCAAgC,EACvC,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,GACpB,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAA,OAAO,CAAC,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAC1I,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAClF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,IAAI,CACpB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBACpG,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;OAeG;IACG,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,IAAI,KAAK,GAAuB,MAAM,CAAC,SAAS;gBAC9C,CAAC,CAAC,IAAI,CAAC,6CAA6C,CAAC,SAAU,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBACxH,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAC3F,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;QAC7C,CAAC;KAAA;IAED,OAAO,CAAC,SAAiB,EAAE,KAAyB;QAClD,OAAO,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,IAAiB;;YACxC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,SAAS,CAAC,CAAA;QACtF,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,IAAiB;;YACpC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;QACxE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,IAAiB,EACjB,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC5D,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,IAAiB,EACjB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC5E,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,IAAiB,EACjB,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;YACpG,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACrG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,EAAE,EACvC,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAC9B;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAmB;QAEnB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAA;IACnG,CAAC;IAED,mBAAmB,CAAC,MAAmB;QACrC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/E,CAAC;IAED,uCAAuC,CAAC,MAAmB,EAAE,SAAmB;QAC9E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,SAAS,CAAC,CAAA;IACtH,CAAC;CACF;AA7OD,kCA6OC","sourcesContent":["import { IccFormApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\n\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { AccessLog } from '../icc-api/model/models'\n\n// noinspection JSUnusedGlobalSymbols\nexport class IccFormXApi extends IccFormApi implements EncryptedEntityXApi<models.Form> {\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, 'Contact'))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of form with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this form refers to.\n * @param c initialised data for the form. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the form. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of form.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n c: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ) {\n const form = {\n ...(c ?? {}),\n _type: 'org.taktik.icure.entities.Form',\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = options.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Form(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(form, 'Form', patient.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all contacts with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the contacts of the patient.\n *\n * @param hcpartyId\n * @param patient\n * @param usingPost (Promise)\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: 'Patient' }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n let forms: Array<models.Form> = await (usingPost\n ? this.findFormsByHCPartyPatientForeignKeysUsingPost(hcpartyId!, undefined, undefined, undefined, _.uniq(extractedKeys))\n : this.findFormsByHCPartyPatientForeignKeys(hcpartyId!, _.uniq(extractedKeys).join(',')))\n return await this.decrypt(hcpartyId, forms)\n }\n\n decrypt(hcpartyId: string, forms: Array<models.Form>) {\n return Promise.all(forms.map((form) => this.crypto.xapi.decryptEntity(form, 'Form', (x) => new models.Form(x)).then(({ entity }) => entity)))\n }\n\n /**\n * @param form a form\n * @return the id of the patient that the form refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(form: models.Form): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: form, type: 'Form' }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given form\n */\n async hasWriteAccess(form: models.Form): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: form, type: 'Form' })\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the form.\n * @param form the form to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n form: models.Form,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Form> {\n return this.shareWithMany(form, { [delegateId]: options })\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param form the form to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n form: models.Form,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Form> {\n return (await this.tryShareWithMany(form, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param form the form to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n form: models.Form,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Form>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(form, 'Form')\n const updatedEntity = entityWithEncryptionKey ? await this.modifyForm(entityWithEncryptionKey) : form\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: 'Form' },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareForms(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Form\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: 'Form' })\n }\n\n getEncryptionKeysOf(entity: models.Form): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: 'Form' }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Form, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: 'Form' }, delegates)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-form-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-form-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAuC;AAGvC,4BAA2B;AAC3B,kDAAiD;AAGjD,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAQzD,mCAAsD;AAEtD,qCAAqC;AACrC,MAAa,WAAY,SAAQ,oBAAU;IAIzC,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,IAAI,CAAC,CAAC,CAAA;IAC1I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QARtC,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,IAAS,EAAE,EACX,UAGI,EAAE;;;YAEN,MAAM,IAAI,mCACL,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,gCAAgC,EACvC,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,GACpB,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GACP,MAAA,OAAO,CAAC,YAAY,mCACpB,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;YACnI,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAClF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,IAAI,CACpB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBAC/H,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;OAeG;IACG,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,IAAI,KAAK,GAAuB,MAAM,CAAC,SAAS;gBAC9C,CAAC,CAAC,IAAI,CAAC,6CAA6C,CAAC,SAAU,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBACxH,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAC3F,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;QAC7C,CAAC;KAAA;IAED,OAAO,CAAC,SAAiB,EAAE,KAAyB;QAClD,OAAO,OAAO,CAAC,GAAG,CAChB,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CACjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAChI,CACF,CAAA;IACH,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,IAAiB;;YACxC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAA;QACjH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,IAAiB;;YACpC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,CAAC,CAAA;QACnG,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,IAAiB,EACjB,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC5D,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,IAAiB,EACjB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC5E,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,IAAiB,EACjB,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,IAAI,EAAE,oCAA4B,CAAC,IAAI,CAAC,CAAA;YAC/H,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YACrG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,EAClE,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAC9B;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAmB;QAEnB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,CAAC,CAAA;IAC9H,CAAC;IAED,mBAAmB,CAAC,MAAmB;QACrC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAA;IAC1G,CAAC;IAED,uCAAuC,CAAC,MAAmB,EAAE,SAAmB;QAC9E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,IAAI,EAAE,EAAE,SAAS,CAAC,CAAA;IACjJ,CAAC;CACF;AAnPD,kCAmPC","sourcesContent":["import { IccFormApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\n\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { AccessLog } from '../icc-api/model/models'\nimport { EntityWithDelegationTypeName } from './utils'\n\n// noinspection JSUnusedGlobalSymbols\nexport class IccFormXApi extends IccFormApi implements EncryptedEntityXApi<models.Form> {\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Form))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of form with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this form refers to.\n * @param c initialised data for the form. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the form. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of form.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n c: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ) {\n const form = {\n ...(c ?? {}),\n _type: 'org.taktik.icure.entities.Form',\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk =\n options.preferredSfk ??\n (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: EntityWithDelegationTypeName.Patient }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Form(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(form, EntityWithDelegationTypeName.Form, patient.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all contacts with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the contacts of the patient.\n *\n * @param hcpartyId\n * @param patient\n * @param usingPost (Promise)\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n let forms: Array<models.Form> = await (usingPost\n ? this.findFormsByHCPartyPatientForeignKeysUsingPost(hcpartyId!, undefined, undefined, undefined, _.uniq(extractedKeys))\n : this.findFormsByHCPartyPatientForeignKeys(hcpartyId!, _.uniq(extractedKeys).join(',')))\n return await this.decrypt(hcpartyId, forms)\n }\n\n decrypt(hcpartyId: string, forms: Array<models.Form>) {\n return Promise.all(\n forms.map((form) =>\n this.crypto.xapi.decryptEntity(form, EntityWithDelegationTypeName.Form, (x) => new models.Form(x)).then(({ entity }) => entity)\n )\n )\n }\n\n /**\n * @param form a form\n * @return the id of the patient that the form refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(form: models.Form): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: form, type: EntityWithDelegationTypeName.Form }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given form\n */\n async hasWriteAccess(form: models.Form): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: form, type: EntityWithDelegationTypeName.Form })\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the form.\n * @param form the form to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n form: models.Form,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Form> {\n return this.shareWithMany(form, { [delegateId]: options })\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param form the form to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n form: models.Form,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Form> {\n return (await this.tryShareWithMany(form, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing form with other data owners, allowing them to access the non-encrypted data of the form and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param form the form to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * form does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this form refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n form: models.Form,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Form>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(form, EntityWithDelegationTypeName.Form)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyForm(entityWithEncryptionKey) : form\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: EntityWithDelegationTypeName.Form },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareForms(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Form\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Form })\n }\n\n getEncryptionKeysOf(entity: models.Form): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Form }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Form, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: EntityWithDelegationTypeName.Form }, delegates)\n }\n}\n"]}
