@icure/api 8.0.8 → 8.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/model/models.d.ts +1 -0
- package/icc-api/model/models.js +1 -0
- package/icc-api/model/models.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +3 -2
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/KeyRecovery.js +5 -4
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/RSA.d.ts +4 -1
- package/icc-x-api/crypto/RSA.js +6 -1
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js +2 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js +4 -3
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
- package/icc-x-api/crypto/utils.d.ts +1 -4
- package/icc-x-api/crypto/utils.js +6 -8
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +16 -14
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.d.ts +2 -2
- package/icc-x-api/icc-calendar-item-x-api.js +17 -17
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +12 -11
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.d.ts +2 -2
- package/icc-x-api/icc-contact-x-api.js +23 -20
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.js +17 -16
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +13 -12
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +18 -16
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +12 -11
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +11 -11
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.js +14 -14
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +28 -27
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.js +11 -10
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.js +3 -2
- package/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.js +9 -8
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js +13 -13
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.d.ts +17 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +33 -15
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
- package/package.json +1 -1
- package/test/icc-api/api/IccAnonymousAccessApi.d.ts +1 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js +58 -0
- package/test/icc-api/api/IccAnonymousAccessApi.js.map +1 -0
- package/test/icc-api/api/IccDocumentApi.d.ts +1 -0
- package/test/icc-api/api/IccDocumentApi.js +208 -0
- package/test/icc-api/api/IccDocumentApi.js.map +1 -0
- package/test/icc-api/api/IccGroupApi.d.ts +1 -0
- package/test/icc-api/api/IccGroupApi.js +50 -0
- package/test/icc-api/api/IccGroupApi.js.map +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.d.ts +1 -0
- package/test/icc-api/api/IccRecoveryDataApi.js +95 -0
- package/test/icc-api/api/IccRecoveryDataApi.js.map +1 -0
- package/test/icc-api/api/IccRoleApi.d.ts +1 -0
- package/test/icc-api/api/IccRoleApi.js +34 -0
- package/test/icc-api/api/IccRoleApi.js.map +1 -0
- package/test/icc-api/api/IccUserApi.d.ts +1 -0
- package/test/icc-api/api/IccUserApi.js +96 -0
- package/test/icc-api/api/IccUserApi.js.map +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.d.ts +1 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js +46 -0
- package/test/icc-api/e2e/IccCalendarItemApi.js.map +1 -0
- package/test/icc-api/model/modelHelpersTest.d.ts +1 -0
- package/test/icc-api/model/modelHelpersTest.js +45 -0
- package/test/icc-api/model/modelHelpersTest.js.map +1 -0
- package/test/icc-x-api/auth/group-switch-test.d.ts +1 -0
- package/test/icc-x-api/auth/group-switch-test.js +81 -0
- package/test/icc-x-api/auth/group-switch-test.js.map +1 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.d.ts +2 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js +113 -0
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.d.ts +1 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js +224 -0
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -0
- package/test/icc-x-api/autofix-anonymity-test.d.ts +1 -0
- package/test/icc-x-api/autofix-anonymity-test.js +108 -0
- package/test/icc-x-api/autofix-anonymity-test.js.map +1 -0
- package/test/icc-x-api/confidential-entities-test.d.ts +1 -0
- package/test/icc-x-api/confidential-entities-test.js +110 -0
- package/test/icc-x-api/confidential-entities-test.js.map +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.d.ts +1 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js +276 -0
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.d.ts +16 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js +422 -0
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.d.ts +1 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +588 -0
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -0
- package/test/icc-x-api/crypto/concurrency.d.ts +1 -0
- package/test/icc-x-api/crypto/concurrency.js +35 -0
- package/test/icc-x-api/crypto/concurrency.js.map +1 -0
- package/test/icc-x-api/crypto/crypto-utils.d.ts +1 -0
- package/test/icc-x-api/crypto/crypto-utils.js +80 -0
- package/test/icc-x-api/crypto/crypto-utils.js.map +1 -0
- package/test/icc-x-api/crypto/cryptoTest.d.ts +2 -0
- package/test/icc-x-api/crypto/cryptoTest.js +302 -0
- package/test/icc-x-api/crypto/cryptoTest.js.map +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.d.ts +1 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js +166 -0
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +690 -0
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.d.ts +1 -0
- package/test/icc-x-api/crypto/full-crypto-test.js +457 -0
- package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +266 -0
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.d.ts +1 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js +393 -0
- package/test/icc-x-api/crypto/secure-delegations-metadata-decryptor-test.js.map +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.d.ts +1 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js +213 -0
- package/test/icc-x-api/crypto/security-metadata-decryptor-chain-test.js.map +1 -0
- package/test/icc-x-api/crypto/shamir.d.ts +2 -0
- package/test/icc-x-api/crypto/shamir.js +166 -0
- package/test/icc-x-api/crypto/shamir.js.map +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.d.ts +1 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js +71 -0
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js.map +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js +44 -0
- package/test/icc-x-api/crypto/signature-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.d.ts +1 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +246 -0
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.d.ts +1 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js +142 -0
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -0
- package/test/icc-x-api/filters/filters.d.ts +1 -0
- package/test/icc-x-api/filters/filters.js +49 -0
- package/test/icc-x-api/filters/filters.js.map +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-accesslog-x-api.js +106 -0
- package/test/icc-x-api/icc-accesslog-x-api.js.map +1 -0
- package/test/icc-x-api/icc-auth-api.d.ts +1 -0
- package/test/icc-x-api/icc-auth-api.js +47 -0
- package/test/icc-x-api/icc-auth-api.js.map +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js +150 -0
- package/test/icc-x-api/icc-calendar-item-x-api.js.map +1 -0
- package/test/icc-x-api/icc-contact-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-contact-x-api.js +279 -0
- package/test/icc-x-api/icc-contact-x-api.js.map +1 -0
- package/test/icc-x-api/icc-form-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-form-x-api.js +98 -0
- package/test/icc-x-api/icc-form-x-api.js.map +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-helement-x-api-test.js +153 -0
- package/test/icc-x-api/icc-helement-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-invoice-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-invoice-x-api.js +99 -0
- package/test/icc-x-api/icc-invoice-x-api.js.map +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +221 -0
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-message-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-message-x-api.js +328 -0
- package/test/icc-x-api/icc-message-x-api.js.map +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-patient-x-api-test.js +158 -0
- package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -0
- package/test/icc-x-api/icc-recovery-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-recovery-x-api.js +170 -0
- package/test/icc-x-api/icc-recovery-x-api.js.map +1 -0
- package/test/icc-x-api/icc-time-table-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-time-table-x-api.js +100 -0
- package/test/icc-x-api/icc-time-table-x-api.js.map +1 -0
- package/test/icc-x-api/icc-topic-x-api.d.ts +1 -0
- package/test/icc-x-api/icc-topic-x-api.js +269 -0
- package/test/icc-x-api/icc-topic-x-api.js.map +1 -0
- package/test/icc-x-api/icc-user-x-api-test.d.ts +1 -0
- package/test/icc-x-api/icc-user-x-api-test.js +99 -0
- package/test/icc-x-api/icc-user-x-api-test.js.map +1 -0
- package/test/icc-x-api/patient-user.d.ts +2 -0
- package/test/icc-x-api/patient-user.js +104 -0
- package/test/icc-x-api/patient-user.js.map +1 -0
- package/test/icc-x-api/storage/storage.d.ts +1 -0
- package/test/icc-x-api/storage/storage.js +48 -0
- package/test/icc-x-api/storage/storage.js.map +1 -0
- package/test/icc-x-api/test-api-no-parent.d.ts +1 -0
- package/test/icc-x-api/test-api-no-parent.js +79 -0
- package/test/icc-x-api/test-api-no-parent.js.map +1 -0
- package/test/icc-x-api/test-legacy-data-support.d.ts +1 -0
- package/test/icc-x-api/test-legacy-data-support.js +376 -0
- package/test/icc-x-api/test-legacy-data-support.js.map +1 -0
- package/test/icc-x-api/utils/graph-test.d.ts +1 -0
- package/test/icc-x-api/utils/graph-test.js +54 -0
- package/test/icc-x-api/utils/graph-test.js.map +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.d.ts +1 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js +364 -0
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -0
- package/test/support/CSM-185.d.ts +1 -0
- package/test/support/CSM-185.js +124 -0
- package/test/support/CSM-185.js.map +1 -0
- package/test/support/CSM-243.d.ts +1 -0
- package/test/support/CSM-243.js +120 -0
- package/test/support/CSM-243.js.map +1 -0
- package/test/support/CSM-87.d.ts +0 -0
- package/test/support/CSM-87.js +21 -0
- package/test/support/CSM-87.js.map +1 -0
- package/test/support/CSM-93.d.ts +1 -0
- package/test/support/CSM-93.js +112 -0
- package/test/support/CSM-93.js.map +1 -0
- package/test/utils/FakeDataOwnerApi.d.ts +32 -0
- package/test/utils/FakeDataOwnerApi.js +136 -0
- package/test/utils/FakeDataOwnerApi.js.map +1 -0
- package/test/utils/FakeEncryptionKeysManager.d.ts +35 -0
- package/test/utils/FakeEncryptionKeysManager.js +87 -0
- package/test/utils/FakeEncryptionKeysManager.js.map +1 -0
- package/test/utils/FakeExchangeDataApi.d.ts +30 -0
- package/test/utils/FakeExchangeDataApi.js +74 -0
- package/test/utils/FakeExchangeDataApi.js.map +1 -0
- package/test/utils/FakeExchangeDataManager.d.ts +40 -0
- package/test/utils/FakeExchangeDataManager.js +89 -0
- package/test/utils/FakeExchangeDataManager.js.map +1 -0
- package/test/utils/FakeExchangeDataMapManager.d.ts +12 -0
- package/test/utils/FakeExchangeDataMapManager.js +38 -0
- package/test/utils/FakeExchangeDataMapManager.js.map +1 -0
- package/test/utils/FakeGenericApi.d.ts +16 -0
- package/test/utils/FakeGenericApi.js +65 -0
- package/test/utils/FakeGenericApi.js.map +1 -0
- package/test/utils/FakeSignatureKeysManager.d.ts +16 -0
- package/test/utils/FakeSignatureKeysManager.js +54 -0
- package/test/utils/FakeSignatureKeysManager.js.map +1 -0
- package/test/utils/TestApi.d.ts +3 -0
- package/test/utils/TestApi.js +30 -0
- package/test/utils/TestApi.js.map +1 -0
- package/test/utils/TestCollectionUtils.d.ts +1 -0
- package/test/utils/TestCollectionUtils.js +109 -0
- package/test/utils/TestCollectionUtils.js.map +1 -0
- package/test/utils/TestCryptoStrategies.d.ts +42 -0
- package/test/utils/TestCryptoStrategies.js +80 -0
- package/test/utils/TestCryptoStrategies.js.map +1 -0
- package/test/utils/TestStorage.d.ts +23 -0
- package/test/utils/TestStorage.js +61 -0
- package/test/utils/TestStorage.js.map +1 -0
- package/test/utils/test_utils.d.ts +76 -0
- package/test/utils/test_utils.js +419 -0
- package/test/utils/test_utils.js.map +1 -0
|
@@ -6,13 +6,11 @@ import { CryptoPrimitives } from './CryptoPrimitives';
|
|
|
6
6
|
import { IccPatientApi } from '../../icc-api';
|
|
7
7
|
import { DataOwnerWithType } from '../../icc-api/model/DataOwnerWithType';
|
|
8
8
|
/**
|
|
9
|
-
* @internal this function is meant only for internal use and may be changed without notice.
