@icure/api 8.2.2 → 8.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccAuthApi.js +1 -1
- package/icc-api/api/IccAuthApi.js.map +1 -1
- package/icc-api/api/IccDocumentApi.js.map +1 -1
- package/icc-api/api/IccFormApi.js.map +1 -1
- package/icc-api/api/IccReceiptApi.js.map +1 -1
- package/icc-api/api/IccRestApiPath.js +1 -2
- package/icc-api/api/IccRestApiPath.js.map +1 -1
- package/icc-api/api/XHR.js +17 -8
- package/icc-api/api/XHR.js.map +1 -1
- package/icc-api/model/Address.js +1 -1
- package/icc-api/model/Address.js.map +1 -1
- package/icc-api/model/Amp.js +1 -1
- package/icc-api/model/Amp.js.map +1 -1
- package/icc-api/model/AmpComponent.js +1 -1
- package/icc-api/model/AmpComponent.js.map +1 -1
- package/icc-api/model/Ampp.js +1 -1
- package/icc-api/model/Ampp.js.map +1 -1
- package/icc-api/model/AmppComponent.js +1 -1
- package/icc-api/model/AmppComponent.js.map +1 -1
- package/icc-api/model/CareTeamMember.js +1 -1
- package/icc-api/model/CareTeamMember.js.map +1 -1
- package/icc-api/model/CareTeamMembership.js +1 -1
- package/icc-api/model/CareTeamMembership.js.map +1 -1
- package/icc-api/model/Code.js +1 -1
- package/icc-api/model/Code.js.map +1 -1
- package/icc-api/model/Contact.js.map +1 -1
- package/icc-api/model/Content.js.map +1 -1
- package/icc-api/model/DataOwnerTypeEnum.js +1 -1
- package/icc-api/model/DataOwnerTypeEnum.js.map +1 -1
- package/icc-api/model/DataOwnerWithType.js +1 -1
- package/icc-api/model/DataOwnerWithType.js.map +1 -1
- package/icc-api/model/DatabaseSynchronization.js +1 -1
- package/icc-api/model/DatabaseSynchronization.js.map +1 -1
- package/icc-api/model/Dmpp.js +1 -1
- package/icc-api/model/Dmpp.js.map +1 -1
- package/icc-api/model/Document.js +1 -1
- package/icc-api/model/Document.js.map +1 -1
- package/icc-api/model/DocumentTemplate.d.ts +1 -1
- package/icc-api/model/DocumentTemplate.js +1 -1
- package/icc-api/model/DocumentTemplate.js.map +1 -1
- package/icc-api/model/Editor.js +1 -1
- package/icc-api/model/Editor.js.map +1 -1
- package/icc-api/model/EfactInvoice.js +1 -1
- package/icc-api/model/EfactInvoice.js.map +1 -1
- package/icc-api/model/EmailOrSmsMessage.js +1 -1
- package/icc-api/model/EmailOrSmsMessage.js.map +1 -1
- package/icc-api/model/FlatRateTarification.js +1 -1
- package/icc-api/model/FlatRateTarification.js.map +1 -1
- package/icc-api/model/Formula.js +1 -1
- package/icc-api/model/Formula.js.map +1 -1
- package/icc-api/model/FrontEndMigration.js +1 -1
- package/icc-api/model/FrontEndMigration.js.map +1 -1
- package/icc-api/model/HealthElement.js +1 -1
- package/icc-api/model/HealthElement.js.map +1 -1
- package/icc-api/model/HealthcareParty.js +1 -1
- package/icc-api/model/HealthcareParty.js.map +1 -1
- package/icc-api/model/HealthcarePartyHistoryStatus.js +1 -1
- package/icc-api/model/HealthcarePartyHistoryStatus.js.map +1 -1
- package/icc-api/model/Ingredient.js +1 -1
- package/icc-api/model/Ingredient.js.map +1 -1
- package/icc-api/model/Invoice.js +1 -1
- package/icc-api/model/Invoice.js.map +1 -1
- package/icc-api/model/InvoiceItem.js +1 -1
- package/icc-api/model/InvoiceItem.js.map +1 -1
- package/icc-api/model/InvoicingCode.js +1 -1
- package/icc-api/model/InvoicingCode.js.map +1 -1
- package/icc-api/model/MaintenanceTask.js +1 -1
- package/icc-api/model/MaintenanceTask.js.map +1 -1
- package/icc-api/model/Measure.js.map +1 -1
- package/icc-api/model/MedicalHouseContract.js +1 -1
- package/icc-api/model/MedicalHouseContract.js.map +1 -1
- package/icc-api/model/ModelHelper.js +9 -10
- package/icc-api/model/ModelHelper.js.map +1 -1
- package/icc-api/model/Partnership.js +1 -1
- package/icc-api/model/Partnership.js.map +1 -1
- package/icc-api/model/Patient.js +1 -1
- package/icc-api/model/Patient.js.map +1 -1
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js +1 -1
- package/icc-api/model/PatientByHcPartyGenderEducationProfession.js.map +1 -1
- package/icc-api/model/PatientHealthCareParty.js +1 -1
- package/icc-api/model/PatientHealthCareParty.js.map +1 -1
- package/icc-api/model/Payment.js +1 -1
- package/icc-api/model/Payment.js.map +1 -1
- package/icc-api/model/PermissionCriterion.js +1 -1
- package/icc-api/model/PermissionCriterion.js.map +1 -1
- package/icc-api/model/PermissionItem.js +1 -1
- package/icc-api/model/PermissionItem.js.map +1 -1
- package/icc-api/model/PersonName.js +1 -1
- package/icc-api/model/PersonName.js.map +1 -1
- package/icc-api/model/PropertyTypeStub.js +1 -1