|
|
@@ -21,7 +21,7 @@ const utils_1 = require("./utils");
|
|
|
21
21
|
const Connection_1 = require("../icc-api/model/Connection");
|
|
22
22
|
class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
23
23
|
get headers() {
|
|
24
|
-
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h,
|
|
24
|
+
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, utils_1.EntityWithDelegationTypeName.HealthElement));
|
|
25
25
|
}
|
|
26
26
|
constructor(host, headers, crypto, dataOwnerApi, userApi, authApi, autofillAuthor, encryptedKeys = ['descr', 'note'], authenticationProvider = new AuthenticationProvider_1.NoAuthenticationProvider(), fetchImpl = typeof window !== 'undefined'
|
|
27
27
|
? window.fetch
|
|
@@ -62,14 +62,14 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
62
62
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
63
63
|
throw new Error('Can only initialise entities as current data owner.');
|
|
64
64
|
const sfk = (_k = options.preferredSfk) !== null && _k !== void 0 ? _k : ((options === null || options === void 0 ? void 0 : options.confidential)
|
|
65
|
-
? yield this.crypto.confidential.getConfidentialSecretId({ entity: patient, type:
|
|
66
|
-
: yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type:
|
|
65
|
+
? yield this.crypto.confidential.getConfidentialSecretId({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient })
|
|
66
|
+
: yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }));
|
|
67
67
|
if (!sfk)
|
|
68
68
|
throw new Error(`Couldn't find any sfk of parent patient ${patient.id} for confidential=${(_l = options === null || options === void 0 ? void 0 : options.confidential) !== null && _l !== void 0 ? _l : false}`);
|
|
69
69
|
const extraDelegations = Object.assign(Object.assign({}, (options.confidential
|
|
70
70
|
? {}
|
|
71
71
|
: Object.fromEntries([...((_o = (_m = user.autoDelegations) === null || _m === void 0 ? void 0 : _m.all) !== null && _o !== void 0 ? _o : []), ...((_q = (_p = user.autoDelegations) === null || _p === void 0 ? void 0 : _p.medicalInformation) !== null && _q !== void 0 ? _q : [])].map((d) => [d, AccessLevelEnum.WRITE])))), ((_r = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _r !== void 0 ? _r : {}));
|
|
72
|
-
const initialisationInfo = yield this.crypto.xapi.entityWithInitialisedEncryptedMetadata(helement,
|
|
72
|
+
const initialisationInfo = yield this.crypto.xapi.entityWithInitialisedEncryptedMetadata(helement, utils_1.EntityWithDelegationTypeName.HealthElement, patient.id, sfk, true, false, extraDelegations);
|
|
73
73
|
return new models.HealthElement(initialisationInfo.updatedEntity);
|
|
74
74
|
});
|
|
75
75
|
}
|
|
@@ -130,7 +130,7 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
130
130
|
findHealthElementsByHCPartyAndPatientWithUser(user, hcPartyId, patient, usingPost = false) {
|
|
131
131
|
var _a;
|
|
132
132
|
return __awaiter(this, void 0, void 0, function* () {
|
|
133
|
-
let keysAndHcPartyId = yield this.crypto.xapi.secretIdsForHcpHierarchyOf({ entity: patient, type:
|
|
133
|
+
let keysAndHcPartyId = yield this.crypto.xapi.secretIdsForHcpHierarchyOf({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient });
|
|
134
134
|
const keys = (_a = keysAndHcPartyId.find((secretForeignKeys) => secretForeignKeys.ownerId == hcPartyId)) === null || _a === void 0 ? void 0 : _a.extracted;
|
|
135
135
|
if (keys == undefined) {
|
|
136
136
|
throw Error('No delegation for user');
|
|
@@ -182,7 +182,7 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
182
182
|
*/
|
|
183
183
|
findBy(hcpartyId, patient, keepObsoleteVersions = false, usingPost = false) {
|
|
184
184
|
return this.crypto.xapi
|
|
185
|
-
.secretIdsForHcpHierarchyOf({ entity: patient, type:
|
|
185
|
+
.secretIdsForHcpHierarchyOf({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient })
|
|
186
186
|
.then((secretForeignKeys) => secretForeignKeys && secretForeignKeys.length > 0
|
|
187
187
|
? Promise.all(secretForeignKeys
|
|
188
188
|
.reduce((acc, level) => {
|
|
@@ -228,13 +228,15 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
228
228
|
return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user), healthElements);
|
|
229
229
|
}
|
|
230
230
|
encryptAs(owner, healthElements) {
|
|
231
|
-
return Promise.all(healthElements.map((he) => this.crypto.xapi.tryEncryptEntity(he,
|
|
231
|
+
return Promise.all(healthElements.map((he) => this.crypto.xapi.tryEncryptEntity(he, utils_1.EntityWithDelegationTypeName.HealthElement, this.encryptedFields, false, false, (x) => new models.HealthElement(x))));
|
|
232
232
|
}
|
|
233
233
|
decryptWithUser(user, hes) {
|
|
234
234
|
return this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes);
|
|
235
235
|
}
|
|
236
236
|
decrypt(dataOwnerId, hes) {
|
|
237
|
-
return Promise.all(hes.map((he) => this.crypto.xapi
|
|
237
|
+
return Promise.all(hes.map((he) => this.crypto.xapi
|
|
238
|
+
.decryptEntity(he, utils_1.EntityWithDelegationTypeName.HealthElement, (x) => new models.HealthElement(x))
|
|
239
|
+
.then(({ entity }) => entity)));
|
|
238
240
|
}
|
|
239
241
|
filterHealthElementsBy(startDocumentId, limit, body) {
|
|
240
242
|
throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption');
|
|
@@ -278,7 +280,7 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
278
280
|
*/
|
|
279
281
|
decryptPatientIdOf(healthElement) {
|
|
280
282
|
return __awaiter(this, void 0, void 0, function* () {
|
|
281
|
-
return this.crypto.xapi.owningEntityIdsOf({ entity: healthElement, type:
|
|
283
|
+
return this.crypto.xapi.owningEntityIdsOf({ entity: healthElement, type: utils_1.EntityWithDelegationTypeName.HealthElement }, undefined);
|
|
282
284
|
});
|
|
283
285
|
}
|
|
284
286
|
/**
|
|
@@ -286,7 +288,7 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
286
288
|
*/
|
|
287
289
|
hasWriteAccess(healthElement) {
|
|
288
290
|
return __awaiter(this, void 0, void 0, function* () {
|
|
289
|
-
return this.crypto.xapi.hasWriteAccess({ entity: healthElement, type:
|
|
291
|
+
return this.crypto.xapi.hasWriteAccess({ entity: healthElement, type: utils_1.EntityWithDelegationTypeName.HealthElement });
|
|
290
292
|
});
|
|
291
293
|
}
|
|
292
294
|
/**
|
|
@@ -345,10 +347,10 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
345
347
|
return __awaiter(this, void 0, void 0, function* () {
|
|
346
348
|
const self = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
347
349
|
// All entities should have an encryption key.
|
|
348
|
-
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(healthElement,
|
|
350
|
+
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(healthElement, utils_1.EntityWithDelegationTypeName.HealthElement);
|
|
349
351
|
const updatedEntity = entityWithEncryptionKey ? yield this.modifyHealthElementAs(self, entityWithEncryptionKey) : healthElement;
|
|
350
352
|
return this.crypto.xapi
|
|
351
|
-
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type:
|
|
353
|
+
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type: utils_1.EntityWithDelegationTypeName.HealthElement }, true, Object.fromEntries(Object.entries(delegates).map(([delegateId, options]) => [
|
|
352
354
|
delegateId,
|
|
353
355
|
{
|
|
354
356
|
requestedPermissions: options.requestedPermissions,
|
|
@@ -361,19 +363,19 @@ class IccHelementXApi extends icc_api_1.IccHelementApi {
|
|
|
361
363
|
});
|
|
362
364
|
}
|
|
363
365
|
getDataOwnersWithAccessTo(entity) {
|
|
364
|
-
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type:
|
|
366
|
+
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: utils_1.EntityWithDelegationTypeName.HealthElement });
|
|
365
367
|
}
|
|
366
368
|
getEncryptionKeysOf(entity) {
|
|
367
|
-
return this.crypto.xapi.encryptionKeysOf({ entity, type:
|
|
369
|
+
return this.crypto.xapi.encryptionKeysOf({ entity, type: utils_1.EntityWithDelegationTypeName.HealthElement }, undefined);
|
|
368
370
|
}
|
|
369
371
|
subscribeToHealthElementEvents(eventTypes, filter, eventFired, options = {}) {
|
|
370
372
|
return __awaiter(this, void 0, void 0, function* () {
|
|
371
373
|
const currentUser = yield this.userApi.getCurrentUser();
|
|
372
|
-
return yield (0, utils_1.subscribeToEntityEvents)(this.host, this.authApi,
|
|
374
|
+
return yield (0, utils_1.subscribeToEntityEvents)(this.host, this.authApi, utils_1.EntityWithDelegationTypeName.HealthElement, eventTypes, filter, eventFired, options, (encrypted) => __awaiter(this, void 0, void 0, function* () { return (yield this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(currentUser), [encrypted]))[0]; })).then((rs) => new Connection_1.ConnectionImpl(rs));
|
|
373
375
|
});
|
|
374
376
|
}
|
|
375
377
|
createDelegationDeAnonymizationMetadata(entity, delegates) {
|
|
376
|
-
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type:
|
|
378
|
+
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: utils_1.EntityWithDelegationTypeName.HealthElement }, delegates);
|
|
377
379
|
}
|
|
378
380
|
}
|
|
379
381
|
exports.IccHelementXApi = IccHelementXApi;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-helement-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-helement-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAuD;AAGvD,kDAAiD;AAEjD,4BAA2B;AAC3B,iCAAgC;AAIhC,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAOzD,mCAAqH;AAGrH,4DAAwE;AAExE,MAAa,eAAgB,SAAQ,wBAAc;IAGjD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAA;IACxH,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,OAAoB,EACpB,OAAmB,EACnB,cAAuB,EACxC,gBAA+B,CAAC,OAAO,EAAE,MAAM,CAAC,EAChD,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAbtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,YAAO,GAAP,OAAO,CAAa;QACpB,YAAO,GAAP,OAAO,CAAY;QACnB,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,gBAAgB,CAAC,CAAA;IAC9E,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAII,EAAE;;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,QAAQ,mCACT,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,yCAAyC,EAChD,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,eAAe,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,eAAe,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAC1E,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAC3E,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GACP,MAAA,OAAO,CAAC,YAAY,mCACpB,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,uBAAuB,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;gBAC9F,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAC3G,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,qBAAqB,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,KAAK,EAAE,CAAC,CAAA;YACrI,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,YAAY;gBACtB,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CACtF,QAAQ,EACR,eAAe,EACf,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,KAAK,EACL,gBAAgB,CACjB,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,aAAa,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAA;;KAClE;IAED,mBAAmB,CAAC,IAA2B;QAC7C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,2BAA2B,CAAC,IAAiB,EAAE,IAA2B;QACxE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAChD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,oBAAoB,CAAC,IAA2B;QAC9C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,4BAA4B,CAAC,IAAiB,EAAE,MAA+B;QAC7E,OAAO,MAAM;YACX,CAAC,CAAC,IAAI,CAAC,OAAO,CACV,IAAI,EACJ,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAClC;iBACE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAC/E,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,gBAAgB,CAAC,eAAuB;QACtC,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,wBAAwB,CAAC,IAAiB,EAAE,eAAuB;QACjE,OAAO,KAAK;aACT,gBAAgB,CAAC,eAAe,