|
|
10
9
|
* Get the public keys of a data owner which should be used for RSA-OAEP with sha256.
|
|
11
10
|
* @param dataOwner
|
|
12
11
|
*/
|
|
13
12
|
export declare function hexPublicKeysWithSha256Of(dataOwner: DataOwner): Set<string>;
|
|
14
13
|
/**
|
|
15
|
-
* @internal this function is meant only for internal use and may be changed without notice.
|
|
16
14
|
* Get the public keys of a data owner which should be used for RSA-OAEP with sha1.
|
|
17
15
|
* @param dataOwner
|
|
18
16
|
*/
|
|
@@ -53,13 +51,12 @@ export declare function loadPublicKeys(rsa: RSAUtils, publicKeysSpkiHex: string[
|
|
|
53
51
|
*/
|
|
54
52
|
export declare function ensureDelegationForSelf(dataOwnerApi: IccDataOwnerXApi, xapi: ExtendedApisUtils, patientApi: IccPatientApi, cryptoPrimitives: CryptoPrimitives): Promise<DataOwnerWithType>;
|
|
55
53
|
/**
|
|
56
|
-
* @internal This method is intended only for internal use and may be changed without notice.
|
|
57
54
|
* Search a public key in the data owner and returns the corresponding SHA version used to generate it or undefined if not found.
|
|
58
55
|
* @param dataOwner the data owner.
|
|
59
56
|
* @param publicKey the public key.
|
|
60
57
|
* @return 'sha-1', 'sha-256', undefined
|
|
61
58
|
*/
|
|
62
|
-
export declare function getShaVersionForKey(dataOwner: DataOwnerOrStub, publicKey: string):
|
|
59
|
+
export declare function getShaVersionForKey(dataOwner: DataOwnerOrStub, publicKey: string): ShaVersion | undefined;
|
|
63
60
|
/**
|
|
64
61
|
* @internal this function is meant only for internal use and may be changed without notice.
|
|
65
62
|
* Calculates the fingerprint from the hexadecimal representation of a SPKI key. The fingerprint is calculated as the last 16 bytes (32 characters)
|
|
@@ -12,6 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
12
12
|
exports.fingerprintIsV2 = exports.fingerprintIsV1 = exports.fingerprintV1toV2 = exports.fingerprintV2 = exports.fingerprintV1 = exports.getShaVersionForKey = exports.ensureDelegationForSelf = exports.loadPublicKeys = exports.fingerprintToPublicKeysMapOf = exports.transferKeysFpGraphOf = exports.hexPublicKeysWithSha1Of = exports.hexPublicKeysWithSha256Of = void 0;
|
|
13
13
|
// Uses fp as node names
|
|
14
14
|
const graph_utils_1 = require("../utils/graph-utils");
|
|
15
|
+
const RSA_1 = require("./RSA");
|
|
15
16
|
const utils_1 = require("../utils");
|
|
16
17
|
const Patient_1 = require("../../icc-api/model/Patient");
|
|
17
18
|
const ShareMetadataBehaviour_1 = require("./ShareMetadataBehaviour");
|
|
@@ -19,7 +20,6 @@ const EntityShareRequest_1 = require("../../icc-api/model/requests/EntityShareRe
|
|
|
19
20
|
const DataOwnerTypeEnum_1 = require("../../icc-api/model/DataOwnerTypeEnum");
|
|
20
21
|
var RequestedPermissionEnum = EntityShareRequest_1.EntityShareRequest.RequestedPermissionEnum;
|
|
21
22
|
/**
|
|
22
|
-
* @internal this function is meant only for internal use and may be changed without notice.
|
|
23
23
|
* Get the public keys of a data owner which should be used for RSA-OAEP with sha256.
|
|
24
24
|
* @param dataOwner
|
|
25
25
|
*/
|
|
@@ -29,7 +29,6 @@ function hexPublicKeysWithSha256Of(dataOwner) {
|
|
|
29
29
|
}
|
|
30
30
|
exports.hexPublicKeysWithSha256Of = hexPublicKeysWithSha256Of;
|
|
31
31
|
/**
|
|
32
|
-
* @internal this function is meant only for internal use and may be changed without notice.
|
|
33
32
|
* Get the public keys of a data owner which should be used for RSA-OAEP with sha1.
|
|
34
33
|
* @param dataOwner
|
|
35
34
|
*/
|
|
@@ -97,7 +96,7 @@ function ensureDelegationForSelf(dataOwnerApi, xapi, patientApi, cryptoPrimitive
|
|
|
97
96
|
const self = yield dataOwnerApi.getCurrentDataOwner();
|
|
98
97
|
if (self.type === 'patient') {
|
|
99
98
|
const patient = new Patient_1.Patient(self.dataOwner);
|
|
100
|
-
const patientWithType = { entity: patient, type:
|
|
99
|
+
const patientWithType = { entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient };
|
|
101
100
|
const availableSecretIds = yield xapi.secretIdsOf(patientWithType, undefined);
|
|
102
101
|
if (availableSecretIds.length) {
|
|
103
102
|
return self;
|
|
@@ -105,11 +104,11 @@ function ensureDelegationForSelf(dataOwnerApi, xapi, patientApi, cryptoPrimitive
|
|
|
105
104
|
else {
|
|
106
105
|
if (xapi.hasEmptyEncryptionMetadata(patient)) {
|
|
107
106
|
// This should not really happen, usually some user will have already initialised the patient and its encryption metadata.
|
|
108
|
-
const updatedPatient = yield xapi.entityWithInitialisedEncryptedMetadata(patient,
|
|
107
|
+
const updatedPatient = yield xapi.entityWithInitialisedEncryptedMetadata(patient, utils_1.EntityWithDelegationTypeName.Patient, undefined, undefined, true, true, {});
|
|
109
108
|
return { dataOwner: yield patientApi.modifyPatient(updatedPatient.updatedEntity), type: DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient };
|
|
110
109
|
}
|
|
111
110
|
else {
|
|
112
|
-
const updatedPatient = yield xapi.simpleShareOrUpdateEncryptedEntityMetadata({ entity: patient, type:
|
|
111
|
+
const updatedPatient = yield xapi.simpleShareOrUpdateEncryptedEntityMetadata({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, false, {
|
|
113
112
|
[patient.id]: {
|
|
114
113
|
shareEncryptionKeys: ShareMetadataBehaviour_1.ShareMetadataBehaviour.IF_AVAILABLE,
|
|
115
114
|
shareOwningEntityIds: ShareMetadataBehaviour_1.ShareMetadataBehaviour.NEVER,
|
|
@@ -128,7 +127,6 @@ function ensureDelegationForSelf(dataOwnerApi, xapi, patientApi, cryptoPrimitive
|
|
|
128
127
|
}
|
|
129
128
|
exports.ensureDelegationForSelf = ensureDelegationForSelf;
|
|
130
129
|
/**
|
|
131
|
-
* @internal This method is intended only for internal use and may be changed without notice.
|
|
132
130
|
* Search a public key in the data owner and returns the corresponding SHA version used to generate it or undefined if not found.
|
|
133
131
|
* @param dataOwner the data owner.
|
|
134
132
|
* @param publicKey the public key.
|
|
@@ -137,9 +135,9 @@ exports.ensureDelegationForSelf = ensureDelegationForSelf;
|
|
|
137
135
|
function getShaVersionForKey(dataOwner, publicKey) {
|
|
138
136
|
var _a, _b;
|
|
139
137
|
return dataOwner.publicKey === publicKey || Object.keys((_a = dataOwner.aesExchangeKeys) !== null && _a !== void 0 ? _a : {}).includes(publicKey)
|
|
140
|
-
?
|
|
138
|
+
? RSA_1.ShaVersion.Sha1
|
|
141
139
|
: !!((_b = dataOwner.publicKeysForOaepWithSha256) === null || _b === void 0 ? void 0 : _b.includes(publicKey))
|
|
142
|
-
?