- package/icc-api/model/PropertyTypeStub.js.map +1 -1
- package/icc-api/model/Reimbursement.js +1 -1
- package/icc-api/model/Reimbursement.js.map +1 -1
- package/icc-api/model/RoleSourceEnum.js +1 -1
- package/icc-api/model/RoleSourceEnum.js.map +1 -1
- package/icc-api/model/SecureDelegation.js +1 -1
- package/icc-api/model/SecureDelegation.js.map +1 -1
- package/icc-api/model/Service.js.map +1 -1
- package/icc-api/model/StandardSubstance.js +1 -1
- package/icc-api/model/StandardSubstance.js.map +1 -1
- package/icc-api/model/SumehrValidity.js +1 -1
- package/icc-api/model/SumehrValidity.js.map +1 -1
- package/icc-api/model/Tarification.js +1 -1
- package/icc-api/model/Tarification.js.map +1 -1
- package/icc-api/model/Telecom.js +1 -1
- package/icc-api/model/Telecom.js.map +1 -1
- package/icc-api/model/Topic.js +1 -1
- package/icc-api/model/Topic.js.map +1 -1
- package/icc-api/model/TypedValueObject.js +1 -1
- package/icc-api/model/TypedValueObject.js.map +1 -1
- package/icc-api/model/User.js +1 -1
- package/icc-api/model/User.js.map +1 -1
- package/icc-api/model/UserTypeEnum.js +1 -1
- package/icc-api/model/UserTypeEnum.js.map +1 -1
- package/icc-api/model/VirtualIngredient.js +1 -1
- package/icc-api/model/VirtualIngredient.js.map +1 -1
- package/icc-api/model/internal/RecoveryData.js +1 -1
- package/icc-api/model/internal/RecoveryData.js.map +1 -1
- package/icc-api/model/requests/EntityBulkShareResult.js.map +1 -1
- package/icc-api/model/requests/EntityShareOrMetadataUpdateRequest.js.map +1 -1
- package/icc-api/model/requests/EntityShareRequest.js +1 -1
- package/icc-api/model/requests/EntityShareRequest.js.map +1 -1
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js +1 -1
- package/icc-api/model/requests/EntitySharedMetadataUpdateRequest.js.map +1 -1
- package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
- package/icc-x-api/auth/BasicAuthService.js.map +1 -1
- package/icc-x-api/auth/EnsembleAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtUtils.js +3 -4
- package/icc-x-api/auth/JwtUtils.js.map +1 -1
- package/icc-x-api/auth/NoAuthService.js.map +1 -1
- package/icc-x-api/auth/SmartAuthProvider.d.ts +1 -1
- package/icc-x-api/auth/SmartAuthProvider.js +1 -1
- package/icc-x-api/auth/SmartAuthProvider.js.map +1 -1
- package/icc-x-api/crypto/AES.js.map +1 -1
- package/icc-x-api/crypto/AccessControlKeysHeadersProvider.js.map +1 -1
- package/icc-x-api/crypto/AccessControlSecretUtils.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js +10 -10
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeKeysManager.js +4 -4
- package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/CryptoStrategies.d.ts +5 -7
- package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js +1 -1
- package/icc-x-api/crypto/DelegationsDeAnonymization.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +7 -9
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeKeysManager.js +1 -1
- package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +11 -10
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
- package/icc-x-api/crypto/HMACUtils.js.map +1 -1
- package/icc-x-api/crypto/KeyRecovery.js +5 -5
- package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
- package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js +3 -3
- package/icc-x-api/crypto/NativeCryptoPrimitivesBridge.js.map +1 -1
- package/icc-x-api/crypto/RSA.js +4 -4
- package/icc-x-api/crypto/RSA.js.map +1 -1
- package/icc-x-api/crypto/RecoveryDataEncryption.js +1 -1
- package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
- package/icc-x-api/crypto/SecretIdUseOption.js +1 -1
- package/icc-x-api/crypto/SecretIdUseOption.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsEncryption.js +4 -4
- package/icc-x-api/crypto/SecureDelegationsEncryption.js.map +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js +1 -1
- package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
- package/icc-x-api/crypto/SecurityMetadataDecryptor.d.ts +1 -1
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js +9 -9
- package/icc-x-api/crypto/SecurityMetadataDecryptor.js.map +1 -1
- package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
- package/icc-x-api/crypto/ShareMetadataBehaviour.js +1 -1
- package/icc-x-api/crypto/ShareMetadataBehaviour.js.map +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js +1 -1
- package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
- package/icc-x-api/crypto/UserEncryptionKeysManager.js +2 -2