CAAC;aACjC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,iBAAiB,CAAC,IAAuB;QACvC,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,yBAAyB,CAAC,IAAiB,EAAE,IAAuB;QAClE,OAAO,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;IACjH,CAAC;IAED,2BAA2B,CAAC,eAAuB,EAAE,IAA+B;QAClF,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,mCAAmC,CAAC,IAAiB,EAAE,eAAuB,EAAE,IAA+B;QAC7G,OAAO,KAAK;aACT,2BAA2B,CAAC,eAAe,EAAE,IAAI,CAAC;aAClD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC9C,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IACxB,CAAC;IAED,6CAA6C,CAAC,SAAiB,EAAE,WAAmB;QAClF,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,qDAAqD,CAAC,IAAiB,EAAE,SAAiB,EAAE,WAAmB;QAC7G,OAAO,KAAK,CAAC,6CAA6C,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;IACnI,CAAC;IAED,0DAA0D,CAAC,IAAiB,EAAE,SAAiB,EAAE,WAAqB;QACpH,OAAO,KAAK,CAAC,sDAAsD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;IAC5I,CAAC;IAEK,6CAA6C,CACjD,IAAiB,EACjB,SAAiB,EACjB,OAAuB,EACvB,YAAqB,KAAK;;;YAE1B,IAAI,gBAAgB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;YAC9G,MAAM,IAAI,GAAG,MAAA,gBAAgB,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,IAAI,SAAS,CAAC,0CAAE,SAAS,CAAA;YAC5G,IAAI,IAAI,IAAI,SAAS,EAAE;gBACrB,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAA;aACtC;YACD,OAAO,SAAS;gBACd,CAAC,CAAC,IAAI,CAAC,0DAA0D,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC;gBACxF,CAAC,CAAC,IAAI,CAAC,qDAAqD,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;;KAChG;IAED,mBAAmB,CAAC,IAAoB;QACtC,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,2BAA2B,CAAC,IAAiB,EAAE,IAAoB;QACjE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAClH,CAAC;IACO,qBAAqB,CAAC,SAAiB,EAAE,IAAmB;QAClE,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;aAClD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;aAChD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,oBAAoB,CAAC,IAA2B;QAC9C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,4BAA4B,CAAC,IAAiB,EAAE,MAAwB;QACtE,OAAO,MAAM;YACX,CAAC,CAAC,IAAI,CAAC,OAAO,CACV,IAAI,EACJ,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAClC;iBACE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAC/E,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IAEH,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,oBAAoB,GAAG,KAAK,EAAE,SAAS,GAAG,KAAK;QAChG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;aACpB,0BAA0B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;aAChE,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE,CAC1B,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC;YAC/C,CAAC,CAAC,OAAO,CAAC,GAAG,CACT,iBAAiB;iBACd,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;gBACrB,OAAO,GAAG,CAAC,MAAM,CAAC;oBAChB;wBACE,SAAS,EAAE,KAAK,CAAC,OAAO;wBACxB,aAAa,EAAE,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;qBACxH;iBACF,CAAC,CAAA;YACJ,CAAC,EAAE,EAAgE,CAAC;iBACnE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;iBACzC,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,CACpC,SAAS;gBACP,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAC7E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CACrF,CACJ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CACxB;aACA,IAAI,CAAC,CAAC,kBAA+C,EAAE,EAAE;YACxD,MAAM,KAAK,GAA4C,EAAE,CAAA;YAEzD,IAAI,oBAAoB,EAAE;gBACxB,OAAO,kBAAkB,CAAA;aAC1B;iBAAM;gBACL,kBAAkB,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;oBAChC,IAAI,EAAE,CAAC,eAAe,EAAE;wBACtB,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,CAAA;wBACrC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE;4BACxE,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,CAAA;yBAC/B;qBACF;gBACH,CAAC,CAAC,CAAA;gBACF,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;aACxD;QACH,CAAC,CAAC,CAAA;IACN,CAAC;IAED,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;QACpE,OAAO,KAAK,CAAC,6CAA6C,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;IAC5I,CAAC;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK;aACT,sDAAsD,CAAC,SAAS,EAAE,WAAW,CAAC;aAC9E,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;IAC5D,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,cAA2C;QACpE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAA;IACjF,CAAC;IAEO,SAAS,CAAC,KAAa,EAAE,cAA2C;QAC1E,OAAO,OAAO,CAAC,GAAG,CAChB,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,EAAE,eAAe,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAC/H,CACF,CAAA;IACH,CAAC;IAED,eAAe,CAAC,IAAiB,EAAE,GAAgC;QACjE,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAA;IACpE,CAAC;IAED,OAAO,CAAC,WAAmB,EAAE,GAAgC;QAC3D,OAAO,OAAO,CAAC,GAAG,CAChB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE,eAAe,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CACtI,CAAA;IACH,CAAC;IAED,sBAAsB,CAAC,eAAwB,EAAE,KAAc,EAAE,IAA+B;QAC9F,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,gBAAgB,CACd,IAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,IAA+B;QAE/B,OAAO,KAAK;aACT,sBAAsB,CAAC,eAAe,EAAE,KAAK,EAAE,IAAI,CAAC;aACpD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,EAAE,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAA;IACrG,CAAC;IAED,qCAAqC;IACrC,sBAAsB,CAAC,IAAiB,EAAE,OAAuB,EAAE,KAAqB,EAAE,KAAa;QACrG,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE;YACrC,SAAS,EAAE,KAAK,CAAC,EAAE;YACnB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,WAAW,EAAE,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,WAAW;YACjD,KAAK,EAAE,KAAK;YACZ,gBAAgB,EAAE,KAAK,CAAC,SAAS;YACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,IAAI,EAAE,KAAK,CAAC,IAAI;SACjB,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE;YACb,OAAO,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAA;QACrC,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,0DAA0D;IAC1D,YAAY,CAAC,IAAY;QACvB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzB,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;YACb,EAAE,EAAE,IAAI;SACT,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,aAAmC;;YAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,SAAS,CAAC,CAAA;QACxG,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,aAAmC;;YACtD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAA;QAC1F,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,aAAmC,EACnC,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACrE,CAAC;KAAA;IACD;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,aAAmC,EACnC,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACrF,CAAC;KAAA;IACD;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,aAAmC,EACnC,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,aAAa,EAAE,eAAe,CAAC,CAAA;YACtH,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,aAAa,CAAA;YAC/H,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,eAAe,EAAE,EAChD,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,CACvC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAA4B;QAE5B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAA;IAC5G,CAAC;IAED,mBAAmB,CAAC,MAA4B;QAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,SAAS,CAAC,CAAA;IACxF,CAAC;IAEK,8BAA8B,CAClC,UAA8C,EAC9C,MAAiD,EACjD,UAA2D,EAC3D,UAA+B,EAAE;;YAEjC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAEvD,OAAO,MAAM,IAAA,+BAAuB,EAClC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ,eAAe,EACf,UAAU,EACV,MAAM,EACN,UAAU,EACV,OAAO,EACP,CAAO,SAAS,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,GAAA,CAC3G,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,2BAAc,CAAC,EAAE,CAAC,CAAC,CAAA;QACxC,CAAC;KAAA;IAED,uCAAuC,CAAC,MAAqB,EAAE,SAAmB;QAChF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/H,CAAC;CACF;AAlfD,0CAkfC","sourcesContent":["import { IccAuthApi, IccHelementApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as models from '../icc-api/model/models'\n\nimport * as _ from 'lodash'\nimport * as moment from 'moment'\nimport { a2b, b2a, hex2ua, string2ua, ua2utf8, utf8_2ua } from './utils/binary-utils'\nimport { FilterChainHealthElement, HealthElement, PaginatedListHealthElement } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { IccUserXApi } from './icc-user-x-api'\nimport { EncryptedFieldsManifest, parseEncryptedFields, subscribeToEntityEvents, SubscriptionOptions } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { AbstractFilter } from './filters/filters'\nimport { Connection, ConnectionImpl } from '../icc-api/model/Connection'\n\nexport class IccHelementXApi extends IccHelementApi implements EncryptedEntityXApi<models.HealthElement> {\n private readonly encryptedFields: EncryptedFieldsManifest\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, 'HealthElement'))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly userApi: IccUserXApi,\n private readonly authApi: IccAuthApi,\n private readonly autofillAuthor: boolean,\n encryptedKeys: Array<string> = ['descr', 'note'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'HealthElement.')\n }\n\n /**\n * Creates a new instance of health element with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this health element refers to.\n * @param h initialised data for the health element. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the health element. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy if the confidential is set to false, else a secret id that\n * the data owner did not share with any of his parents.\n * - confidential: if true, the entity will be created as confidential. Confidential entities are not shared with auto-delegations, and the default\n * foreign key used is any key that is not shared with any of the data owner parents. By default entities are created as non-confidential.\n * @return a new instance of health element.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n confidential?: boolean\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const helement = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.HealthElement',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n healthElementId: h?.healthElementId ?? this.crypto.primitives.randomUuid(),\n openingDate: h?.openingDate ?? parseInt(moment().format('YYYYMMDDHHmmss')),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk =\n options.preferredSfk ??\n (options?.confidential\n ? await this.crypto.confidential.getConfidentialSecretId({ entity: patient, type: 'Patient' })\n : await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id} for confidential=${options?.confidential ?? false}`)\n const extraDelegations = {\n ...(options.confidential\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n )),\n ...(options?.additionalDelegates ?? {}),\n }\n const initialisationInfo = await this.crypto.xapi.entityWithInitialisedEncryptedMetadata(\n helement,\n 'HealthElement',\n patient.id,\n sfk,\n true,\n false,\n extraDelegations\n )\n return new models.HealthElement(initialisationInfo.updatedEntity)\n }\n\n createHealthElement(body?: models.HealthElement): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n createHealthElementWithUser(user: models.User, body?: models.HealthElement): Promise<models.HealthElement | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((hes) => super.createHealthElement(hes[0]))\n .then((he) => this.decryptWithUser(user, [he]))\n .then((hes) => hes[0])\n : Promise.resolve(null)\n }\n\n createHealthElements(body?: Array<HealthElement>): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n createHealthElementsWithUser(user: models.User, bodies?: models.HealthElement[]): Promise<models.HealthElement[] | any> {\n return bodies\n ? this.encrypt(\n user,\n bodies.map((c) => _.cloneDeep(c))\n )\n .then((hes) => super.createHealthElements(hes))\n .then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n : Promise.resolve(null)\n }\n\n getHealthElement(healthElementId: string): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n getHealthElementWithUser(user: models.User, healthElementId: string): Promise<models.HealthElement> {\n return super\n .getHealthElement(healthElementId)\n .then((he) => this.decryptWithUser(user, [he]))\n .then((hes) => hes[0])\n }\n\n getHealthElements(body?: models.ListOfIds): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n getHealthElementsWithUser(user: models.User, body?: models.ListOfIds): Promise<models.HealthElement[]> {\n return super.getHealthElements(body).then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n }\n\n newHealthElementDelegations(healthElementId: string, body?: Array<models.Delegation>): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n newHealthElementDelegationsWithUser(user: models.User, healthElementId: string, body?: Array<models.Delegation>): Promise<models.HealthElement> {\n return super\n .newHealthElementDelegations(healthElementId, body)\n .then((he) => this.decryptWithUser(user, [he]))\n .then((he) => he[0])\n }\n\n findHealthElementsByHCPartyPatientForeignKeys(hcPartyId: string, secretFKeys: string): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n findHealthElementsByHCPartyPatientForeignKeysWithUser(user: models.User, hcPartyId: string, secretFKeys: string): Promise<HealthElement[]> {\n return super.findHealthElementsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys).then((hes) => this.decryptWithUser(user, hes))\n }\n\n findHealthElementsByHCPartyPatientForeignKeysArrayWithUser(user: models.User, hcPartyId: string, secretFKeys: string[]): Promise<HealthElement[]> {\n return super.findHealthElementsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((hes) => this.decryptWithUser(user, hes))\n }\n\n async findHealthElementsByHCPartyAndPatientWithUser(\n user: models.User,\n hcPartyId: string,\n patient: models.Patient,\n usingPost: boolean = false\n ): Promise<models.HealthElement[]> {\n let keysAndHcPartyId = await this.crypto.xapi.secretIdsForHcpHierarchyOf({ entity: patient, type: 'Patient' })\n const keys = keysAndHcPartyId.find((secretForeignKeys) => secretForeignKeys.ownerId == hcPartyId)?.extracted\n if (keys == undefined) {\n throw Error('No delegation for user')\n }\n return usingPost\n ? this.findHealthElementsByHCPartyPatientForeignKeysArrayWithUser(user, hcPartyId, keys)\n : this.findHealthElementsByHCPartyPatientForeignKeysWithUser(user, hcPartyId, keys.join(','))\n }\n\n modifyHealthElement(body?: HealthElement): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n modifyHealthElementWithUser(user: models.User, body?: HealthElement): Promise<HealthElement | any> {\n return body ? this.modifyHealthElementAs(this.dataOwnerApi.getDataOwnerIdOf(user), body) : Promise.resolve(null)\n }\n private modifyHealthElementAs(dataOwner: string, body: HealthElement): Promise<HealthElement> {\n return this.encryptAs(dataOwner, [_.cloneDeep(body)])\n .then((hes) => super.modifyHealthElement(hes[0]))\n .then((he) => this.decrypt(dataOwner, [he]))\n .then((hes) => hes[0])\n }\n\n modifyHealthElements(body?: Array<HealthElement>): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n modifyHealthElementsWithUser(user: models.User, bodies?: HealthElement[]): Promise<HealthElement[] | any> {\n return bodies\n ? this.encrypt(\n user,\n bodies.map((c) => _.cloneDeep(c))\n )\n .then((hes) => super.modifyHealthElements(hes))\n .then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n : Promise.resolve(null)\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all helements with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the helements of the patient.\n *\n * @param hcpartyId\n * @param patient (Promise)\n * @param keepObsoleteVersions\n * @param usingPost\n */\n\n findBy(hcpartyId: string, patient: models.Patient, keepObsoleteVersions = false, usingPost = false) {\n return this.crypto.xapi\n .secretIdsForHcpHierarchyOf({ entity: patient, type: 'Patient' })\n .then((secretForeignKeys) =>\n secretForeignKeys && secretForeignKeys.length > 0\n ? Promise.all(\n secretForeignKeys\n .reduce((acc, level) => {\n return acc.concat([\n {\n hcpartyId: level.ownerId,\n extractedKeys: level.extracted.filter((key) => !acc.some((previousLevel) => previousLevel.extractedKeys.includes(key))),\n },\n ])\n }, [] as Array<{ hcpartyId: string; extractedKeys: Array<string> }>)\n .filter((l) => l.extractedKeys.length > 0)\n .map(({ hcpartyId, extractedKeys }) =>\n usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId, _.uniq(extractedKeys).join(','))\n )\n ).then((results) => _.uniqBy(_.flatMap(results), (x) => x.id))\n : Promise.resolve([])\n )\n .then((decryptedHelements: Array<models.HealthElement>) => {\n const byIds: { [key: string]: models.HealthElement } = {}\n\n if (keepObsoleteVersions) {\n return decryptedHelements\n } else {\n decryptedHelements.forEach((he) => {\n if (he.healthElementId) {\n const phe = byIds[he.healthElementId]\n if (!phe || !phe.modified || (he.modified && phe.modified < he.modified)) {\n byIds[he.healthElementId] = he\n }\n }\n })\n return _.values(byIds).filter((s: any) => !s.endOfLife)\n }\n })\n }\n\n findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<Array<models.Contact> | any> {\n return super.findHealthElementsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys).then((helements) => this.decrypt(hcPartyId, helements))\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<models.Contact> | any> {\n return super\n .findHealthElementsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys)\n .then((helements) => this.decrypt(hcPartyId, helements))\n }\n\n encrypt(user: models.User, healthElements: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user), healthElements)\n }\n\n private encryptAs(owner: string, healthElements: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return Promise.all(\n healthElements.map((he) =>\n this.crypto.xapi.tryEncryptEntity(he, 'HealthElement', this.encryptedFields, false, false, (x) => new models.HealthElement(x))\n )\n )\n }\n\n decryptWithUser(user: models.User, hes: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes)\n }\n\n decrypt(dataOwnerId: string, hes: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return Promise.all(\n hes.map((he) => this.crypto.xapi.decryptEntity(he, 'HealthElement', (x) => new models.HealthElement(x)).then(({ entity }) => entity))\n )\n }\n\n filterHealthElementsBy(startDocumentId?: string, limit?: number, body?: FilterChainHealthElement): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n filterByWithUser(\n user: models.User,\n startDocumentId?: string,\n limit?: number,\n body?: FilterChainHealthElement\n ): Promise<PaginatedListHealthElement> {\n return super\n .filterHealthElementsBy(startDocumentId, limit, body)\n .then((pl) => this.decryptWithUser(user, pl.rows!).then((dr) => Object.assign(pl, { rows: dr })))\n }\n\n // noinspection JSUnusedGlobalSymbols\n serviceToHealthElement(user: models.User, patient: models.Patient, heSvc: models.Service, descr: string) {\n return this.newInstance(user, patient, {\n idService: heSvc.id,\n author: heSvc.author,\n responsible: heSvc.responsible,\n openingDate: heSvc.valueDate || heSvc.openingDate,\n descr: descr,\n idOpeningContact: heSvc.contactId,\n modified: heSvc.modified,\n created: heSvc.created,\n codes: heSvc.codes,\n tags: heSvc.tags,\n }).then((he) => {\n return this.createHealthElement(he)\n })\n }\n\n // noinspection JSUnusedGlobalSymbols, JSMethodCanBeStatic\n stringToCode(code: string) {\n const c = code.split('|')\n return new models.Code({\n type: c[0],\n code: c[1],\n version: c[2],\n id: code,\n })\n }\n\n /**\n * @param healthElement a health element\n * @return the id of the patient that the health element refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(healthElement: models.HealthElement): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: healthElement, type: 'HealthElement' }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given health element\n */\n async hasWriteAccess(healthElement: models.HealthElement): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: healthElement, type: 'HealthElement' })\n }\n\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the health element.\n * @param healthElement the health element to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n healthElement: models.HealthElement,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.HealthElement> {\n return this.shareWithMany(healthElement, { [delegateId]: options })\n }\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the health element.\n * @param healthElement the health element to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n healthElement: models.HealthElement,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.HealthElement> {\n return (await this.tryShareWithMany(healthElement, delegates)).updatedEntityOrThrow\n }\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param healthElement the health element to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n healthElement: models.HealthElement,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.HealthElement>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(healthElement, 'HealthElement')\n const updatedEntity = entityWithEncryptionKey ? await this.modifyHealthElementAs(self, entityWithEncryptionKey) : healthElement\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: 'HealthElement' },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareHealthElements(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.HealthElement\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: 'HealthElement' })\n }\n\n getEncryptionKeysOf(entity: models.HealthElement): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: 'HealthElement' }, undefined)\n }\n\n async subscribeToHealthElementEvents(\n eventTypes: ('CREATE' | 'UPDATE' | 'DELETE')[],\n filter: AbstractFilter<HealthElement> | undefined,\n eventFired: (healthElement: HealthElement) => Promise<void>,\n options: SubscriptionOptions = {}\n ): Promise<Connection> {\n const currentUser = await this.userApi.getCurrentUser()\n\n return await subscribeToEntityEvents(\n this.host,\n this.authApi,\n 'HealthElement',\n eventTypes,\n filter,\n eventFired,\n options,\n async (encrypted) => (await this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(currentUser), [encrypted]))[0]\n ).then((rs) => new ConnectionImpl(rs))\n }\n\n createDelegationDeAnonymizationMetadata(entity: HealthElement, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: 'HealthElement' }, delegates)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-helement-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-helement-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAuD;AAGvD,kDAAiD;AAEjD,4BAA2B;AAC3B,iCAAgC;AAIhC,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAOzD,mCAAmJ;AAGnJ,4DAAwE;AAExE,MAAa,eAAgB,SAAQ,wBAAc;IAGjD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,aAAa,CAAC,CAAC,CAAA;IACnJ,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,OAAoB,EACpB,OAAmB,EACnB,cAAuB,EACxC,gBAA+B,CAAC,OAAO,EAAE,MAAM,CAAC,EAChD,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAbtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,YAAO,GAAP,OAAO,CAAa;QACpB,YAAO,GAAP,OAAO,CAAY;QACnB,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,gBAAgB,CAAC,CAAA;IAC9E,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAII,EAAE;;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,QAAQ,mCACT,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,yCAAyC,EAChD,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,eAAe,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,eAAe,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAC1E,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAC3E,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GACP,MAAA,OAAO,CAAC,YAAY,mCACpB,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY;gBACpB,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,uBAAuB,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC;gBACzH,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;YACtI,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,qBAAqB,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,KAAK,EAAE,CAAC,CAAA;YACrI,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,YAAY;gBACtB,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CACtF,QAAQ,EACR,oCAA4B,CAAC,aAAa,EAC1C,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,KAAK,EACL,gBAAgB,CACjB,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,aAAa,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAA;;KAClE;IAED,mBAAmB,CAAC,IAA2B;QAC7C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,2BAA2B,CAAC,IAAiB,EAAE,IAA2B;QACxE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAChD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,oBAAoB,CAAC,IAA2B;QAC9C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,4BAA4B,CAAC,IAAiB,EAAE,MAA+B;QAC7E