|
|
140
|
+
? RSA_1.ShaVersion.Sha256
|
|
143
141
|
: undefined;
|
|
144
142
|
}
|
|
145
143
|
exports.getShaVersionForKey = getShaVersionForKey;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/utils.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wBAAwB;AACxB,sDAAsF;AAGtF,oCAAiC;AACjC,yDAAqD;AAKrD,qEAAiE;AACjE,wFAAoF;AAEpF,6EAAyE;AACzE,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAE3E;;;;GAIG;AACH,SAAgB,yBAAyB,CAAC,SAAoB;;IAC5D,OAAO,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAA,SAAS,CAAC,2BAA2B,mCAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAa,CAAC,CAAA;AAC7G,CAAC;AAFD,8DAEC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB,CAAC,SAAoB;;IAC1D,OAAO,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAa,CAAC,CAAA;AACjI,CAAC;AAFD,0DAEC;AAED;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,SAAoB;;IACxD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,uBAAuB,CAAC,SAAS,CAAC,EAAE,GAAG,yBAAyB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IAC/G,MAAM,KAAK,GAAuB,EAAE,CAAA;IACpC,MAAM,CAAC,OAAO,CAAC,MAAA,SAAS,CAAC,YAAY,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE;QACnE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;YAC9B,KAAK,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QACtD,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IACF,OAAO,IAAA,qBAAO,EACZ,IAAA,4BAAc,EACZ,KAAK,EACL,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CACxC,CACF,CAAA;AACH,CAAC;AAdD,sDAcC;AAED;;;;;;GAMG;AACH,SAAgB,4BAA4B,CAAC,SAAoB,EAAE,UAAsB;IACvF,MAAM,UAAU,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7I,MAAM,GAAG,GAA6B,EAAE,CAAA;IACxC,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QACxB,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,CAAA;IAC7B,CAAC,CAAC,CAAA;IACF,OAAO,GAAG,CAAA;AACZ,CAAC;AAPD,oEAOC;AAED;;;;;;;GAOG;AACH,SAAsB,cAAc,CAClC,GAAa,EACb,iBAA2B,EAC3B,UAAsB;;QAEtB,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAO,CAAC,EAAE,EAAE,gDAAC,OAAA,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAC,CAAA,GAAA,CAAC,CAAC,CAC3I,CAAA;IACH,CAAC;CAAA;AARD,wCAQC;AAED;;;;GAIG;AACH,SAAsB,uBAAuB,CAC3C,YAA8B,EAC9B,IAAuB,EACvB,UAAyB,EACzB,gBAAkC;;QAElC,MAAM,IAAI,GAAG,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAA;QACrD,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE;YAC3B,MAAM,OAAO,GAAG,IAAI,iBAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAC3C,MAAM,eAAe,GAA4B,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAA;YACrF,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,SAAS,CAAC,CAAA;YAC7E,IAAI,kBAAkB,CAAC,MAAM,EAAE;gBAC7B,OAAO,IAAI,CAAA;aACZ;iBAAM;gBACL,IAAI,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE;oBAC5C,0HAA0H;oBAC1H,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,sCAAsC,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAA;oBAClI,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,qCAAiB,CAAC,OAAO,EAAE,CAAA;iBACpH;qBAAM;oBACL,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,0CAA0C,CAC1E,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EACpC,KAAK,EACL;wBACE,CAAC,OAAO,CAAC,EAAG,CAAC,EAAE;4BACb,mBAAmB,EAAE,+CAAsB,CAAC,YAAY;4BACxD,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;4BAClD,cAAc,EAAE,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC;4BAC/C,oBAAoB,EAAE,uBAAuB,CAAC,UAAU;yBACzD;qBACF,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC,CACvC,CAAA;oBACD,OAAO,EAAE,SAAS,EAAE,cAAc,CAAC,oBAAoB,EAAE,IAAI,EAAE,qCAAiB,CAAC,OAAO,EAAE,CAAA;iBAC3F;aACF;SACF;aAAM;YACL,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;CAAA;AAtCD,0DAsCC;AAED;;;;;;GAMG;AACH,SAAgB,mBAAmB,CAAC,SAA0B,EAAE,SAAiB;;IAC/E,OAAO,SAAS,CAAC,SAAS,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1G,CAAC,CAAC,OAAO;QACT,CAAC,CAAC,CAAC,CAAC,CAAA,MAAA,SAAS,CAAC,2BAA2B,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;YAC9D,CAAC,CAAC,SAAS;YACX,CAAC,CAAC,SAAS,CAAA;AACf,CAAC;AAND,kDAMC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;AACvB,CAAC;AAFD,sCAEC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;AAC5B,CAAC;AAFD,sCAEC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,EAAU;IAC1C,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAA;AACzB,CAAC;AAFD,8CAEC;AAED;;;;GAIG;AACH,SAAgB,eAAe,CAAC,EAAU;IACxC,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAA;AACzB,CAAC;AAFD,0CAEC;AAED;;;;GAIG;AACH,SAAgB,eAAe,CAAC,EAAU;IACxC,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAA;AACzB,CAAC;AAFD,0CAEC","sourcesContent":["// Uses fp as node names\nimport { acyclic, graphFromEdges, StronglyConnectedGraph } from '../utils/graph-utils'\nimport { DataOwner, DataOwnerOrStub, IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { RSAUtils, ShaVersion } from './RSA'\nimport { hex2ua } from '../utils'\nimport { Patient } from '../../icc-api/model/Patient'\nimport { ExtendedApisUtils } from './ExtendedApisUtils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { IccPatientApi } from '../../icc-api'\nimport { ShareMetadataBehaviour } from './ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../../icc-api/model/requests/EntityShareRequest'\nimport { DataOwnerWithType } from '../../icc-api/model/DataOwnerWithType'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get the public keys of a data owner which should be used for RSA-OAEP with sha256.\n * @param dataOwner\n */\nexport function hexPublicKeysWithSha256Of(dataOwner: DataOwner) {\n return new Set([...(dataOwner.publicKeysForOaepWithSha256 ?? [])].filter((pubKey) => !!pubKey) as string[])\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get the public keys of a data owner which should be used for RSA-OAEP with sha1.\n * @param dataOwner\n */\nexport function hexPublicKeysWithSha1Of(dataOwner: DataOwner) {\n return new Set([dataOwner.publicKey, ...Object.keys(dataOwner.aesExchangeKeys ?? {})].filter((pubKey) => !!pubKey) as string[])\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get the transfer key graph for a data owner. Node names are the public key fingerprints of the data owner's keys, and an edge represents a key\n * which can be retrieved from another key using the transfer keys.\n * @param dataOwner a data owner.\n * @return a graph representing the possible key recovery paths using transfer keys for hte provided data owner.\n */\nexport function transferKeysFpGraphOf(dataOwner: DataOwner): StronglyConnectedGraph {\n const publicKeys = Array.from([...hexPublicKeysWithSha1Of(dataOwner), ...hexPublicKeysWithSha256Of(dataOwner)])\n const edges: [string, string][] = []\n Object.entries(dataOwner.transferKeys ?? {}).forEach(([from, tos]) => {\n Object.keys(tos).forEach((to) => {\n edges.push([fingerprintV1(from), fingerprintV1(to)])\n })\n })\n return acyclic(\n graphFromEdges(\n edges,\n publicKeys.map((x) => fingerprintV1(x))\n )\n )\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get a map for converting public keys fingerprint to full public keys for the provided data owner.\n * @param dataOwner a data owner.\n * @param shaVersion gets only the keys that are generated with this SHA version (default: 'sha-1').\n * @return a map to convert fingerprints of the data owner into full public keys.\n */\nexport function fingerprintToPublicKeysMapOf(dataOwner: DataOwner, shaVersion: ShaVersion): { [fp: string]: string } {\n const publicKeys = shaVersion === 'sha-1' ? Array.from(hexPublicKeysWithSha1Of(dataOwner)) : Array.from(hexPublicKeysWithSha256Of(dataOwner))\n const res: { [fp: string]: string } = {}\n publicKeys.forEach((pk) => {\n res[fingerprintV1(pk)] = pk\n })\n return res\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Load many public keys in spki format.\n * @param rsa the rsa service\n * @param publicKeysSpkiHex public keys in spki format, hex encoded.\n * @param shaVersion the version of the Sha algorithm used in the keys generations. ()\n * @return public keys as crypto keys by their fingerprint.\n */\nexport async function loadPublicKeys(\n rsa: RSAUtils,\n publicKeysSpkiHex: string[],\n shaVersion: ShaVersion\n): Promise<{ [publicKeyFingerprint: string]: CryptoKey }> {\n return Object.fromEntries(\n await Promise.all(publicKeysSpkiHex.map(async (x) => [fingerprintV1(x), await rsa.importKey('spki', hex2ua(x), ['encrypt'], shaVersion)]))\n )\n}\n\n/**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates a delegation for the current data owner if the data owner is an encrypted entity and there is no delegation to himself.\n * @return the updated self.\n */\nexport async function ensureDelegationForSelf(\n dataOwnerApi: IccDataOwnerXApi,\n xapi: ExtendedApisUtils,\n patientApi: IccPatientApi,\n cryptoPrimitives: CryptoPrimitives\n): Promise<DataOwnerWithType> {\n const self = await dataOwnerApi.getCurrentDataOwner()\n if (self.type === 'patient') {\n const patient = new Patient(self.dataOwner)\n const patientWithType: EncryptedEntityWithType = { entity: patient, type: 'Patient' }\n const availableSecretIds = await xapi.secretIdsOf(patientWithType, undefined)\n if (availableSecretIds.length) {\n return self\n } else {\n if (xapi.hasEmptyEncryptionMetadata(patient)) {\n // This should not really happen, usually some user will have already initialised the patient and its encryption metadata.\n const updatedPatient = await xapi.entityWithInitialisedEncryptedMetadata(patient, 'Patient', undefined, undefined, true, true, {})\n return { dataOwner: await patientApi.modifyPatient(updatedPatient.updatedEntity), type: DataOwnerTypeEnum.Patient }\n } else {\n const updatedPatient = await xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: patient, type: 'Patient' },\n false,\n {\n [patient.id!]: {\n shareEncryptionKeys: ShareMetadataBehaviour.IF_AVAILABLE,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: [cryptoPrimitives.randomUuid()],\n requestedPermissions: RequestedPermissionEnum.FULL_WRITE,\n },\n },\n (x) => patientApi.bulkSharePatients(x)\n )\n return { dataOwner: updatedPatient.updatedEntityOrThrow, type: DataOwnerTypeEnum.Patient }\n }\n }\n } else {\n return self\n }\n}\n\n/**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Search a public key in the data owner and returns the corresponding SHA version used to generate it or undefined if not found.\n * @param dataOwner the data owner.\n * @param publicKey the public key.