- package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
- package/icc-x-api/crypto/shamir.d.ts +2 -2
- package/icc-x-api/crypto/shamir.js +4 -4
- package/icc-x-api/crypto/shamir.js.map +1 -1
- package/icc-x-api/crypto/utils.js +14 -15
- package/icc-x-api/crypto/utils.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +10 -10
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-bekmehr-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.js +7 -7
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +5 -5
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-code-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.js +12 -12
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
- package/icc-x-api/icc-device-x-api.js +2 -2
- package/icc-x-api/icc-device-x-api.js.map +1 -1
- package/icc-x-api/icc-doctemplate-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.js +15 -15
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +7 -7
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-hcparty-x-api.js +4 -4
- package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +10 -10
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +7 -7
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +7 -7
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-message-x-api.js +8 -8
- package/icc-x-api/icc-message-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +11 -11
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.js +10 -10
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-recovery-x-api.js +4 -4
- package/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.js +5 -5
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js +9 -9
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/icc-user-x-api.js +4 -4
- package/icc-x-api/icc-user-x-api.js.map +1 -1
- package/icc-x-api/index.js +22 -22
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/maintenance/KeyPairUpdateRequest.js +2 -2
- package/icc-x-api/maintenance/KeyPairUpdateRequest.js.map +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js +1 -1
- package/icc-x-api/storage/IcureStorageFacade.js.map +1 -1
- package/icc-x-api/storage/LocalStorageImpl.js +1 -1
- package/icc-x-api/storage/LocalStorageImpl.js.map +1 -1
- package/icc-x-api/utils/EntityWithDelegationTypeName.js +4 -4
- package/icc-x-api/utils/EntityWithDelegationTypeName.js.map +1 -1
- package/icc-x-api/utils/asn1-packer.js +2 -3
- package/icc-x-api/utils/asn1-packer.js.map +1 -1
- package/icc-x-api/utils/asn1-parser.js +1 -2
- package/icc-x-api/utils/asn1-parser.js.map +1 -1
- package/icc-x-api/utils/binary-utils.js +11 -11
- package/icc-x-api/utils/binary-utils.js.map +1 -1
- package/icc-x-api/utils/code-util.js +1 -2
- package/icc-x-api/utils/code-util.js.map +1 -1
- package/icc-x-api/utils/collection-utils.js +5 -6
- package/icc-x-api/utils/collection-utils.js.map +1 -1
- package/icc-x-api/utils/crypto-utils.d.ts +1 -1
- package/icc-x-api/utils/crypto-utils.js +17 -18
- package/icc-x-api/utils/crypto-utils.js.map +1 -1
- package/icc-x-api/utils/formatting-util.js +21 -21
- package/icc-x-api/utils/formatting-util.js.map +1 -1
- package/icc-x-api/utils/functional-util.js +3 -4
- package/icc-x-api/utils/functional-util.js.map +1 -1
- package/icc-x-api/utils/graph-utils.js +3 -4
- package/icc-x-api/utils/graph-utils.js.map +1 -1
- package/icc-x-api/utils/hcp-util.js +4 -4
- package/icc-x-api/utils/hcp-util.js.map +1 -1
- package/icc-x-api/utils/insurability-util.js +6 -7
- package/icc-x-api/utils/insurability-util.js.map +1 -1
- package/icc-x-api/utils/lru-temporised-async-cache.js.map +1 -1
- package/icc-x-api/utils/net-utils.js +3 -4
- package/icc-x-api/utils/net-utils.js.map +1 -1
- package/icc-x-api/utils/person-util.js +3 -4
- package/icc-x-api/utils/person-util.js.map +1 -1
- package/icc-x-api/utils/proxy-utils.js.map +1 -1
- package/icc-x-api/utils/simple-lru-cache.js.map +1 -1
- package/icc-x-api/utils/uuid-encoder.js +2 -2
- package/icc-x-api/utils/uuid-encoder.js.map +1 -1
- package/icc-x-api/utils/websocket.d.ts +0 -1
- package/icc-x-api/utils/websocket.js +3 -3
- package/icc-x-api/utils/websocket.js.map +1 -1
- package/package.json +3 -3
- package/test/icc-api/api/IccAgendaApi.js.map +1 -1
- package/test/icc-api/api/IccCalendarItemApi.js.map +1 -1
- package/test/icc-api/api/IccCalendarItemTypeApi.js +2 -2
- package/test/icc-api/api/IccCalendarItemTypeApi.js.map +1 -1
- package/test/icc-api/api/IccDocumentApi.js.map +1 -1
- package/test/icc-api/api/IccKeywordApi.js.map +1 -1