,OAAO,MAAM;YACX,CAAC,CAAC,IAAI,CAAC,OAAO,CACV,IAAI,EACJ,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAClC;iBACE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAC/E,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,gBAAgB,CAAC,eAAuB;QACtC,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,wBAAwB,CAAC,IAAiB,EAAE,eAAuB;QACjE,OAAO,KAAK;aACT,gBAAgB,CAAC,eAAe,CAAC;aACjC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,iBAAiB,CAAC,IAAuB;QACvC,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,yBAAyB,CAAC,IAAiB,EAAE,IAAuB;QAClE,OAAO,KAAK,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC,CAAA;IACjH,CAAC;IAED,2BAA2B,CAAC,eAAuB,EAAE,IAA+B;QAClF,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,mCAAmC,CAAC,IAAiB,EAAE,eAAuB,EAAE,IAA+B;QAC7G,OAAO,KAAK;aACT,2BAA2B,CAAC,eAAe,EAAE,IAAI,CAAC;aAClD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC9C,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IACxB,CAAC;IAED,6CAA6C,CAAC,SAAiB,EAAE,WAAmB;QAClF,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,qDAAqD,CAAC,IAAiB,EAAE,SAAiB,EAAE,WAAmB;QAC7G,OAAO,KAAK,CAAC,6CAA6C,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;IACnI,CAAC;IAED,0DAA0D,CAAC,IAAiB,EAAE,SAAiB,EAAE,WAAqB;QACpH,OAAO,KAAK,CAAC,sDAAsD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAA;IAC5I,CAAC;IAEK,6CAA6C,CACjD,IAAiB,EACjB,SAAiB,EACjB,OAAuB,EACvB,YAAqB,KAAK;;;YAE1B,IAAI,gBAAgB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAA;YACzI,MAAM,IAAI,GAAG,MAAA,gBAAgB,CAAC,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,IAAI,SAAS,CAAC,0CAAE,SAAS,CAAA;YAC5G,IAAI,IAAI,IAAI,SAAS,EAAE;gBACrB,MAAM,KAAK,CAAC,wBAAwB,CAAC,CAAA;aACtC;YACD,OAAO,SAAS;gBACd,CAAC,CAAC,IAAI,CAAC,0DAA0D,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC;gBACxF,CAAC,CAAC,IAAI,CAAC,qDAAqD,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;;KAChG;IAED,mBAAmB,CAAC,IAAoB;QACtC,MAAM,IAAI,KAAK,CAAC,6FAA6F,CAAC,CAAA;IAChH,CAAC;IAED,2BAA2B,CAAC,IAAiB,EAAE,IAAoB;QACjE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAClH,CAAC;IACO,qBAAqB,CAAC,SAAiB,EAAE,IAAmB;QAClE,OAAO,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;aAClD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;aAChD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,oBAAoB,CAAC,IAA2B;QAC9C,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,4BAA4B,CAAC,IAAiB,EAAE,MAAwB;QACtE,OAAO,MAAM;YACX,CAAC,CAAC,IAAI,CAAC,OAAO,CACV,IAAI,EACJ,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAClC;iBACE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;YAC/E,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IAEH,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,oBAAoB,GAAG,KAAK,EAAE,SAAS,GAAG,KAAK;QAChG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;aACpB,0BAA0B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC;aAC3F,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE,CAC1B,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC;YAC/C,CAAC,CAAC,OAAO,CAAC,GAAG,CACT,iBAAiB;iBACd,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;gBACrB,OAAO,GAAG,CAAC,MAAM,CAAC;oBAChB;wBACE,SAAS,EAAE,KAAK,CAAC,OAAO;wBACxB,aAAa,EAAE,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,aAAa,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;qBACxH;iBACF,CAAC,CAAA;YACJ,CAAC,EAAE,EAAgE,CAAC;iBACnE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;iBACzC,GAAG,CAAC,CAAC,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,EAAE,CACpC,SAAS;gBACP,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gBAC7E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CACrF,CACJ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAChE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CACxB;aACA,IAAI,CAAC,CAAC,kBAA+C,EAAE,EAAE;YACxD,MAAM,KAAK,GAA4C,EAAE,CAAA;YAEzD,IAAI,oBAAoB,EAAE;gBACxB,OAAO,kBAAkB,CAAA;aAC1B;iBAAM;gBACL,kBAAkB,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;oBAChC,IAAI,EAAE,CAAC,eAAe,EAAE;wBACtB,MAAM,GAAG,GAAG,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,CAAA;wBACrC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,EAAE,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE;4BACxE,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,EAAE,CAAA;yBAC/B;qBACF;gBACH,CAAC,CAAC,CAAA;gBACF,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;aACxD;QACH,CAAC,CAAC,CAAA;IACN,CAAC;IAED,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;QACpE,OAAO,KAAK,CAAC,6CAA6C,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;IAC5I,CAAC;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK;aACT,sDAAsD,CAAC,SAAS,EAAE,WAAW,CAAC;aAC9E,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;IAC5D,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,cAA2C;QACpE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,cAAc,CAAC,CAAA;IACjF,CAAC;IAEO,SAAS,CAAC,KAAa,EAAE,cAA2C;QAC1E,OAAO,OAAO,CAAC,GAAG,CAChB,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CACxB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAC/B,EAAE,EACF,oCAA4B,CAAC,aAAa,EAC1C,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CACnC,CACF,CACF,CAAA;IACH,CAAC;IAED,eAAe,CAAC,IAAiB,EAAE,GAAgC;QACjE,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC,CAAA;IACpE,CAAC;IAED,OAAO,CAAC,WAAmB,EAAE,GAAgC;QAC3D,OAAO,OAAO,CAAC,GAAG,CAChB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CACb,IAAI,CAAC,MAAM,CAAC,IAAI;aACb,aAAa,CAAC,EAAE,EAAE,oCAA4B,CAAC,aAAa,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;aACjG,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAChC,CACF,CAAA;IACH,CAAC;IAED,sBAAsB,CAAC,eAAwB,EAAE,KAAc,EAAE,IAA+B;QAC9F,MAAM,IAAI,KAAK,CAAC,8FAA8F,CAAC,CAAA;IACjH,CAAC;IAED,gBAAgB,CACd,IAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,IAA+B;QAE/B,OAAO,KAAK;aACT,sBAAsB,CAAC,eAAe,EAAE,KAAK,EAAE,IAAI,CAAC;aACpD,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,EAAE,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAA;IACrG,CAAC;IAED,qCAAqC;IACrC,sBAAsB,CAAC,IAAiB,EAAE,OAAuB,EAAE,KAAqB,EAAE,KAAa;QACrG,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE;YACrC,SAAS,EAAE,KAAK,CAAC,EAAE;YACnB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,WAAW,EAAE,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,WAAW;YACjD,KAAK,EAAE,KAAK;YACZ,gBAAgB,EAAE,KAAK,CAAC,SAAS;YACjC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,IAAI,EAAE,KAAK,CAAC,IAAI;SACjB,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE;YACb,OAAO,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAA;QACrC,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,0DAA0D;IAC1D,YAAY,CAAC,IAAY;QACvB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACzB,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACV,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;YACb,EAAE,EAAE,IAAI;SACT,CAAC,CAAA;IACJ,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,aAAmC;;YAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,EAAE,SAAS,CAAC,CAAA;QACnI,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,aAAmC;;YACtD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,CAAC,CAAA;QACrH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,aAAmC,EACnC,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACrE,CAAC;KAAA;IACD;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,aAAmC,EACnC,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACrF,CAAC;KAAA;IACD;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,aAAmC,EACnC,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,aAAa,EAAE,oCAA4B,CAAC,aAAa,CAAC,CAAA;YACjJ,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,aAAa,CAAA;YAC/H,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,EAC3E,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC,CACvC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAA4B;QAE5B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,CAAC,CAAA;IACvI,CAAC;IAED,mBAAmB,CAAC,MAA4B;QAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,EAAE,SAAS,CAAC,CAAA;IACnH,CAAC;IAEK,8BAA8B,CAClC,UAA8C,EAC9C,MAAiD,EACjD,UAA2D,EAC3D,UAA+B,EAAE;;YAEjC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAEvD,OAAO,MAAM,IAAA,+BAAuB,EAClC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ,oCAA4B,CAAC,aAAa,EAC1C,UAAU,EACV,MAAM,EACN,UAAU,EACV,OAAO,EACP,CAAO,SAAS,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,GAAA,CAC3G,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,2BAAc,CAAC,EAAE,CAAC,CAAC,CAAA;QACxC,CAAC;KAAA;IAED,uCAAuC,CAAC,MAAqB,EAAE,SAAmB;QAChF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,aAAa,EAAE,EAC5D,SAAS,CACV,CAAA;IACH,CAAC;CACF;AAhgBD,0CAggBC","sourcesContent":["import { IccAuthApi, IccHelementApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as models from '../icc-api/model/models'\n\nimport * as _ from 'lodash'\nimport * as moment from 'moment'\nimport { a2b, b2a, hex2ua, string2ua, ua2utf8, utf8_2ua } from './utils/binary-utils'\nimport { FilterChainHealthElement, HealthElement, PaginatedListHealthElement } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { IccUserXApi } from './icc-user-x-api'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields, subscribeToEntityEvents, SubscriptionOptions } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { AbstractFilter } from './filters/filters'\nimport { Connection, ConnectionImpl } from '../icc-api/model/Connection'\n\nexport class IccHelementXApi extends IccHelementApi implements EncryptedEntityXApi<models.HealthElement> {\n private readonly encryptedFields: EncryptedFieldsManifest\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.HealthElement))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly userApi: IccUserXApi,\n private readonly authApi: IccAuthApi,\n private readonly autofillAuthor: boolean,\n encryptedKeys: Array<string> = ['descr', 'note'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'HealthElement.')\n }\n\n /**\n * Creates a new instance of health element with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this health element refers to.\n * @param h initialised data for the health element. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the health element. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy if the confidential is set to false, else a secret id that\n * the data owner did not share with any of his parents.\n * - confidential: if true, the entity will be created as confidential. Confidential entities are not shared with auto-delegations, and the default\n * foreign key used is any key that is not shared with any of the data owner parents. By default entities are created as non-confidential.\n * @return a new instance of health element.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n confidential?: boolean\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const helement = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.HealthElement',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n healthElementId: h?.healthElementId ?? this.crypto.primitives.randomUuid(),\n openingDate: h?.openingDate ?? parseInt(moment().format('YYYYMMDDHHmmss')),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk =\n options.preferredSfk ??\n (options?.confidential\n ? await this.crypto.confidential.getConfidentialSecretId({ entity: patient, type: EntityWithDelegationTypeName.Patient })\n : await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: EntityWithDelegationTypeName.Patient }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id} for confidential=${options?.confidential ?? false}`)\n const extraDelegations = {\n ...(options.confidential\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n )),\n ...