\n * @return 'sha-1', 'sha-256', undefined\n */\nexport function getShaVersionForKey(dataOwner: DataOwnerOrStub, publicKey: string) {\n return dataOwner.publicKey === publicKey || Object.keys(dataOwner.aesExchangeKeys ?? {}).includes(publicKey)\n ? 'sha-1'\n : !!dataOwner.publicKeysForOaepWithSha256?.includes(publicKey)\n ? 'sha-256'\n : undefined\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Calculates the fingerprint from the hexadecimal representation of a SPKI key. The fingerprint is calculated as the last 16 bytes (32 characters)\n * of the SPKI key.\n * @param key the hexadecimal representation of the SPKI key.\n * @return the fingerprint.\n */\nexport function fingerprintV1(key: string): string {\n return key.slice(-32)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Calculates the fingerprint from the hexadecimal representation of a SPKI key. The fingerprint is calculated as the last 16 bytes (32 characters) from which the\n * last 5 (10 characters) are removed because they are a constant of the SPKI format.\n * @param key the hexadecimal representation of the SPKI key.\n * @return the fingerprint.\n */\nexport function fingerprintV2(key: string): string {\n return key.slice(-32, -10)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Converts the fingerprint of a key from a V1 format to a V2 format.\n * @param fp the fingerprint of the key in the V1 format.\n * @return the fingerprint of the key in the v2 format.\n */\nexport function fingerprintV1toV2(fp: string): string {\n return fp.slice(0, -10)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * @param fp the fingerprint.\n * @return true if the fingerprint is in V1 format, false otherwise.\n */\nexport function fingerprintIsV1(fp: string): boolean {\n return fp.length === 32\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * @param fp the fingerprint.\n * @return true if the fingerprint is in V2 format, false otherwise.\n */\nexport function fingerprintIsV2(fp: string): boolean {\n return fp.length === 22\n}\n"]}
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../icc-x-api/crypto/utils.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wBAAwB;AACxB,sDAAsF;AAEtF,+BAA4C;AAC5C,oCAA+D;AAC/D,yDAAqD;AAKrD,qEAAiE;AACjE,wFAAoF;AAEpF,6EAAyE;AACzE,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAE3E;;;GAGG;AACH,SAAgB,yBAAyB,CAAC,SAAoB;;IAC5D,OAAO,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,MAAA,SAAS,CAAC,2BAA2B,mCAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAa,CAAC,CAAA;AAC7G,CAAC;AAFD,8DAEC;AAED;;;GAGG;AACH,SAAgB,uBAAuB,CAAC,SAAoB;;IAC1D,OAAO,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAa,CAAC,CAAA;AACjI,CAAC;AAFD,0DAEC;AAED;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,SAAoB;;IACxD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,uBAAuB,CAAC,SAAS,CAAC,EAAE,GAAG,yBAAyB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;IAC/G,MAAM,KAAK,GAAuB,EAAE,CAAA;IACpC,MAAM,CAAC,OAAO,CAAC,MAAA,SAAS,CAAC,YAAY,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE;QACnE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;YAC9B,KAAK,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QACtD,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IACF,OAAO,IAAA,qBAAO,EACZ,IAAA,4BAAc,EACZ,KAAK,EACL,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CACxC,CACF,CAAA;AACH,CAAC;AAdD,sDAcC;AAED;;;;;;GAMG;AACH,SAAgB,4BAA4B,CAAC,SAAoB,EAAE,UAAsB;IACvF,MAAM,UAAU,GAAG,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7I,MAAM,GAAG,GAA6B,EAAE,CAAA;IACxC,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QACxB,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,CAAA;IAC7B,CAAC,CAAC,CAAA;IACF,OAAO,GAAG,CAAA;AACZ,CAAC;AAPD,oEAOC;AAED;;;;;;;GAOG;AACH,SAAsB,cAAc,CAClC,GAAa,EACb,iBAA2B,EAC3B,UAAsB;;QAEtB,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAO,CAAC,EAAE,EAAE,gDAAC,OAAA,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAA,cAAM,EAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC,CAAC,CAAA,GAAA,CAAC,CAAC,CAC3I,CAAA;IACH,CAAC;CAAA;AARD,wCAQC;AAED;;;;GAIG;AACH,SAAsB,uBAAuB,CAC3C,YAA8B,EAC9B,IAAuB,EACvB,UAAyB,EACzB,gBAAkC;;QAElC,MAAM,IAAI,GAAG,MAAM,YAAY,CAAC,mBAAmB,EAAE,CAAA;QACrD,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE;YAC3B,MAAM,OAAO,GAAG,IAAI,iBAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAC3C,MAAM,eAAe,GAA4B,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAA;YAChH,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,SAAS,CAAC,CAAA;YAC7E,IAAI,kBAAkB,CAAC,MAAM,EAAE;gBAC7B,OAAO,IAAI,CAAA;aACZ;iBAAM;gBACL,IAAI,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,EAAE;oBAC5C,0HAA0H;oBAC1H,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,sCAAsC,CACtE,OAAO,EACP,oCAA4B,CAAC,OAAO,EACpC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,IAAI,EACJ,EAAE,CACH,CAAA;oBACD,OAAO,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC,aAAa,CAAC,cAAc,CAAC,aAAa,CAAC,EAAE,IAAI,EAAE,qCAAiB,CAAC,OAAO,EAAE,CAAA;iBACpH;qBAAM;oBACL,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,0CAA0C,CAC1E,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,KAAK,EACL;wBACE,CAAC,OAAO,CAAC,EAAG,CAAC,EAAE;4BACb,mBAAmB,EAAE,+CAAsB,CAAC,YAAY;4BACxD,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;4BAClD,cAAc,EAAE,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC;4BAC/C,oBAAoB,EAAE,uBAAuB,CAAC,UAAU;yBACzD;qBACF,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC,CACvC,CAAA;oBACD,OAAO,EAAE,SAAS,EAAE,cAAc,CAAC,oBAAoB,EAAE,IAAI,EAAE,qCAAiB,CAAC,OAAO,EAAE,CAAA;iBAC3F;aACF;SACF;aAAM;YACL,OAAO,IAAI,CAAA;SACZ;IACH,CAAC;CAAA;AA9CD,0DA8CC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,SAA0B,EAAE,SAAiB;;IAC/E,OAAO,SAAS,CAAC,SAAS,KAAK,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAA,SAAS,CAAC,eAAe,mCAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1G,CAAC,CAAC,gBAAU,CAAC,IAAI;QACjB,CAAC,CAAC,CAAC,CAAC,CAAA,MAAA,SAAS,CAAC,2BAA2B,0CAAE,QAAQ,CAAC,SAAS,CAAC,CAAA;YAC9D,CAAC,CAAC,gBAAU,CAAC,MAAM;YACnB,CAAC,CAAC,SAAS,CAAA;AACf,CAAC;AAND,kDAMC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;AACvB,CAAC;AAFD,sCAEC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;AAC5B,CAAC;AAFD,sCAEC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,EAAU;IAC1C,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAA;AACzB,CAAC;AAFD,8CAEC;AAED;;;;GAIG;AACH,SAAgB,eAAe,CAAC,EAAU;IACxC,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAA;AACzB,CAAC;AAFD,0CAEC;AAED;;;;GAIG;AACH,SAAgB,eAAe,CAAC,EAAU;IACxC,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAA;AACzB,CAAC;AAFD,0CAEC","sourcesContent":["// Uses fp as node names\nimport { acyclic, graphFromEdges, StronglyConnectedGraph } from '../utils/graph-utils'\nimport { DataOwner, DataOwnerOrStub, IccDataOwnerXApi } from '../icc-data-owner-x-api'\nimport { RSAUtils, ShaVersion } from './RSA'\nimport { EntityWithDelegationTypeName, hex2ua } from '../utils'\nimport { Patient } from '../../icc-api/model/Patient'\nimport { ExtendedApisUtils } from './ExtendedApisUtils'\nimport { CryptoPrimitives } from './CryptoPrimitives'\nimport { EncryptedEntityWithType } from '../utils/EntityWithDelegationTypeName'\nimport { IccPatientApi } from '../../icc-api'\nimport { ShareMetadataBehaviour } from './ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../../icc-api/model/requests/EntityShareRequest'\nimport { DataOwnerWithType } from '../../icc-api/model/DataOwnerWithType'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\n/**\n * Get the public keys of a data owner which should be used for RSA-OAEP with sha256.\n * @param dataOwner\n */\nexport function hexPublicKeysWithSha256Of(dataOwner: DataOwner) {\n return new Set([...(dataOwner.publicKeysForOaepWithSha256 ?? [])].filter((pubKey) => !!pubKey) as string[])\n}\n\n/**\n * Get the public keys of a data owner which should be used for RSA-OAEP with sha1.\n * @param dataOwner\n */\nexport function hexPublicKeysWithSha1Of(dataOwner: DataOwner) {\n return new Set([dataOwner.publicKey, ...Object.keys(dataOwner.aesExchangeKeys ?? {})].filter((pubKey) => !!pubKey) as string[])\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get the transfer key graph for a data owner. Node names are the public key fingerprints of the data owner's keys, and an edge represents a key\n * which can be retrieved from another key using the transfer keys.\n * @param dataOwner a data owner.\n * @return a graph representing the possible key recovery paths using transfer keys for hte provided data owner.\n */\nexport function transferKeysFpGraphOf(dataOwner: DataOwner): StronglyConnectedGraph {\n const publicKeys = Array.from([...hexPublicKeysWithSha1Of(dataOwner), ...hexPublicKeysWithSha256Of(dataOwner)])\n const edges: [string, string][] = []\n Object.entries(dataOwner.transferKeys ?? {}).forEach(([from, tos]) => {\n Object.keys(tos).forEach((to) => {\n edges.push([fingerprintV1(from), fingerprintV1(to)])\n })\n })\n return acyclic(\n graphFromEdges(\n edges,\n publicKeys.map((x) => fingerprintV1(x))\n )\n )\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Get a map for converting public keys fingerprint to full public keys for the provided data owner.\n * @param dataOwner a data owner.\n * @param shaVersion gets only the keys that are generated with this SHA version (default: 'sha-1').\n * @return a map to convert fingerprints of the data owner into full public keys.\n */\nexport function fingerprintToPublicKeysMapOf(dataOwner: DataOwner, shaVersion: ShaVersion): { [fp: string]: string } {\n const publicKeys = shaVersion === 'sha-1' ? Array.from(hexPublicKeysWithSha1Of(dataOwner)) : Array.from(hexPublicKeysWithSha256Of(dataOwner))\n const res: { [fp: string]: string } = {}\n publicKeys.forEach((pk) => {\n res[fingerprintV1(pk)] = pk\n })\n return res\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Load many public keys in spki format.\n * @param rsa the rsa service\n * @param publicKeysSpkiHex public keys in spki format, hex encoded.\n * @param shaVersion the version of the Sha algorithm used in the keys generations. ()\n * @return public keys as crypto keys by their fingerprint.\n */\nexport async function loadPublicKeys(\n rsa: RSAUtils,\n publicKeysSpkiHex: string[],\n shaVersion: ShaVersion\n): Promise<{ [publicKeyFingerprint: string]: CryptoKey }> {\n return Object.fromEntries(\n await Promise.all(publicKeysSpkiHex.map(async (x) => [fingerprintV1(x), await rsa.importKey('spki', hex2ua(x), ['encrypt'], shaVersion)]))\n )\n}\n\n/**\n * @internal This method is intended only for internal use and may be changed without notice.