- package/test/icc-api/api/IccMedicalLocationApi.js.map +1 -1
- package/test/icc-api/api/IccPlaceApi.js.map +1 -1
- package/test/icc-api/api/IccUserApi.js +6 -6
- package/test/icc-x-api/auth/group-switch-test.js.map +1 -1
- package/test/icc-x-api/auth/jwt-concurrency-test.js +1 -2
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +1 -1
- package/test/icc-x-api/auth/jwt-provider-test.js.map +1 -1
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +1 -1
- package/test/icc-x-api/autofix-anonymity-test.js.map +1 -1
- package/test/icc-x-api/confidential-entities-test.js +1 -1
- package/test/icc-x-api/confidential-entities-test.js.map +1 -1
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +1 -1
- package/test/icc-x-api/crud/entities-crud-test-interface.js +24 -24
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +1 -1
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +2 -2
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +1 -1
- package/test/icc-x-api/crypto/cryptoTest.js.map +1 -1
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +1 -1
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +4 -4
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +1 -1
- package/test/icc-x-api/crypto/full-crypto-test.js +5 -5
- package/test/icc-x-api/crypto/full-crypto-test.js.map +1 -1
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js +7 -7
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js.map +1 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +2 -2
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +1 -1
- package/test/icc-x-api/crypto/shamir.js.map +1 -1
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js +3 -3
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +1 -1
- package/test/icc-x-api/entity-with-attachments-api-test.js +2 -2
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +1 -1
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +4 -4
- package/test/icc-x-api/icc-message-x-api.js +1 -1
- package/test/icc-x-api/icc-message-x-api.js.map +1 -1
- package/test/icc-x-api/icc-patient-x-api-test.js.map +1 -1
- package/test/icc-x-api/icc-recovery-x-api.js.map +1 -1
- package/test/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/test/icc-x-api/icc-user-x-api-test.js.map +1 -1
- package/test/icc-x-api/patient-user.js.map +1 -1
- package/test/icc-x-api/test-legacy-data-support.js.map +1 -1
- package/test/icc-x-api/utils/graph-test.js.map +1 -1
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +1 -1
- package/test/support/CSM-243.js +2 -2
- package/test/support/CSM-243.js.map +1 -1
- package/test/support/CSM-93.js +1 -1
- package/test/support/CSM-93.js.map +1 -1
- package/test/utils/FakeDataOwnerApi.js.map +1 -1
- package/test/utils/FakeEncryptionKeysManager.js +2 -2
- package/test/utils/FakeEncryptionKeysManager.js.map +1 -1
- package/test/utils/FakeExchangeDataApi.js.map +1 -1
- package/test/utils/FakeExchangeDataManager.js.map +1 -1
- package/test/utils/FakeGenericApi.js.map +1 -1
- package/test/utils/TestApi.js +2 -2
- package/test/utils/TestApi.js.map +1 -1
- package/test/utils/TestCryptoStrategies.js.map +1 -1
- package/test/utils/TestStorage.js +2 -2
- package/test/utils/TestStorage.js.map +1 -1
- package/test/utils/test_utils.js +22 -22
- package/test/utils/test_utils.js.map +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-receipt-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-receipt-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA0C;AAG1C,kDAAiD;AAEjD,0EAAgG;AAChG,4EAAwE;AAIxE,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AAEtD,MAAa,cAAe,SAAQ,uBAAa;IAC/C,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,OAAO,CAAC,CAAC,CAAA;IAC7I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAVtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;OAYG;IACG,WAAW,CACf,IAAiB,EACjB,CAAM,EACN,UAGI,EAAE;;;YAEN,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,OAAO,iCAC7B,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,mCAAmC,EAC1C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,IACnB,CAAA;YAEF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,OAAO,CACvB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,OAAO,EACP,oCAA4B,CAAC,OAAO,EACpC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED,UAAU,CAAC,IAAiB,EAAE,KAAa,EAAE,IAAmB,EAAE,QAAgB,EAAE,IAAiB;QACnG,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;aACnE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;aACxC