(options?.additionalDelegates ?? {}),\n }\n const initialisationInfo = await this.crypto.xapi.entityWithInitialisedEncryptedMetadata(\n helement,\n EntityWithDelegationTypeName.HealthElement,\n patient.id,\n sfk,\n true,\n false,\n extraDelegations\n )\n return new models.HealthElement(initialisationInfo.updatedEntity)\n }\n\n createHealthElement(body?: models.HealthElement): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n createHealthElementWithUser(user: models.User, body?: models.HealthElement): Promise<models.HealthElement | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((hes) => super.createHealthElement(hes[0]))\n .then((he) => this.decryptWithUser(user, [he]))\n .then((hes) => hes[0])\n : Promise.resolve(null)\n }\n\n createHealthElements(body?: Array<HealthElement>): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n createHealthElementsWithUser(user: models.User, bodies?: models.HealthElement[]): Promise<models.HealthElement[] | any> {\n return bodies\n ? this.encrypt(\n user,\n bodies.map((c) => _.cloneDeep(c))\n )\n .then((hes) => super.createHealthElements(hes))\n .then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n : Promise.resolve(null)\n }\n\n getHealthElement(healthElementId: string): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n getHealthElementWithUser(user: models.User, healthElementId: string): Promise<models.HealthElement> {\n return super\n .getHealthElement(healthElementId)\n .then((he) => this.decryptWithUser(user, [he]))\n .then((hes) => hes[0])\n }\n\n getHealthElements(body?: models.ListOfIds): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n getHealthElementsWithUser(user: models.User, body?: models.ListOfIds): Promise<models.HealthElement[]> {\n return super.getHealthElements(body).then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n }\n\n newHealthElementDelegations(healthElementId: string, body?: Array<models.Delegation>): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n newHealthElementDelegationsWithUser(user: models.User, healthElementId: string, body?: Array<models.Delegation>): Promise<models.HealthElement> {\n return super\n .newHealthElementDelegations(healthElementId, body)\n .then((he) => this.decryptWithUser(user, [he]))\n .then((he) => he[0])\n }\n\n findHealthElementsByHCPartyPatientForeignKeys(hcPartyId: string, secretFKeys: string): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n findHealthElementsByHCPartyPatientForeignKeysWithUser(user: models.User, hcPartyId: string, secretFKeys: string): Promise<HealthElement[]> {\n return super.findHealthElementsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys).then((hes) => this.decryptWithUser(user, hes))\n }\n\n findHealthElementsByHCPartyPatientForeignKeysArrayWithUser(user: models.User, hcPartyId: string, secretFKeys: string[]): Promise<HealthElement[]> {\n return super.findHealthElementsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((hes) => this.decryptWithUser(user, hes))\n }\n\n async findHealthElementsByHCPartyAndPatientWithUser(\n user: models.User,\n hcPartyId: string,\n patient: models.Patient,\n usingPost: boolean = false\n ): Promise<models.HealthElement[]> {\n let keysAndHcPartyId = await this.crypto.xapi.secretIdsForHcpHierarchyOf({ entity: patient, type: EntityWithDelegationTypeName.Patient })\n const keys = keysAndHcPartyId.find((secretForeignKeys) => secretForeignKeys.ownerId == hcPartyId)?.extracted\n if (keys == undefined) {\n throw Error('No delegation for user')\n }\n return usingPost\n ? this.findHealthElementsByHCPartyPatientForeignKeysArrayWithUser(user, hcPartyId, keys)\n : this.findHealthElementsByHCPartyPatientForeignKeysWithUser(user, hcPartyId, keys.join(','))\n }\n\n modifyHealthElement(body?: HealthElement): never {\n throw new Error('Cannot call a method that returns health element without providing a user for de/encryption')\n }\n\n modifyHealthElementWithUser(user: models.User, body?: HealthElement): Promise<HealthElement | any> {\n return body ? this.modifyHealthElementAs(this.dataOwnerApi.getDataOwnerIdOf(user), body) : Promise.resolve(null)\n }\n private modifyHealthElementAs(dataOwner: string, body: HealthElement): Promise<HealthElement> {\n return this.encryptAs(dataOwner, [_.cloneDeep(body)])\n .then((hes) => super.modifyHealthElement(hes[0]))\n .then((he) => this.decrypt(dataOwner, [he]))\n .then((hes) => hes[0])\n }\n\n modifyHealthElements(body?: Array<HealthElement>): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n modifyHealthElementsWithUser(user: models.User, bodies?: HealthElement[]): Promise<HealthElement[] | any> {\n return bodies\n ? this.encrypt(\n user,\n bodies.map((c) => _.cloneDeep(c))\n )\n .then((hes) => super.modifyHealthElements(hes))\n .then((hes) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes))\n : Promise.resolve(null)\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all helements with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the helements of the patient.\n *\n * @param hcpartyId\n * @param patient (Promise)\n * @param keepObsoleteVersions\n * @param usingPost\n */\n\n findBy(hcpartyId: string, patient: models.Patient, keepObsoleteVersions = false, usingPost = false) {\n return this.crypto.xapi\n .secretIdsForHcpHierarchyOf({ entity: patient, type: EntityWithDelegationTypeName.Patient })\n .then((secretForeignKeys) =>\n secretForeignKeys && secretForeignKeys.length > 0\n ? Promise.all(\n secretForeignKeys\n .reduce((acc, level) => {\n return acc.concat([\n {\n hcpartyId: level.ownerId,\n extractedKeys: level.extracted.filter((key) => !acc.some((previousLevel) => previousLevel.extractedKeys.includes(key))),\n },\n ])\n }, [] as Array<{ hcpartyId: string; extractedKeys: Array<string> }>)\n .filter((l) => l.extractedKeys.length > 0)\n .map(({ hcpartyId, extractedKeys }) =>\n usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId, _.uniq(extractedKeys).join(','))\n )\n ).then((results) => _.uniqBy(_.flatMap(results), (x) => x.id))\n : Promise.resolve([])\n )\n .then((decryptedHelements: Array<models.HealthElement>) => {\n const byIds: { [key: string]: models.HealthElement } = {}\n\n if (keepObsoleteVersions) {\n return decryptedHelements\n } else {\n decryptedHelements.forEach((he) => {\n if (he.healthElementId) {\n const phe = byIds[he.healthElementId]\n if (!phe || !phe.modified || (he.modified && phe.modified < he.modified)) {\n byIds[he.healthElementId] = he\n }\n }\n })\n return _.values(byIds).filter((s: any) => !s.endOfLife)\n }\n })\n }\n\n findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<Array<models.Contact> | any> {\n return super.findHealthElementsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys).then((helements) => this.decrypt(hcPartyId, helements))\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<models.Contact> | any> {\n return super\n .findHealthElementsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys)\n .then((helements) => this.decrypt(hcPartyId, helements))\n }\n\n encrypt(user: models.User, healthElements: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user), healthElements)\n }\n\n private encryptAs(owner: string, healthElements: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return Promise.all(\n healthElements.map((he) =>\n this.crypto.xapi.tryEncryptEntity(\n he,\n EntityWithDelegationTypeName.HealthElement,\n this.encryptedFields,\n false,\n false,\n (x) => new models.HealthElement(x)\n )\n )\n )\n }\n\n decryptWithUser(user: models.User, hes: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), hes)\n }\n\n decrypt(dataOwnerId: string, hes: Array<models.HealthElement>): Promise<Array<models.HealthElement>> {\n return Promise.all(\n hes.map((he) =>\n this.crypto.xapi\n .decryptEntity(he, EntityWithDelegationTypeName.HealthElement, (x) => new models.HealthElement(x))\n .then(({ entity }) => entity)\n )\n )\n }\n\n filterHealthElementsBy(startDocumentId?: string, limit?: number, body?: FilterChainHealthElement): never {\n throw new Error('Cannot call a method that returns health elements without providing a user for de/encryption')\n }\n\n filterByWithUser(\n user: models.User,\n startDocumentId?: string,\n limit?: number,\n body?: FilterChainHealthElement\n ): Promise<PaginatedListHealthElement> {\n return super\n .filterHealthElementsBy(startDocumentId, limit, body)\n .then((pl) => this.decryptWithUser(user, pl.rows!).then((dr) => Object.assign(pl, { rows: dr })))\n }\n\n // noinspection JSUnusedGlobalSymbols\n serviceToHealthElement(user: models.User, patient: models.Patient, heSvc: models.Service, descr: string) {\n return this.newInstance(user, patient, {\n idService: heSvc.id,\n author: heSvc.author,\n responsible: heSvc.responsible,\n openingDate: heSvc.valueDate || heSvc.openingDate,\n descr: descr,\n idOpeningContact: heSvc.contactId,\n modified: heSvc.modified,\n created: heSvc.created,\n codes: heSvc.codes,\n tags: heSvc.tags,\n }).then((he) => {\n return this.createHealthElement(he)\n })\n }\n\n // noinspection JSUnusedGlobalSymbols, JSMethodCanBeStatic\n stringToCode(code: string) {\n const c = code.split('|')\n return new models.Code({\n type: c[0],\n code: c[1],\n version: c[2],\n id: code,\n })\n }\n\n /**\n * @param healthElement a health element\n * @return the id of the patient that the health element refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(healthElement: models.HealthElement): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: healthElement, type: EntityWithDelegationTypeName.HealthElement }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given health element\n */\n async hasWriteAccess(healthElement: models.HealthElement): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: healthElement, type: EntityWithDelegationTypeName.HealthElement })\n }\n\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the health element.\n * @param healthElement the health element to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n healthElement: models.HealthElement,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.HealthElement> {\n return this.shareWithMany(healthElement, { [delegateId]: options })\n }\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the health element.\n * @param healthElement the health element to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n healthElement: models.HealthElement,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.HealthElement> {\n return (await this.tryShareWithMany(healthElement, delegates)).updatedEntityOrThrow\n }\n /**\n * Share an existing health element with other data owners, allowing them to access the non-encrypted data of the health element and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param healthElement the health element to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * health element does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this health element refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n healthElement: models.HealthElement,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.HealthElement>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(healthElement, EntityWithDelegationTypeName.HealthElement)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyHealthElementAs(self, entityWithEncryptionKey) : healthElement\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: EntityWithDelegationTypeName.HealthElement },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareHealthElements(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.HealthElement\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.HealthElement })\n }\n\n getEncryptionKeysOf(entity: models.HealthElement): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.HealthElement }, undefined)\n }\n\n async subscribeToHealthElementEvents(\n eventTypes: ('CREATE' | 'UPDATE' | 'DELETE')[],\n filter: AbstractFilter<HealthElement> | undefined,\n eventFired: (healthElement: HealthElement) => Promise<void>,\n options: SubscriptionOptions = {}\n ): Promise<Connection> {\n const currentUser = await this.userApi.getCurrentUser()\n\n return await subscribeToEntityEvents(\n this.host,\n this.authApi,\n EntityWithDelegationTypeName.HealthElement,\n eventTypes,\n filter,\n eventFired,\n options,\n async (encrypted) => (await this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(currentUser), [encrypted]))[0]\n ).then((rs) => new ConnectionImpl(rs))\n }\n\n createDelegationDeAnonymizationMetadata(entity: HealthElement, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.HealthElement },\n delegates\n )\n }\n}\n"]}
|
|
@@ -19,6 +19,7 @@ const KeyPairUpdateRequest_1 = require("./maintenance/KeyPairUpdateRequest");
|
|
|
19
19
|
const SecureDelegation_1 = require("../icc-api/model/SecureDelegation");
|
|
20
20
|
const DataOwnerTypeEnum_1 = require("../icc-api/model/DataOwnerTypeEnum");
|
|
21
21
|
var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
|
|
22
|
+
const utils_2 = require("./crypto/utils");
|
|
22
23
|
/**
|
|
23
24
|
* Api for interpreting maintenance tasks and applying required client-side actions.