\n * Creates a delegation for the current data owner if the data owner is an encrypted entity and there is no delegation to himself.\n * @return the updated self.\n */\nexport async function ensureDelegationForSelf(\n dataOwnerApi: IccDataOwnerXApi,\n xapi: ExtendedApisUtils,\n patientApi: IccPatientApi,\n cryptoPrimitives: CryptoPrimitives\n): Promise<DataOwnerWithType> {\n const self = await dataOwnerApi.getCurrentDataOwner()\n if (self.type === 'patient') {\n const patient = new Patient(self.dataOwner)\n const patientWithType: EncryptedEntityWithType = { entity: patient, type: EntityWithDelegationTypeName.Patient }\n const availableSecretIds = await xapi.secretIdsOf(patientWithType, undefined)\n if (availableSecretIds.length) {\n return self\n } else {\n if (xapi.hasEmptyEncryptionMetadata(patient)) {\n // This should not really happen, usually some user will have already initialised the patient and its encryption metadata.\n const updatedPatient = await xapi.entityWithInitialisedEncryptedMetadata(\n patient,\n EntityWithDelegationTypeName.Patient,\n undefined,\n undefined,\n true,\n true,\n {}\n )\n return { dataOwner: await patientApi.modifyPatient(updatedPatient.updatedEntity), type: DataOwnerTypeEnum.Patient }\n } else {\n const updatedPatient = await xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n false,\n {\n [patient.id!]: {\n shareEncryptionKeys: ShareMetadataBehaviour.IF_AVAILABLE,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: [cryptoPrimitives.randomUuid()],\n requestedPermissions: RequestedPermissionEnum.FULL_WRITE,\n },\n },\n (x) => patientApi.bulkSharePatients(x)\n )\n return { dataOwner: updatedPatient.updatedEntityOrThrow, type: DataOwnerTypeEnum.Patient }\n }\n }\n } else {\n return self\n }\n}\n\n/**\n * Search a public key in the data owner and returns the corresponding SHA version used to generate it or undefined if not found.\n * @param dataOwner the data owner.\n * @param publicKey the public key.\n * @return 'sha-1', 'sha-256', undefined\n */\nexport function getShaVersionForKey(dataOwner: DataOwnerOrStub, publicKey: string): ShaVersion | undefined {\n return dataOwner.publicKey === publicKey || Object.keys(dataOwner.aesExchangeKeys ?? {}).includes(publicKey)\n ? ShaVersion.Sha1\n : !!dataOwner.publicKeysForOaepWithSha256?.includes(publicKey)\n ? ShaVersion.Sha256\n : undefined\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Calculates the fingerprint from the hexadecimal representation of a SPKI key. The fingerprint is calculated as the last 16 bytes (32 characters)\n * of the SPKI key.\n * @param key the hexadecimal representation of the SPKI key.\n * @return the fingerprint.\n */\nexport function fingerprintV1(key: string): string {\n return key.slice(-32)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Calculates the fingerprint from the hexadecimal representation of a SPKI key. The fingerprint is calculated as the last 16 bytes (32 characters) from which the\n * last 5 (10 characters) are removed because they are a constant of the SPKI format.\n * @param key the hexadecimal representation of the SPKI key.\n * @return the fingerprint.\n */\nexport function fingerprintV2(key: string): string {\n return key.slice(-32, -10)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * Converts the fingerprint of a key from a V1 format to a V2 format.\n * @param fp the fingerprint of the key in the V1 format.\n * @return the fingerprint of the key in the v2 format.\n */\nexport function fingerprintV1toV2(fp: string): string {\n return fp.slice(0, -10)\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * @param fp the fingerprint.\n * @return true if the fingerprint is in V1 format, false otherwise.\n */\nexport function fingerprintIsV1(fp: string): boolean {\n return fp.length === 32\n}\n\n/**\n * @internal this function is meant only for internal use and may be changed without notice.\n * @param fp the fingerprint.\n * @return true if the fingerprint is in V2 format, false otherwise.\n */\nexport function fingerprintIsV2(fp: string): boolean {\n return fp.length === 22\n}\n"]}
|
|
@@ -19,7 +19,7 @@ var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
|
|
|
19
19
|
const utils_1 = require("./utils");
|
|
20
20
|
class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
21
21
|
get headers() {
|
|
22
|
-
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h,
|
|
22
|
+
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, utils_1.EntityWithDelegationTypeName.AccessLog));
|
|
23
23
|
}
|
|
24
24
|
constructor(host, headers, crypto, dataOwnerApi, autofillAuthor, cryptedKeys = ['detail', 'objectId'], authenticationProvider = new AuthenticationProvider_1.NoAuthenticationProvider(), fetchImpl = typeof window !== 'undefined'
|
|
25
25
|
? window.fetch
|
|
@@ -54,12 +54,12 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
54
54
|
const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user);
|
|
55
55
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
56
56
|
throw new Error('Can only initialise entities as current data owner.');
|
|
57
|
-
const sfk = (_m = options.preferredSfk) !== null && _m !== void 0 ? _m : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type:
|
|
57
|
+
const sfk = (_m = options.preferredSfk) !== null && _m !== void 0 ? _m : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }));
|
|
58
58
|
if (!sfk)
|
|
59
59
|
throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`);
|
|
60
60
|
const extraDelegations = Object.assign(Object.assign({}, Object.fromEntries([...((_p = (_o = user.autoDelegations) === null || _o === void 0 ? void 0 : _o.all) !== null && _p !== void 0 ? _p : []), ...((_r = (_q = user.autoDelegations) === null || _q === void 0 ? void 0 : _q.administrativeData) !== null && _r !== void 0 ? _r : [])].map((x) => [x, AccessLevelEnum.WRITE]))), ((_s = options.additionalDelegates) !== null && _s !== void 0 ? _s : {}));
|
|
61
61
|
return new models_1.AccessLog(yield this.crypto.xapi
|
|
62
|
-
.entityWithInitialisedEncryptedMetadata(accessLog,
|
|
62
|
+
.entityWithInitialisedEncryptedMetadata(accessLog, utils_1.EntityWithDelegationTypeName.AccessLog, patient.id, sfk, true, false, extraDelegations)
|
|
63
63
|
.then((x) => x.updatedEntity));
|
|
64
64
|
});
|
|
65
65
|
}
|
|
@@ -83,7 +83,7 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
83
83
|
*/
|
|
84
84
|
findBy(hcpartyId, patient, usingPost = false) {
|
|
85
85
|
return __awaiter(this, void 0, void 0, function* () {
|
|
86
|
-
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type:
|
|
86
|
+
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, hcpartyId);
|
|
87
87
|
const topmostParentId = (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0];
|
|
88
88
|
return extractedKeys && extractedKeys.length > 0
|
|
89
89
|
? usingPost
|
|
@@ -105,14 +105,14 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
105
105
|
return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs));
|
|
106
106
|
}
|
|
107
107
|
decrypt(hcpId, accessLogs) {
|
|
108
|
-
return Promise.all(accessLogs.map((x) => this.crypto.xapi.decryptEntity(x,
|
|
108
|
+
return Promise.all(accessLogs.map((x) => this.crypto.xapi.decryptEntity(x, utils_1.EntityWithDelegationTypeName.AccessLog, (json) => new models_1.AccessLog(json)).then(({ entity }) => entity)));
|
|
109
109
|
}
|
|
110
110
|
encrypt(user, accessLogs) {
|
|
111
111
|
const owner = this.dataOwnerApi.getDataOwnerIdOf(user);
|
|
112
112
|
return this.encryptAs(owner, accessLogs);
|
|
113
113
|
}
|
|
114
114
|
encryptAs(dataOwner, accessLogs) {
|
|
115
|
-
return Promise.all(accessLogs.map((x) => this.crypto.xapi.tryEncryptEntity(x,
|
|
115
|
+
return Promise.all(accessLogs.map((x) => this.crypto.xapi.tryEncryptEntity(x, utils_1.EntityWithDelegationTypeName.AccessLog, this.encryptedFields, false, false, (json) => new models_1.AccessLog(json))));
|
|
116
116
|
}
|
|
117
117
|
createAccessLog(body) {
|
|
118
118
|
throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
|
|
@@ -181,7 +181,9 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
181
181
|
const currentLimit = limit - foundAccessLogs.length;
|
|
182
182
|
const { rows: logs, nextKeyPair: newNextKeyPair } = (yield _super.findByUserAfterDate.call(this, userId, 'USER_ACCESS', startDate, nextKeyPair && JSON.stringify(nextKeyPair.startKey), nextKeyPair && nextKeyPair.startKeyDocId, numberRequestedAccessLogs, true));
|
|
183
183
|
const logsWithPatientId = yield this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), logs).then((decryptedLogs) => Promise.all(_.map(decryptedLogs, (decryptedLog) => {
|
|
184
|
-
return this.crypto.xapi
|
|
184
|
+
return this.crypto.xapi
|
|
185
|
+
.owningEntityIdsOf({ entity: decryptedLog, type: utils_1.EntityWithDelegationTypeName.AccessLog }, user.healthcarePartyId)
|
|
186
|
+
.then((keys) => (Object.assign(Object.assign({}, decryptedLog), { patientId: _.head(keys) })));
|
|
185
187
|
})));
|
|
186
188
|
const uniqueLogs = _.chain(logsWithPatientId)
|
|
187
189
|
.reject((log) => _.some(foundAccessLogs, ({ patientId }) => patientId === log.patientId))
|
|
@@ -209,7 +211,7 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
209
211
|
*/
|
|
210
212
|
decryptPatientIdOf(accessLog) {
|
|
211
213
|
return __awaiter(this, void 0, void 0, function* () {
|
|
212
|
-
return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type:
|
|
214
|
+
return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: utils_1.EntityWithDelegationTypeName.AccessLog }, undefined);
|
|
213
215
|
});
|
|
214
216
|
}
|
|
215
217
|
/**
|
|
@@ -217,7 +219,7 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
217
219
|
*/
|
|
218
220
|
hasWriteAccess(accessLog) {
|
|
219
221
|
return __awaiter(this, void 0, void 0, function* () {
|
|
220
|
-
return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type:
|
|
222
|
+
return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: utils_1.EntityWithDelegationTypeName.AccessLog });
|
|
221
223
|
});
|
|
222
224
|
}
|
|
223
225
|
/**
|
|
@@ -275,10 +277,10 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
275
277
|
return __awaiter(this, void 0, void 0, function* () {
|
|
276
278
|
const self = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
277
279
|
// All entities should have an encryption key.