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,IAAI,CAAC,EAAG,EAAE,IAAI,CAAC,GAAI,EAAE,QAAQ,EAAO,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACpJ,CAAC;IAED;;;;;;OAMG;IACG,8BAA8B,CAAC,OAAuB,EAAE,QAAgB,EAAE,UAAoC;;;YAClH,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,oCAA4B,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAC7I,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CACtB,CAAA;YACD,OAAO,MAAM,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,EAAG,EAAE,MAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,GAAG,mCAAI,OAAO,CAAC,GAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;;KAC5H;IAED;;;;;;OAMG;IACG,yBAAyB,CAAC,OAAuB,EAAE,QAAgB,EAAE,UAAoC;;YAC7G,OAAO,MAAM,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,EAAG,EAAE,OAAO,CAAC,GAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QACpG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,8BAA8B,CAClC,OAAuB,EACvB,YAAoB,EACpB,YAA0D,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;;YAErF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1G,IAAI,CAAC,SAAS,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,OAAO,CAAC,EAAE,GAAG,CAAC,CAAA;YAC5G,OAAO,SAAS,CAAC,IAAI,CAAA;QACvB,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,iCAAiC,CACrC,OAAuB,EACvB,YAAoB,EACpB,YAA0D,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;;YAErF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAC5C,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,EAAG,EAAE,YAAY,CAAC,EAC1D,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CACpB,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,OAAuB;;YAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAA;QACzG,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,SAAS,CACb,UAAkB,EAClB,OAAuB,EACvB,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACG,aAAa,CACjB,OAAuB,EACvB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC/E,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,OAAuB,EACvB,SAMC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,EAAE,oCAA4B,CAAC,OAAO,CAAC,CAAA;YACrI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAA;YAC3G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,OAAO;aAC3C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;oBAClD,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAsB;QAEtB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAA;IACjI,CAAC;IAED,mBAAmB,CAAC,MAAsB;QACxC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;IAC7G,CAAC;IAED,uCAAuC,CAAC,MAAsB,EAAE,SAAmB;QACjF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;IACpJ,CAAC;CACF;AAvQD,wCAuQC","sourcesContent":["import { IccReceiptApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { MaintenanceTask } from '../icc-api/model/models'\nimport { EntityWithDelegationTypeName } from './utils'\n\nexport class IccReceiptXApi extends IccReceiptApi implements EncryptedEntityXApi<models.Receipt> {\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Receipt))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of receipt with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param r initialised data for the receipt. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of receipt.\n */\n async newInstance(\n user: models.User,\n r: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n alternateRootDelegation?: string\n } = {}\n ): Promise<models.Receipt> {\n const receipt = new models.Receipt({\n ...(r ?? {}),\n _type: 'org.taktik.icure.entities.Receipt',\n id: r?.id ?? this.crypto.primitives.randomUuid(),\n created: r?.created ?? new Date().getTime(),\n modified: r?.modified ?? new Date().getTime(),\n responsible: r?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: r?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: r?.codes ?? [],\n tags: r?.tags ?? [],\n })\n\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Receipt(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n receipt,\n EntityWithDelegationTypeName.Receipt,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n logReceipt(user: models.User, docId: string, refs: Array<string>, blobType: string, blob: ArrayBuffer) {\n return this.newInstance(user, { documentId: docId, references: refs })\n .then((rcpt) => this.createReceipt(rcpt))\n .then((rcpt) => (blob.byteLength != 0 ? this.setReceiptAttachmentForBlobType(rcpt.id!, rcpt.rev!, blobType, <any>blob) : Promise.resolve(rcpt)))\n }\n\n /**\n * Adds an attachment to a receipt, encrypting it on client side using the encryption keys of the provided receipt.