|
|
24
25
|
*/
|
|
@@ -64,7 +65,7 @@ class IccIcureMaintenanceXApi {
|
|
|
64
65
|
}
|
|
65
66
|
}
|
|
66
67
|
const hexNewPubKey = (0, utils_1.ua2hex)(yield this.crypto.primitives.RSA.exportKey(keypair.publicKey, 'spki'));
|
|
67
|
-
const hexNewPubKeyFp =
|
|
68
|
+
const hexNewPubKeyFp = (0, utils_2.fingerprintV1)(hexNewPubKey);
|
|
68
69
|
const selfId = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
69
70
|
const requestDataOwnersForExchangeKeys = (yield this.getExchangeKeysInfosOf(selfId, requestToOwnerTypes))
|
|
70
71
|
.filter((info) => !info.fingerprints.has(hexNewPubKeyFp))
|
|
@@ -95,12 +96,12 @@ class IccIcureMaintenanceXApi {
|
|
|
95
96
|
const infoTo = Object.entries(allExchangeKeys.keysToOwner).flatMap(([delegatorId, delegatorFpToKeys]) => Object.values(delegatorFpToKeys).map((encryptedKeys) => ({
|
|
96
97
|
delegator: delegatorId,
|
|
97
98
|
delegate: dataOwnerId,
|
|
98
|
-
fingerprints: new Set(Object.keys(encryptedKeys).map((x) =>
|
|
99
|
+
fingerprints: new Set(Object.keys(encryptedKeys).map((x) => (0, utils_2.fingerprintV1)(x))),
|
|
99
100
|
})));
|
|
100
101
|
const infoFrom = Object.values(allExchangeKeys.keysFromOwner).flatMap((delegateIdToKeys) => Object.entries(delegateIdToKeys).map(([delegateId, encryptedKeys]) => ({
|
|
101
102
|
delegator: dataOwnerId,
|
|
102
103
|
delegate: delegateId,
|
|
103
|
-
fingerprints: new Set(Object.keys(encryptedKeys).map((x) =>
|
|
104
|
+
fingerprints: new Set(Object.keys(encryptedKeys).map((x) => (0, utils_2.fingerprintV1)(x))),
|
|
104
105
|
})));
|
|
105
106
|
return [...infoFrom, ...infoTo];
|
|
106
107
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-icure-maintenance-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-icure-maintenance-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,sEAAkE;AAClE,mCAAgC;AAChC,gEAA4D;AAC5D,wEAAoE;AACpE,wEAAoE;AAEpE,6EAAyE;AAGzE,wEAAoE;AAEpE,0EAAsE;AACtE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD;;GAEG;AACH,MAAa,uBAAuB;IAClC,YACmB,MAAqB,EACrB,QAAgC,EAChC,YAA8B,EAC9B,eAAmC;QAHnC,WAAM,GAAN,MAAM,CAAe;QACrB,aAAQ,GAAR,QAAQ,CAAwB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,oBAAe,GAAf,eAAe,CAAoB;IACnD,CAAC;IAEJ,iEAAiE;IAEjE;;;;;OAKG;IACG,kBAAkB,CAAC,MAA4B;;YACnD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAClD,MAAM,CAAC,oBAAoB,EAC3B,MAAM,CAAC,YAAY,EACnB,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAChD,CAAA;YACD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QACnG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,mCAAmC,CAAC,IAAU,EAAE,OAA2B,EAAE,mBAAyC;;YAC1H,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAA;YACzE,IAAI,CAAC,mBAAmB,EAAE;gBACxB,IAAI,eAAe,KAAK,QAAQ,EAAE;oBAChC,OAAO,CAAC,IAAI,CAAC,sGAAsG,CAAC,CAAA;oBACpH,OAAM;iBACP;qBAAM;oBACL,mBAAmB;wBACjB,eAAe,KAAK,qCAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO,EAAE,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAA;iBAC/H;aACF;YACD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAClG,MAAM,cAAc,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;YAC9C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gCAAgC,GAAG,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;iBACtG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;iBACxD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;iBAClD,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,MAAM,CAAC,CAAA;YAC9C,MAAM,gCAAgC,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,sCAAsC,CACxG,MAAM,EACN,CAAC,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAC5C,CAAA;YACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gCAAgC,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAA;YAClH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,MAAM,aAAa,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBAC1D,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,CAAC;iBACvD,CAAC,CAAC,CAAA;gBACH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;oBACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,EAAE;wBACxE,mBAAmB,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,eAAe,CAAC,KAAK,EAAE;qBACxE,CAAC,CAAA;oBACF,IAAI,QAAQ,EAAE;wBACZ,sBAAsB;wBACtB,MAAM,IAAI,CAAC,QAAQ,CAAC,6BAA6B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;qBAClE;iBACF;aACF;QACH,CAAC;KAAA;IAEa,sBAAsB,CAAC,WAAmB,EAAE,eAAoC;;YAC5F,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,CACtG,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;gBACvD,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,WAAW;gBACrB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,EAAE,CACzF,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrE,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;aAC3E,CAAC,CAAC,CACJ,CAAA;YACD,OAAO,CAAC,GAAG,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;QACjC,CAAC;KAAA;IAEO,qBAAqB,CAAC,OAAe,EAAE,eAAuB;QACpE,OAAO,IAAI,iCAAe,CAAC;YACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;YACvC,QAAQ,EAAE,2CAAoB,CAAC,SAAS;YACxC,MAAM,EAAE,iCAAe,CAAC,UAAU,CAAC,OAAO;YAC1C,UAAU,EAAE;gBACV,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,gBAAgB;oBACzC,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,OAAO;qBACrB,CAAC;iBACH,CAAC;gBACF,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,iBAAiB;oBAC1C,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,eAAe;qBAC7B,CAAC;iBACH,CAAC;aACH;SACF,CAAC,CAAA;IACJ,CAAC;CACF;AArHD,0DAqHC","sourcesContent":["import { KeyPair } from './crypto/RSA'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { MaintenanceTask } from '../icc-api/model/MaintenanceTask'\nimport { ua2hex } from './utils'\nimport { PropertyStub } from '../icc-api/model/PropertyStub'\nimport { PropertyTypeStub } from '../icc-api/model/PropertyTypeStub'\nimport { TypedValueObject } from '../icc-api/model/TypedValueObject'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { KeyPairUpdateRequest } from './maintenance/KeyPairUpdateRequest'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { User } from '../icc-api/model/User'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\n\ntype ExchangeKeyInfo = { delegator: string; delegate: string; fingerprints: Set<string> }\n\n/**\n * Api for interpreting maintenance tasks and applying required client-side actions.\n */\nexport class IccIcureMaintenanceXApi {\n constructor(\n private readonly crypto: IccCryptoXApi,\n private readonly tasksApi: IccMaintenanceTaskXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly exchangeDataApi: IccExchangeDataApi\n ) {}\n\n // TODO api to get all tasks for current owner from owner with id\n\n /**\n * Applies a key pair update request between another data owner and the current data owner to allow the other data owner to access existing exchange\n * keys shared with the current data owner. IMPORTANT: it is your responsibility to verify the authenticity of the public key / update request\n * before calling this method: this method assumes the new public key for the concerned data owner is authentic.\n * @param update a keypair update request to the current data owner.\n */\n async applyKeyPairUpdate(update: KeyPairUpdateRequest) {\n await this.crypto.exchangeKeys.base.giveAccessBackTo(\n update.concernedDataOwnerId,\n update.newPublicKey,\n this.crypto.userKeysManager.getDecryptionKeys()\n )\n await this.crypto.exchangeData.giveAccessBackTo(update.concernedDataOwnerId, update.newPublicKey)\n }\n\n /**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates the necessary maintenance tasks to request access to existing exchange keys with the new key pair for the current user.\n * @param user the user which owns the new key pair.\n * @param keypair a new key pair for the current user.\n * @param requestToOwnerTypes specifies the types of data owner that have shared data with the current data owner or which were given access to data\n * from the current data owner will receive a 'give access back' request. If not specified, the value be inferred from the current data owner type.\n */\n async createMaintenanceTasksForNewKeypair(user: User, keypair: KeyPair<CryptoKey>, requestToOwnerTypes?: DataOwnerTypeEnum[]): Promise<void> {\n const currentUserType = await this.dataOwnerApi.getCurrentDataOwnerType()\n if (!requestToOwnerTypes) {\n if (currentUserType === 'device') {\n console.warn('Current data owner is a device and there is no need to create maintenance tasks for updated keypair.')\n return\n } else {\n requestToOwnerTypes =\n currentUserType === DataOwnerTypeEnum.Patient ? [DataOwnerTypeEnum.Patient, DataOwnerTypeEnum.Hcp] : [DataOwnerTypeEnum.Hcp]\n }\n }\n const hexNewPubKey = ua2hex(await this.crypto.primitives.RSA.exportKey(keypair.publicKey, 'spki'))\n const hexNewPubKeyFp = hexNewPubKey.slice(-32)\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const requestDataOwnersForExchangeKeys = (await this.getExchangeKeysInfosOf(selfId, requestToOwnerTypes))\n .filter((info) => !info.fingerprints.has(hexNewPubKeyFp))\n .flatMap((info) => [info.delegate, info.delegator])\n .filter((dataOwner) => dataOwner !== selfId)\n const requestDataOwnersForExchangeData = await this.exchangeDataApi.getExchangeDataParticipantCounterparts(\n selfId,\n [...new Set(requestToOwnerTypes)].join(',')\n )\n const requestDataOwners = [...new Set([...requestDataOwnersForExchangeKeys, ...requestDataOwnersForExchangeData])]\n if (requestDataOwners.length > 0) {\n const tasksToCreate = requestDataOwners.map((dataOwner) => ({\n delegate: dataOwner,\n task: this.createMaintenanceTask(selfId, hexNewPubKey),\n }))\n for (const taskToCreate of tasksToCreate) {\n const instance = await this.tasksApi.newInstance(user, taskToCreate.task, {\n additionalDelegates: { [taskToCreate.delegate]: AccessLevelEnum.WRITE },\n })\n if (instance) {\n // TODO create in bulk\n await this.tasksApi.createMaintenanceTaskWithUser(user, instance)\n }\n }\n }\n }\n\n private async getExchangeKeysInfosOf(dataOwnerId: string, otherOwnerTypes: DataOwnerTypeEnum[]): Promise<ExchangeKeyInfo[]> {\n const allExchangeKeys = await this.crypto.exchangeKeys.base.getAllExchangeKeysWith(dataOwnerId, otherOwnerTypes)\n const infoTo = Object.entries(allExchangeKeys.keysToOwner).flatMap(([delegatorId, delegatorFpToKeys]) =>\n Object.values(delegatorFpToKeys).map((encryptedKeys) => ({\n delegator: delegatorId,\n delegate: dataOwnerId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n const infoFrom = Object.values(allExchangeKeys.keysFromOwner).flatMap((delegateIdToKeys) =>\n Object.entries(delegateIdToKeys).map(([delegateId, encryptedKeys]) => ({\n delegator: dataOwnerId,\n delegate: delegateId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => x.slice(-32))),\n }))\n )\n return [...infoFrom, ...infoTo]\n }\n\n private createMaintenanceTask(ownerId: string, concernedPubKey: string) {\n return new MaintenanceTask({\n id: this.crypto.primitives.randomUuid(),\n taskType: KeyPairUpdateRequest.TASK_TYPE,\n status: MaintenanceTask.StatusEnum.Pending,\n