|
|
278
|
-
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog,
|
|
280
|
+
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, utils_1.EntityWithDelegationTypeName.AccessLog);
|
|
279
281
|
const updatedEntity = entityWithEncryptionKey ? yield this.modifyAs(self, entityWithEncryptionKey) : accessLog;
|
|
280
282
|
return this.crypto.xapi
|
|
281
|
-
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type:
|
|
283
|
+
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type: utils_1.EntityWithDelegationTypeName.AccessLog }, true, Object.fromEntries(Object.entries(delegates).map(([delegateId, options]) => [
|
|
282
284
|
delegateId,
|
|
283
285
|
{
|
|
284
286
|
requestedPermissions: options.requestedPermissions,
|
|
@@ -291,13 +293,13 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
291
293
|
});
|
|
292
294
|
}
|
|
293
295
|
getDataOwnersWithAccessTo(entity) {
|
|
294
|
-
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type:
|
|
296
|
+
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog });
|
|
295
297
|
}
|
|
296
298
|
getEncryptionKeysOf(entity) {
|
|
297
|
-
return this.crypto.xapi.encryptionKeysOf({ entity, type:
|
|
299
|
+
return this.crypto.xapi.encryptionKeysOf({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog }, undefined);
|
|
298
300
|
}
|
|
299
301
|
createDelegationDeAnonymizationMetadata(entity, delegates) {
|
|
300
|
-
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type:
|
|
302
|
+
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog }, delegates);
|
|
301
303
|
}
|
|
302
304
|
}
|
|
303
305
|
exports.IccAccesslogXApi = IccAccesslogXApi;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAA2E;AAC3E,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAMzD,mCAAuE;AAOvE,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;IACpH,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAGI,EAAE;;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAE5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,SAAS,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,SAAS,mCAAI,OAAO,CAAC,EAAE,EACrC,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAA,OAAO,CAAC,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;YAC1I,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAClF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,SAAS,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBAC9G,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IAEG,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;YACzG,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,UAAmC;QACxD,OAAO,OAAO,CAAC,GAAG,CAChB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAClI,CAAA;IACH,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEO,SAAS,CAAC,SAAiB,EAAE,UAAmC;QACtE,OAAO,OAAO,CAAC,GAAG,CAChB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAC5I,CAAA;IACH,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAEK,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAEK,sCAAsC,CAAC,IAAiB,EAAE,MAAc,EAAE,KAAK,GAAG,GAAG,EAAE,SAAkB;;;;;YAC7G,IAAI,eAAe,GAA6B,EAAE,EAChD,WAAW,GAAwD,SAAS,CAAA;YAC9E,MAAM,yBAAyB,GAAG,GAAG,CAAA;YACrC,MAAM,oBAAoB,GAAG,CAAC,CAAA;YAE9B,KAAK,IAAI,gBAAgB,GAAG,CAAC,EAAE,eAAe,CAAC,MAAM,GAAG,KAAK,IAAI,gBAAgB,GAAG,oBAAoB,EAAE,gBAAgB,EAAE,EAAE;gBAC5H,MAAM,YAAY,GAAG,KAAK,GAAG,eAAe,CAAC,MAAM,CAAA;gBACnD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,EAAE,GAAkC,CAAC,MAAM,OAAM,mBAAmB,YACjH,MAAM,EACN,aAAa,EACb,SAAS,EACT,WAAW,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,QAAS,CAAC,EACpD,WAAW,IAAI,WAAW,CAAC,aAAc,EACzC,yBAAyB,EACzB,IAAI,CACL,CAAkC,CAAA;gBACnC,MAAM,iBAAiB,GAA6B,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,IAAmB,CAAC,CAAC,IAAI,CACzI,CAAC,aAAa,EAAE,EAAE,CAChB,OAAO,CAAC,GAAG,CACT,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,YAAY,EAAE,EAAE;oBACpC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,IAAI,CAAC,iBAA2B,CAAC,CAAC,IAAI,CAC3H,CAAC,IAAI,EAAE,EAAE,CACP,CAAC,gCACI,YAAY,KACf,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GACG,CAAA,CAC/B,CAAA;gBACH,CAAC,CAAC,CACH,CACJ,CAAA;gBAED,MAAM,UAAU,GAA6B,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC;qBACpE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,SAAS,KAAK,GAAG,CAAC,SAAS,CAAC,CAAC;qBACxF,MAAM,CAAC,CAAC,GAA2B,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC;qBACtD,KAAK,EAAE;qBACP,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;gBAEzB,eAAe,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,UAAU,CAAC,CAAA;gBAErD,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,yBAAyB,EAAE;oBACnD,MAAK;iBACN;qBAAM,IAAI,cAAc,EAAE;oBACzB,WAAW,GAAG,cAAc,CAAA;iBAC7B;qBAAM;oBACL,MAAK;iBACN;aACF;YAED,OAAO,eAAe,CAAA;QACxB,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,SAAS,CAAC,CAAA;QAChG,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAA;QAClF,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,SAAoB,EACpB,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,SAAoB,EACpB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAC9G,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,EAC5C,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAA;IACxG,CAAC;IAED,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,SAAS,CAAC,CAAA;IACpF,CAAC;IAED,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,SAAS,CAAC,CAAA;IAC3H,CAAC;CACF;AA3ZD,4CA2ZC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\n\nexport interface AccessLogWithPatientId extends AccessLog {\n patientId: string\n}\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, 'AccessLog'))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the access log. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n patientId: h?.patientId ?? patient.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = options.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: 'Patient' }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n ),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(accessLog, 'AccessLog', patient.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all helements with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the helements of the patient.\n *\n * @param hcpartyId\n * @param patient (Promise)\n * @param keepObsoleteVersions\n * @param usingPost\n */\n\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: 'Patient' }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return Promise.all(\n accessLogs.map((x) => this.crypto.xapi.decryptEntity(x, 'AccessLog', (json) => new AccessLog(json)).then(({ entity }) => entity))\n )\n }\n\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return Promise.all(\n accessLogs.map((x) => this.crypto.xapi.tryEncryptEntity(x, 'AccessLog', this.encryptedFields, false, false, (json) => new AccessLog(json)))\n )\n }\n\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n async findLatestAccessLogsOfPatientsWithUser(user: models.User, userId: string, limit = 100, startDate?: number): Promise<models.AccessLog[]> {\n let foundAccessLogs: AccessLogWithPatientId[] = [],\n nextKeyPair: models.PaginatedDocumentKeyIdPairObject | undefined = undefined\n const numberRequestedAccessLogs = 100\n const MAX_WHILE_ITERATIONS = 5\n\n for (let currentIteration = 0; foundAccessLogs.length < limit && currentIteration < MAX_WHILE_ITERATIONS; currentIteration++) {\n const currentLimit = limit - foundAccessLogs.length\n const { rows: logs, nextKeyPair: newNextKeyPair }: models.PaginatedListAccessLog = (await super.findByUserAfterDate(\n userId,\n 'USER_ACCESS',\n startDate,\n nextKeyPair && JSON.stringify(nextKeyPair.startKey!),\n nextKeyPair && nextKeyPair.startKeyDocId!,\n numberRequestedAccessLogs,\n true\n )) as models.PaginatedListAccessLog\n const logsWithPatientId: AccessLogWithPatientId[] = await this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, logs as AccessLog[]).then(\n (decryptedLogs) =>\n Promise.all(\n _.map(decryptedLogs, (decryptedLog) => {\n return this.crypto.xapi.owningEntityIdsOf({ entity: decryptedLog, type: 'AccessLog' }, user.healthcarePartyId as string).then(\n (keys) =>\n ({\n ...decryptedLog,\n patientId: _.head(keys),\n } as AccessLogWithPatientId)\n )\n })\n )\n )\n\n const uniqueLogs: AccessLogWithPatientId[] = _.chain(logsWithPatientId)\n .reject((log) => _.some(foundAccessLogs, ({ patientId }) => patientId === log.patientId))\n .uniqBy((log: AccessLogWithPatientId) => log.patientId)\n .value()\n .slice(0, currentLimit)\n\n foundAccessLogs = [...foundAccessLogs, ...uniqueLogs]\n\n if ((logs || []).length < numberRequestedAccessLogs) {\n break\n } else if (newNextKeyPair) {\n nextKeyPair = newNextKeyPair\n } else {\n break\n }\n }\n\n return foundAccessLogs\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: 'AccessLog' }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: 'AccessLog' })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, 'AccessLog')\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: 'AccessLog' },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: 'AccessLog' })\n }\n\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: 'AccessLog' }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: 'AccessLog' }, delegates)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAA2E;AAC3E,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAMzD,mCAAqG;AAOrG,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;OAaG;IACG,WAAW,CACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAGI,EAAE;;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAE5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,SAAS,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,SAAS,mCAAI,OAAO,CAAC,EAAE,EACrC,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GACP,MAAA,OAAO,CAAC,YAAY,mCACpB,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;YACnI,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAClF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,CAAC;iBACzI,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IAEG,MAAM,CAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,UAAmC;QACxD,OAAO,OAAO,CAAC,GAAG,CAChB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,CACtI,CACF,CAAA;IACH,CAAC;IAED,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEO,SAAS,CAAC,SAAiB,EAAE,UAAmC;QACtE,OAAO,OAAO,CAAC,GAAG,CAChB,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAC/B,CAAC,EACD,oCAA4B,CAAC,SAAS,EACtC,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAC9B,CACF,CACF,CAAA;IACH,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAEK,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAEK,sCAAsC,CAAC,IAAiB,EAAE,MAAc,EAAE,KAAK,GAAG,GAAG,EAAE,SAAkB;;;;;YAC7G,IAAI,eAAe,GAA6B,EAAE,EAChD,WAAW,GAAwD,SAAS,CAAA;YAC9E,MAAM,yBAAyB,GAAG,GAAG,CAAA;YACrC,MAAM,oBAAoB,GAAG,CAAC,CAAA;YAE9B,KAAK,IAAI,gBAAgB,GAAG,CAAC,EAAE,eAAe,CAAC,MAAM,GAAG,KAAK,IAAI,gBAAgB,GAAG,oBAAoB,EAAE,gBAAgB,EAAE,EAAE;gBAC5H,MAAM,YAAY,GAAG,KAAK,GAAG,eAAe,CAAC,MAAM,CAAA;gBACnD,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,EAAE,GAAkC,CAAC,MAAM,OAAM,mBAAmB,YACjH,MAAM,EACN,aAAa,EACb,SAAS,EACT,WAAW,IAAI,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,QAAS,CAAC,EACpD,WAAW,IAAI,WAAW,CAAC,aAAc,EACzC,yBAAyB,EACzB,IAAI,CACL,CAAkC,CAAA;gBACnC,MAAM,iBAAiB,GAA6B,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,IAAmB,CAAC,CAAC,IAAI,CACzI,CAAC,aAAa,EAAE,EAAE,CAChB,OAAO,CAAC,GAAG,CACT,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC,YAAY,EAAE,EAAE;oBACpC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;yBACpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,IAAI,CAAC,iBAA2B,CAAC;yBAC3H,IAAI,CACH,CAAC,IAAI,EAAE,EAAE,CACP,CAAC,gCACI,YAAY,KACf,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GACG,CAAA,CAC/B,CAAA;gBACL,CAAC,CAAC,CACH,CACJ,CAAA;gBAED,MAAM,UAAU,GAA6B,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC;qBACpE,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC,SAAS,KAAK,GAAG,CAAC,SAAS,CAAC,CAAC;qBACxF,MAAM,CAAC,CAAC,GAA2B,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,CAAC;qBACtD,KAAK,EAAE;qBACP,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAA;gBAEzB,eAAe,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,UAAU,CAAC,CAAA;gBAErD,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,yBAAyB,EAAE;oBACnD,MAAK;iBACN;qBAAM,IAAI,cAAc,EAAE;oBACzB,WAAW,GAAG,cAAc,CAAA;iBAC7B;qBAAM;oBACL,MAAK;iBACN;aACF;YAED,OAAO,eAAe,CAAA;QACxB,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAC3H,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,SAAoB,EACpB,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CACjB,SAAoB,EACpB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAMC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC,EAAE,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACvE,IAAI,EACJ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,SAAS;iBAC1B;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA7aD,4CA6aC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\n\nexport interface AccessLogWithPatientId extends AccessLog {\n patientId: string\n}\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.AccessLog))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the access log. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n patientId: h?.patientId ?? patient.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk =\n options.preferredSfk ??\n (await this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: EntityWithDelegationTypeName.Patient }))\n if (!sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n ),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(accessLog, EntityWithDelegationTypeName.AccessLog, patient.id, sfk, true, false, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all helements with (allSecretForeignKeysDelimitedByComa, hcpartyId)\n *\n * After these painful steps, you have the helements of the patient.\n *\n * @param hcpartyId\n * @param patient (Promise)\n * @param keepObsoleteVersions\n * @param usingPost\n */\n\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return Promise.all(\n accessLogs.map((x) =>\n this.crypto.xapi.decryptEntity(x, EntityWithDelegationTypeName.AccessLog, (json) => new AccessLog(json)).then(({ entity }) => entity)\n )\n )\n }\n\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return Promise.all(\n accessLogs.map((x) =>\n this.crypto.xapi.tryEncryptEntity(\n x,\n EntityWithDelegationTypeName.AccessLog,\n this.encryptedFields,\n false,\n false,\n (json) => new AccessLog(json)\n )\n )\n )\n }\n\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n async findLatestAccessLogsOfPatientsWithUser(user: models.User, userId: string, limit = 100, startDate?: number): Promise<models.AccessLog[]> {\n let foundAccessLogs: AccessLogWithPatientId[] = [],\n nextKeyPair: models.PaginatedDocumentKeyIdPairObject | undefined = undefined\n const numberRequestedAccessLogs = 100\n const MAX_WHILE_ITERATIONS = 5\n\n for (let currentIteration = 0; foundAccessLogs.length < limit && currentIteration < MAX_WHILE_ITERATIONS; currentIteration++) {\n const currentLimit = limit - foundAccessLogs.length\n const { rows: logs, nextKeyPair: newNextKeyPair }: models.PaginatedListAccessLog = (await super.findByUserAfterDate(\n userId,\n 'USER_ACCESS',\n startDate,\n nextKeyPair && JSON.stringify(nextKeyPair.startKey!),\n nextKeyPair && nextKeyPair.startKeyDocId!,\n numberRequestedAccessLogs,\n true\n )) as models.PaginatedListAccessLog\n const logsWithPatientId: AccessLogWithPatientId[] = await this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, logs as AccessLog[]).then(\n (decryptedLogs) =>\n Promise.all(\n _.map(decryptedLogs, (decryptedLog) => {\n return this.crypto.xapi\n .owningEntityIdsOf({ entity: decryptedLog, type: EntityWithDelegationTypeName.AccessLog }, user.healthcarePartyId as string)\n .then(\n (keys) =>\n ({\n ...decryptedLog,\n patientId: _.head(keys),\n } as AccessLogWithPatientId)\n )\n })\n )\n )\n\n const uniqueLogs: AccessLogWithPatientId[] = _.chain(logsWithPatientId)\n .reject((log) => _.some(foundAccessLogs, ({ patientId }) => patientId === log.patientId))\n .uniqBy((log: AccessLogWithPatientId) => log.patientId)\n .value()\n .slice(0, currentLimit)\n\n foundAccessLogs = [...foundAccessLogs, ...uniqueLogs]\n\n if ((logs || []).length < numberRequestedAccessLogs) {\n break\n } else if (newNextKeyPair) {\n nextKeyPair = newNextKeyPair\n } else {\n break\n }\n }\n\n return foundAccessLogs\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, EntityWithDelegationTypeName.AccessLog)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n { entity: updatedEntity, type: EntityWithDelegationTypeName.AccessLog },\n true,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: undefined,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.AccessLog },\n delegates\n )\n }\n}\n"]}
|
|
@@ -7,11 +7,11 @@ import { AuthenticationProvider } from './auth/AuthenticationProvider';
|
|
|
7
7
|
import { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour';
|
|
8
8
|
import { ShareResult } from './utils/ShareResult';
|
|
9
9
|
import { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest';
|
|
10
|
-
import RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum;
|
|
11
10
|
import { SecureDelegation } from '../icc-api/model/SecureDelegation';
|
|
12
|
-
import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
|
|
13
11
|
import { XHR } from '../icc-api/api/XHR';
|
|
14
12
|
import { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi';
|
|
13
|
+
import RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum;
|
|
14
|
+
import AccessLevelEnum = SecureDelegation.AccessLevelEnum;
|
|
15
15
|
export declare class IccCalendarItemXApi extends IccCalendarItemApi implements EncryptedEntityXApi<models.CalendarItem> {
|
|
16
16
|
private readonly autofillAuthor;
|
|
17
17
|
i18n: any;
|
|
@@ -27,13 +27,13 @@ const models_1 = require("../icc-api/model/models");
|
|
|
27
27
|
const icc_api_1 = require("../icc-api");
|
|
28
28
|
const AuthenticationProvider_1 = require("./auth/AuthenticationProvider");
|
|
29
29
|
const EntityShareRequest_1 = require("../icc-api/model/requests/EntityShareRequest");
|
|
30
|
-