properties: [\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_ID_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: ownerId,\n }),\n }),\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_PUB_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: concernedPubKey,\n }),\n }),\n ],\n })\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-icure-maintenance-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-icure-maintenance-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,sEAAkE;AAClE,mCAAgC;AAChC,gEAA4D;AAC5D,wEAAoE;AACpE,wEAAoE;AAEpE,6EAAyE;AAGzE,wEAAoE;AAEpE,0EAAsE;AACtE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AACzD,0CAA8C;AAI9C;;GAEG;AACH,MAAa,uBAAuB;IAClC,YACmB,MAAqB,EACrB,QAAgC,EAChC,YAA8B,EAC9B,eAAmC;QAHnC,WAAM,GAAN,MAAM,CAAe;QACrB,aAAQ,GAAR,QAAQ,CAAwB;QAChC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,oBAAe,GAAf,eAAe,CAAoB;IACnD,CAAC;IAEJ,iEAAiE;IAEjE;;;;;OAKG;IACG,kBAAkB,CAAC,MAA4B;;YACnD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,gBAAgB,CAClD,MAAM,CAAC,oBAAoB,EAC3B,MAAM,CAAC,YAAY,EACnB,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAChD,CAAA;YACD,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,oBAAoB,EAAE,MAAM,CAAC,YAAY,CAAC,CAAA;QACnG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,mCAAmC,CAAC,IAAU,EAAE,OAA2B,EAAE,mBAAyC;;YAC1H,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAA;YACzE,IAAI,CAAC,mBAAmB,EAAE;gBACxB,IAAI,eAAe,KAAK,QAAQ,EAAE;oBAChC,OAAO,CAAC,IAAI,CAAC,sGAAsG,CAAC,CAAA;oBACpH,OAAM;iBACP;qBAAM;oBACL,mBAAmB;wBACjB,eAAe,KAAK,qCAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,OAAO,EAAE,qCAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,qCAAiB,CAAC,GAAG,CAAC,CAAA;iBAC/H;aACF;YACD,MAAM,YAAY,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;YAClG,MAAM,cAAc,GAAG,IAAA,qBAAa,EAAC,YAAY,CAAC,CAAA;YAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gCAAgC,GAAG,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;iBACtG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;iBACxD,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;iBAClD,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,KAAK,MAAM,CAAC,CAAA;YAC9C,MAAM,gCAAgC,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,sCAAsC,CACxG,MAAM,EACN,CAAC,GAAG,IAAI,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAC5C,CAAA;YACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gCAAgC,EAAE,GAAG,gCAAgC,CAAC,CAAC,CAAC,CAAA;YAClH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAChC,MAAM,aAAa,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBAC1D,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,YAAY,CAAC;iBACvD,CAAC,CAAC,CAAA;gBACH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE;oBACxC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,EAAE;wBACxE,mBAAmB,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,eAAe,CAAC,KAAK,EAAE;qBACxE,CAAC,CAAA;oBACF,IAAI,QAAQ,EAAE;wBACZ,sBAAsB;wBACtB,MAAM,IAAI,CAAC,QAAQ,CAAC,6BAA6B,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;qBAClE;iBACF;aACF;QACH,CAAC;KAAA;IAEa,sBAAsB,CAAC,WAAmB,EAAE,eAAoC;;YAC5F,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,sBAAsB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAA;YAChH,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,CACtG,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;gBACvD,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,WAAW;gBACrB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,qBAAa,EAAC,CAAC,CAAC,CAAC,CAAC;aAC/E,CAAC,CAAC,CACJ,CAAA;YACD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,EAAE,CACzF,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,CAAC;gBACrE,SAAS,EAAE,WAAW;gBACtB,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,qBAAa,EAAC,CAAC,CAAC,CAAC,CAAC;aAC/E,CAAC,CAAC,CACJ,CAAA;YACD,OAAO,CAAC,GAAG,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAA;QACjC,CAAC;KAAA;IAEO,qBAAqB,CAAC,OAAe,EAAE,eAAuB;QACpE,OAAO,IAAI,iCAAe,CAAC;YACzB,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;YACvC,QAAQ,EAAE,2CAAoB,CAAC,SAAS;YACxC,MAAM,EAAE,iCAAe,CAAC,UAAU,CAAC,OAAO;YAC1C,UAAU,EAAE;gBACV,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,gBAAgB;oBACzC,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,OAAO;qBACrB,CAAC;iBACH,CAAC;gBACF,IAAI,2BAAY,CAAC;oBACf,EAAE,EAAE,2CAAoB,CAAC,iBAAiB;oBAC1C,IAAI,EAAE,IAAI,mCAAgB,CAAC,EAAE,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACtE,UAAU,EAAE,IAAI,mCAAgB,CAAC;wBAC/B,IAAI,EAAE,mCAAgB,CAAC,QAAQ,CAAC,MAAM;wBACtC,WAAW,EAAE,eAAe;qBAC7B,CAAC;iBACH,CAAC;aACH;SACF,CAAC,CAAA;IACJ,CAAC;CACF;AArHD,0DAqHC","sourcesContent":["import { KeyPair } from './crypto/RSA'\nimport { IccMaintenanceTaskXApi } from './icc-maintenance-task-x-api'\nimport { MaintenanceTask } from '../icc-api/model/MaintenanceTask'\nimport { ua2hex } from './utils'\nimport { PropertyStub } from '../icc-api/model/PropertyStub'\nimport { PropertyTypeStub } from '../icc-api/model/PropertyTypeStub'\nimport { TypedValueObject } from '../icc-api/model/TypedValueObject'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { KeyPairUpdateRequest } from './maintenance/KeyPairUpdateRequest'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { User } from '../icc-api/model/User'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { IccExchangeDataApi } from '../icc-api/api/internal/IccExchangeDataApi'\nimport { DataOwnerTypeEnum } from '../icc-api/model/DataOwnerTypeEnum'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { fingerprintV1 } from './crypto/utils'\n\ntype ExchangeKeyInfo = { delegator: string; delegate: string; fingerprints: Set<string> }\n\n/**\n * Api for interpreting maintenance tasks and applying required client-side actions.\n */\nexport class IccIcureMaintenanceXApi {\n constructor(\n private readonly crypto: IccCryptoXApi,\n private readonly tasksApi: IccMaintenanceTaskXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly exchangeDataApi: IccExchangeDataApi\n ) {}\n\n // TODO api to get all tasks for current owner from owner with id\n\n /**\n * Applies a key pair update request between another data owner and the current data owner to allow the other data owner to access existing exchange\n * keys shared with the current data owner. IMPORTANT: it is your responsibility to verify the authenticity of the public key / update request\n * before calling this method: this method assumes the new public key for the concerned data owner is authentic.\n * @param update a keypair update request to the current data owner.\n */\n async applyKeyPairUpdate(update: KeyPairUpdateRequest) {\n await this.crypto.exchangeKeys.base.giveAccessBackTo(\n update.concernedDataOwnerId,\n update.newPublicKey,\n this.crypto.userKeysManager.getDecryptionKeys()\n )\n await this.crypto.exchangeData.giveAccessBackTo(update.concernedDataOwnerId, update.newPublicKey)\n }\n\n /**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates the necessary maintenance tasks to request access to existing exchange keys with the new key pair for the current user.\n * @param user the user which owns the new key pair.\n * @param keypair a new key pair for the current user.\n * @param requestToOwnerTypes specifies the types of data owner that have shared data with the current data owner or which were given access to data\n * from the current data owner will receive a 'give access back' request. If not specified, the value be inferred from the current data owner type.\n */\n async createMaintenanceTasksForNewKeypair(user: User, keypair: KeyPair<CryptoKey>, requestToOwnerTypes?: DataOwnerTypeEnum[]): Promise<void> {\n const currentUserType = await this.dataOwnerApi.getCurrentDataOwnerType()\n if (!requestToOwnerTypes) {\n if (currentUserType === 'device') {\n console.warn('Current data owner is a device and there is no need to create maintenance tasks for updated keypair.')\n return\n } else {\n requestToOwnerTypes =\n currentUserType === DataOwnerTypeEnum.Patient ? [DataOwnerTypeEnum.Patient, DataOwnerTypeEnum.Hcp] : [DataOwnerTypeEnum.Hcp]\n }\n }\n const hexNewPubKey = ua2hex(await this.crypto.primitives.RSA.exportKey(keypair.publicKey, 'spki'))\n const hexNewPubKeyFp = fingerprintV1(hexNewPubKey)\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const requestDataOwnersForExchangeKeys = (await this.getExchangeKeysInfosOf(selfId, requestToOwnerTypes))\n .filter((info) => !info.fingerprints.has(hexNewPubKeyFp))\n .flatMap((info) => [info.delegate, info.delegator])\n .filter((dataOwner) => dataOwner !== selfId)\n const requestDataOwnersForExchangeData = await this.exchangeDataApi.getExchangeDataParticipantCounterparts(\n selfId,\n [...new Set(requestToOwnerTypes)].join(',')\n )\n const requestDataOwners = [...new Set([...requestDataOwnersForExchangeKeys, ...requestDataOwnersForExchangeData])]\n if (requestDataOwners.length > 0) {\n const tasksToCreate = requestDataOwners.map((dataOwner) => ({\n delegate: dataOwner,\n task: this.createMaintenanceTask(selfId, hexNewPubKey),\n }))\n for (const taskToCreate of tasksToCreate) {\n const instance = await this.tasksApi.newInstance(user, taskToCreate.task, {\n additionalDelegates: { [taskToCreate.delegate]: AccessLevelEnum.WRITE },\n })\n if (instance) {\n // TODO create in bulk\n await this.tasksApi.createMaintenanceTaskWithUser(user, instance)\n }\n }\n }\n }\n\n private async getExchangeKeysInfosOf(dataOwnerId: string, otherOwnerTypes: DataOwnerTypeEnum[]): Promise<ExchangeKeyInfo[]> {\n const allExchangeKeys = await this.crypto.exchangeKeys.base.getAllExchangeKeysWith(dataOwnerId, otherOwnerTypes)\n const infoTo = Object.entries(allExchangeKeys.keysToOwner).flatMap(([delegatorId, delegatorFpToKeys]) =>\n Object.values(delegatorFpToKeys).map((encryptedKeys) => ({\n delegator: delegatorId,\n delegate: dataOwnerId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => fingerprintV1(x))),\n }))\n )\n const infoFrom = Object.values(allExchangeKeys.keysFromOwner).flatMap((delegateIdToKeys) =>\n Object.entries(delegateIdToKeys).map(([delegateId, encryptedKeys]) => ({\n delegator: dataOwnerId,\n delegate: delegateId,\n fingerprints: new Set(Object.keys(encryptedKeys).map((x) => fingerprintV1(x))),\n }))\n )\n return [...infoFrom, ...infoTo]\n }\n\n private createMaintenanceTask(ownerId: string, concernedPubKey: string) {\n return new MaintenanceTask({\n id: this.crypto.primitives.randomUuid(),\n taskType: KeyPairUpdateRequest.TASK_TYPE,\n status: MaintenanceTask.StatusEnum.Pending,\n properties: [\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_ID_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: ownerId,\n }),\n }),\n new PropertyStub({\n id: KeyPairUpdateRequest.OWNER_PUB_PROP_ID,\n type: new PropertyTypeStub({ type: PropertyTypeStub.TypeEnum.STRING }),\n typedValue: new TypedValueObject({\n type: TypedValueObject.TypeEnum.STRING,\n stringValue: concernedPubKey,\n }),\n }),\n ],\n })\n }\n}\n"]}
|