var RequestedPermissionEnum = EntityShareRequest_1.EntityShareRequest.RequestedPermissionEnum;
|
|
31
30
|
const SecureDelegation_1 = require("../icc-api/model/SecureDelegation");
|
|
32
|
-
var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
|
|
33
31
|
const utils_1 = require("./utils");
|
|
32
|
+
var RequestedPermissionEnum = EntityShareRequest_1.EntityShareRequest.RequestedPermissionEnum;
|
|
33
|
+
var AccessLevelEnum = SecureDelegation_1.SecureDelegation.AccessLevelEnum;
|
|
34
34
|
class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
35
35
|
get headers() {
|
|
36
|
-
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h,
|
|
36
|
+
return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, utils_1.EntityWithDelegationTypeName.CalendarItem));
|
|
37
37
|
}
|
|
38
38
|
constructor(host, headers, crypto, dataOwnerApi, autofillAuthor, encryptedKeys = ['details', 'title', 'patientId'], authenticationProvider = new AuthenticationProvider_1.NoAuthenticationProvider(), fetchImpl = typeof window !== 'undefined'
|
|
39
39
|
? window.fetch
|
|
@@ -74,19 +74,19 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
74
74
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
75
75
|
throw new Error('Can only initialise entities as current data owner.');
|
|
76
76
|
const sfk = patient
|
|
77
|
-
? (_h = options === null || options === void 0 ? void 0 : options.preferredSfk) !== null && _h !== void 0 ? _h : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type:
|
|
77
|
+
? (_h = options === null || options === void 0 ? void 0 : options.preferredSfk) !== null && _h !== void 0 ? _h : (yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }))
|
|
78
78
|
: undefined;
|
|
79
79
|
if (patient && !sfk)
|
|
80
80
|
throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`);
|
|
81
81
|
const extraDelegations = Object.assign(Object.assign({}, Object.fromEntries([...((_k = (_j = user.autoDelegations) === null || _j === void 0 ? void 0 : _j.all) !== null && _k !== void 0 ? _k : []), ...((_m = (_l = user.autoDelegations) === null || _l === void 0 ? void 0 : _l.medicalInformation) !== null && _m !== void 0 ? _m : [])].map((d) => [d, AccessLevelEnum.WRITE]))), ((_o = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _o !== void 0 ? _o : {}));
|
|
82
82
|
return new models_1.CalendarItem(yield this.crypto.xapi
|
|
83
|
-
.entityWithInitialisedEncryptedMetadata(calendarItem,
|
|
83
|
+
.entityWithInitialisedEncryptedMetadata(calendarItem, utils_1.EntityWithDelegationTypeName.CalendarItem, patient === null || patient === void 0 ? void 0 : patient.id, sfk, true, false, extraDelegations)
|
|
84
84
|
.then((x) => x.updatedEntity));
|
|
85
85
|
});
|
|
86
86
|
}
|
|
87
87
|
findBy(hcpartyId, patient, usingPost = false) {
|
|
88
88
|
return __awaiter(this, void 0, void 0, function* () {
|
|
89
|
-
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type:
|
|
89
|
+
const extractedKeys = yield this.crypto.xapi.secretIdsOf({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, hcpartyId);
|
|
90
90
|
const topmostParentId = (yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0];
|
|
91
91
|
return extractedKeys && extractedKeys.length > 0
|
|
92
92
|
? usingPost
|
|
@@ -195,10 +195,10 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
195
195
|
return this.encryptAs(this.dataOwnerApi.getDataOwnerIdOf(user), calendarItems);
|
|
196
196
|
}
|
|
197
197
|
encryptAs(dataOwner, calendarItems) {
|
|
198
|
-
return Promise.all(calendarItems.map((x) => this.crypto.xapi.tryEncryptEntity(x,
|
|
198
|
+
return Promise.all(calendarItems.map((x) => this.crypto.xapi.tryEncryptEntity(x, utils_1.EntityWithDelegationTypeName.CalendarItem, this.encryptedFields, false, false, (json) => new models_1.CalendarItem(json))));
|
|
199
199
|
}
|
|
200
200
|
decrypt(hcpId, calendarItems) {
|
|
201
|
-
return Promise.all(calendarItems.map((x) => this.crypto.xapi.decryptEntity(x,
|
|
201
|
+
return Promise.all(calendarItems.map((x) => this.crypto.xapi.decryptEntity(x, utils_1.EntityWithDelegationTypeName.CalendarItem, (json) => new models_1.CalendarItem(json)).then(({ entity }) => entity)));
|
|
202
202
|
}
|
|
203
203
|
/**
|
|
204
204
|
* @param calendarItem a calendar item
|
|
@@ -207,7 +207,7 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
207
207
|
*/
|
|
208
208
|
decryptPatientIdOf(calendarItem) {
|
|
209
209
|
return __awaiter(this, void 0, void 0, function* () {
|
|
210
|
-
return this.crypto.xapi.owningEntityIdsOf({ entity: calendarItem, type:
|
|
210
|
+
return this.crypto.xapi.owningEntityIdsOf({ entity: calendarItem, type: utils_1.EntityWithDelegationTypeName.CalendarItem }, undefined);
|
|
211
211
|
});
|
|
212
212
|
}
|
|
213
213
|
/**
|
|
@@ -215,7 +215,7 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
215
215
|
*/
|
|
216
216
|
hasWriteAccess(calendarItem) {
|
|
217
217
|
return __awaiter(this, void 0, void 0, function* () {
|
|
218
|
-
return this.crypto.xapi.hasWriteAccess({ entity: calendarItem, type:
|
|
218
|
+
return this.crypto.xapi.hasWriteAccess({ entity: calendarItem, type: utils_1.EntityWithDelegationTypeName.CalendarItem });
|
|
219
219
|
});
|
|
220
220
|
}
|
|
221
221
|
/**
|
|
@@ -273,10 +273,10 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
273
273
|
return __awaiter(this, void 0, void 0, function* () {
|
|
274
274
|
const self = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
275
275
|
// All entities should have an encryption key.
|
|
276
|
-
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(calendarItem,
|
|
276
|
+
const entityWithEncryptionKey = yield this.crypto.xapi.ensureEncryptionKeysInitialised(calendarItem, utils_1.EntityWithDelegationTypeName.CalendarItem);
|
|
277
277
|
const updatedEntity = entityWithEncryptionKey ? yield this.modifyAs(self, entityWithEncryptionKey) : calendarItem;
|
|
278
278
|
return this.crypto.xapi
|
|
279
|
-
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type:
|
|
279
|
+
.simpleShareOrUpdateEncryptedEntityMetadata({ entity: updatedEntity, type: utils_1.EntityWithDelegationTypeName.CalendarItem }, true, Object.fromEntries(Object.entries(delegates).map(([delegateId, options]) => [
|
|
280
280
|
delegateId,
|
|
281
281
|
{
|
|
282
282
|
requestedPermissions: options.requestedPermissions,
|
|
@@ -289,10 +289,10 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
289
289
|
});
|
|
290
290
|
}
|
|
291
291
|
getDataOwnersWithAccessTo(entity) {
|
|
292
|
-
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type:
|
|
292
|
+
return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: utils_1.EntityWithDelegationTypeName.CalendarItem });
|
|
293
293
|
}
|
|
294
294
|
getEncryptionKeysOf(entity) {
|
|
295
|
-
return this.crypto.xapi.encryptionKeysOf({ entity, type:
|
|
295
|
+
return this.crypto.xapi.encryptionKeysOf({ entity, type: utils_1.EntityWithDelegationTypeName.CalendarItem }, undefined);
|
|
296
296
|
}
|
|
297
297
|
/**
|
|
298
298
|
* Links a calendar item with a patient. Note that this operation is not reversible: it is not possible to change the patient linked to a calendar
|
|
@@ -309,7 +309,7 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
309
309
|
if (!!((_a = calendarItem.secretForeignKeys) === null || _a === void 0 ? void 0 : _a.length))
|
|
310
310
|
throw new Error(`Calendar item ${calendarItem.id} is already linked to a patient`);
|
|
311
311
|
const delegates = [...new Set([yield this.dataOwnerApi.getCurrentDataOwnerId(), ...shareLinkWithDelegates])];
|
|
312
|
-
const sfk = yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type:
|
|
312
|
+
const sfk = yield this.crypto.confidential.getAnySecretIdSharedWithParents({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient });
|
|
313
313
|
if (!sfk) {
|
|
314
314
|
throw new Error(`Could not find any secret id for patient ${patient.id} which is shared with the topmost ancestor of the current data owner`);
|
|
315
315
|
}
|
|
@@ -319,7 +319,7 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
319
319
|
shareOwningEntityIds: [patient.id],
|
|
320
320
|
requestedPermissions: RequestedPermissionEnum.FULL_READ,
|
|
321
321
|
};
|
|
322
|
-
const shared = yield this.crypto.xapi.bulkShareOrUpdateEncryptedEntityMetadata(
|
|
322
|
+
const shared = yield this.crypto.xapi.bulkShareOrUpdateEncryptedEntityMetadata(utils_1.EntityWithDelegationTypeName.CalendarItem, [
|
|
323
323
|
{
|
|
324
324
|
entity: calendarItem,
|
|
325
325
|
dataForDelegates: Object.fromEntries(delegates.map((d) => [d, individualShareData])),
|
|
@@ -341,7 +341,7 @@ class IccCalendarItemXApi extends icc_api_1.IccCalendarItemApi {
|
|
|
341
341
|
});
|
|
342
342
|
}
|
|
343
343
|
createDelegationDeAnonymizationMetadata(entity, delegates) {
|
|
344
|
-
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type:
|
|
344
|
+
return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: utils_1.EntityWithDelegationTypeName.CalendarItem }, delegates);
|
|
345
345
|
}
|
|
346
346
|
}
|
|
347
347
|
exports.IccCalendarItemXApi = IccCalendarItemXApi;
|