\n * @param receipt a receipt.\n * @param blobType the type of the attachment.\n * @param attachment a attachment for the receipt.\n * @return the updated receipt.\n */\n async encryptAndSetReceiptAttachment(receipt: models.Receipt, blobType: string, attachment: ArrayBuffer | Uint8Array): Promise<models.Receipt> {\n const { encryptedData, updatedEntity } = await this.crypto.xapi.encryptDataOf(receipt, EntityWithDelegationTypeName.Receipt, attachment, (r) =>\n this.modifyReceipt(r)\n )\n return await this.setReceiptAttachmentForBlobType(receipt.id!, updatedEntity?.rev ?? receipt.rev!, blobType, encryptedData)\n }\n\n /**\n * Adds an unencrypted attachment to a receipt.\n * @param receipt a receipt.\n * @param blobType the type of the attachment.\n * @param attachment a attachment for the receipt.\n * @return the updated receipt.\n */\n async setClearReceiptAttachment(receipt: models.Receipt, blobType: string, attachment: ArrayBuffer | Uint8Array): Promise<models.Receipt> {\n return await this.setReceiptAttachmentForBlobType(receipt.id!, receipt.rev!, blobType, attachment)\n }\n\n /**\n * Gets the attachment of a receipt and tries to decrypt it using the encryption keys of the receipt.\n * @param receipt a receipt.\n * @param attachmentId id of the attachment of this receipt to retrieve.\n * @param validator optionally a validator function which checks if the decryption was successful. In cases where the receipt has many encryption\n * keys and it is unclear which one should be used this function can help to detect bad decryptions.\n * @return the decrypted attachment, if it could be decrypted, else the encrypted attachment.\n */\n async getAndDecryptReceiptAttachment(\n receipt: models.Receipt,\n attachmentId: string,\n validator: (decrypted: ArrayBuffer) => Promise<boolean> = () => Promise.resolve(true)\n ): Promise<ArrayBuffer> {\n const retrieved = await this.getAndTryDecryptReceiptAttachment(receipt, attachmentId, (x) => validator(x))\n if (!retrieved.wasDecrypted) throw new Error(`No valid key found to decrypt data of receipt ${receipt.id}.`)\n return retrieved.data\n }\n\n /**\n * Gets the attachment of a receipt and tries to decrypt it using the encryption keys of the receipt.\n * @param receipt a receipt.\n * @param attachmentId id of the attachment of this receipt to retrieve.\n * @param validator optionally a validator function which checks if the decryption was successful. In cases where the receipt has many encryption\n * keys and it is unclear which one should be used this function can help to detect bad decryptions.\n * @return an object containing:\n * - data: the decrypted attachment, if it could be decrypted, else the encrypted attachment.\n * - wasDecrypted: if the data was successfully decrypted or not\n */\n async getAndTryDecryptReceiptAttachment(\n receipt: models.Receipt,\n attachmentId: string,\n validator: (decrypted: ArrayBuffer) => Promise<boolean> = () => Promise.resolve(true)\n ): Promise<{ data: ArrayBuffer; wasDecrypted: boolean }> {\n return await this.crypto.xapi.tryDecryptDataOf(\n { entity: receipt, type: EntityWithDelegationTypeName.Receipt },\n await this.getReceiptAttachment(receipt.id!, attachmentId),\n (x) => validator(x)\n )\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given receipt\n */\n async hasWriteAccess(receipt: models.Receipt): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: receipt, type: EntityWithDelegationTypeName.Receipt })\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the receipt.\n * @param receipt the receipt to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n receipt: models.Receipt,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Receipt> {\n return this.shareWithMany(receipt, { [delegateId]: options })\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param receipt the receipt to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n receipt: models.Receipt,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Receipt> {\n return (await this.tryShareWithMany(receipt, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param receipt the receipt to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n receipt: models.Receipt,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Receipt>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(receipt, EntityWithDelegationTypeName.Receipt)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyReceipt(entityWithEncryptionKey) : receipt\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Receipt,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareReceipt(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Receipt\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Receipt })\n }\n\n getEncryptionKeysOf(entity: models.Receipt): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Receipt }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Receipt, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: EntityWithDelegationTypeName.Receipt }, delegates)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-receipt-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-receipt-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA0C;AAG1C,kDAAiD;AAEjD,0EAAgG;AAChG,4EAAwE;AAIxE,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AAEtD,MAAa,cAAe,SAAQ,uBAAa;IAC/C,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,OAAO,CAAC,CAAC,CAAA;IAC7I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAVtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;OAYG;IACG,WAAW;6DACf,IAAiB,EACjB,CAAM,EACN,UAGI,EAAE;;YAEN,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,OAAO,iCAC7B,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,mCAAmC,EAC1C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,IACnB,CAAA;YAEF,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,OAAO,CACvB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,OAAO,EACP,oCAA4B,CAAC,OAAO,EACpC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,UAAU,CAAC,IAAiB,EAAE,KAAa,EAAE,IAAmB,EAAE,QAAgB,EAAE,IAAiB;QACnG,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;aACnE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;aACxC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,IAAI,CAAC,EAAG,EAAE,IAAI,CAAC,GAAI,EAAE,QAAQ,EAAO,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACpJ,CAAC;IAED;;;;;;OAMG;IACG,8BAA8B,CAAC,OAAuB,EAAE,QAAgB,EAAE,UAAoC;;;YAClH,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,oCAA4B,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC,EAAE,EAAE,CAC7I,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CACtB,CAAA;YACD,OAAO,MAAM,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,EAAG,EAAE,MAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,GAAG,mCAAI,OAAO,CAAC,GAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;QAC7H,CAAC;KAAA;IAED;;;;;;OAMG;IACG,yBAAyB,CAAC,OAAuB,EAAE,QAAgB,EAAE,UAAoC;;YAC7G,OAAO,MAAM,IAAI,CAAC,+BAA+B,CAAC,OAAO,CAAC,EAAG,EAAE,OAAO,CAAC,GAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QACpG,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,8BAA8B;6DAClC,OAAuB,EACvB,YAAoB,EACpB,YAA0D,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;YAErF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;YAC1G,IAAI,CAAC,SAAS,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,iDAAiD,OAAO,CAAC,EAAE,GAAG,CAAC,CAAA;YAC5G,OAAO,SAAS,CAAC,IAAI,CAAA;QACvB,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,iCAAiC;6DACrC,OAAuB,EACvB,YAAoB,EACpB,YAA0D,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC;YAErF,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAC5C,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,EAAG,EAAE,YAAY,CAAC,EAC1D,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CACpB,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,OAAuB;;YAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAA;QACzG,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,SAAS;6DACb,UAAkB,EAClB,OAAuB,EACvB,UAII,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACG,aAAa,CACjB,OAAuB,EACvB,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC/E,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,OAAuB,EACvB,SAMC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,OAAO,EAAE,oCAA4B,CAAC,OAAO,CAAC,CAAA;YACrI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAA;YAC3G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,OAAO;aAC3C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;oBAClD,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAsB;QAEtB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,CAAC,CAAA;IACjI,CAAC;IAED,mBAAmB,CAAC,MAAsB;QACxC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;IAC7G,CAAC;IAED,uCAAuC,CAAC,MAAsB,EAAE,SAAmB;QACjF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;IACpJ,CAAC;CACF;AAvQD,wCAuQC","sourcesContent":["import { IccReceiptApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { MaintenanceTask } from '../icc-api/model/models'\nimport { EntityWithDelegationTypeName } from './utils'\n\nexport class IccReceiptXApi extends IccReceiptApi implements EncryptedEntityXApi<models.Receipt> {\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Receipt))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of receipt with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param r initialised data for the receipt. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of receipt.\n */\n async newInstance(\n user: models.User,\n r: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n alternateRootDelegation?: string\n } = {}\n ): Promise<models.Receipt> {\n const receipt = new models.Receipt({\n ...(r ?? {}),\n _type: 'org.taktik.icure.entities.Receipt',\n id: r?.id ?? this.crypto.primitives.randomUuid(),\n created: r?.created ?? new Date().getTime(),\n modified: r?.modified ?? new Date().getTime(),\n responsible: r?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: r?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: r?.codes ?? [],\n tags: r?.tags ?? [],\n })\n\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Receipt(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n receipt,\n EntityWithDelegationTypeName.Receipt,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n logReceipt(user: models.User, docId: string, refs: Array<string>, blobType: string, blob: ArrayBuffer) {\n return this.newInstance(user, { documentId: docId, references: refs })\n .then((rcpt) => this.createReceipt(rcpt))\n .then((rcpt) => (blob.byteLength != 0 ? this.setReceiptAttachmentForBlobType(rcpt.id!, rcpt.rev!, blobType, <any>blob) : Promise.resolve(rcpt)))\n }\n\n /**\n * Adds an attachment to a receipt, encrypting it on client side using the encryption keys of the provided receipt.\n * @param receipt a receipt.\n * @param blobType the type of the attachment.\n * @param attachment a attachment for the receipt.\n * @return the updated receipt.\n */\n async encryptAndSetReceiptAttachment(receipt: models.Receipt, blobType: string, attachment: ArrayBuffer | Uint8Array): Promise<models.Receipt> {\n const { encryptedData, updatedEntity } = await this.crypto.xapi.encryptDataOf(receipt, EntityWithDelegationTypeName.Receipt, attachment, (r) =>\n this.modifyReceipt(r)\n )\n return await this.setReceiptAttachmentForBlobType(receipt.id!, updatedEntity?.rev ?? receipt.rev!, blobType, encryptedData)\n }\n\n /**\n * Adds an unencrypted attachment to a receipt.\n * @param receipt a receipt.\n * @param blobType the type of the attachment.\n * @param attachment a attachment for the receipt.\n * @return the updated receipt.\n */\n async setClearReceiptAttachment(receipt: models.Receipt, blobType: string, attachment: ArrayBuffer | Uint8Array): Promise<models.Receipt> {\n return await this.setReceiptAttachmentForBlobType(receipt.id!, receipt.rev!, blobType, attachment)\n }\n\n /**\n * Gets the attachment of a receipt and tries to decrypt it using the encryption keys of the receipt.\n * @param receipt a receipt.\n * @param attachmentId id of the attachment of this receipt to retrieve.\n * @param validator optionally a validator function which checks if the decryption was successful. In cases where the receipt has many encryption\n * keys and it is unclear which one should be used this function can help to detect bad decryptions.\n * @return the decrypted attachment, if it could be decrypted, else the encrypted attachment.\n */\n async getAndDecryptReceiptAttachment(\n receipt: models.Receipt,\n attachmentId: string,\n validator: (decrypted: ArrayBuffer) => Promise<boolean> = () => Promise.resolve(true)\n ): Promise<ArrayBuffer> {\n const retrieved = await this.getAndTryDecryptReceiptAttachment(receipt, attachmentId, (x) => validator(x))\n if (!retrieved.wasDecrypted) throw new Error(`No valid key found to decrypt data of receipt ${receipt.id}.`)\n return retrieved.data\n }\n\n /**\n * Gets the attachment of a receipt and tries to decrypt it using the encryption keys of the receipt.\n * @param receipt a receipt.\n * @param attachmentId id of the attachment of this receipt to retrieve.\n * @param validator optionally a validator function which checks if the decryption was successful. In cases where the receipt has many encryption\n * keys and it is unclear which one should be used this function can help to detect bad decryptions.\n * @return an object containing:\n * - data: the decrypted attachment, if it could be decrypted, else the encrypted attachment.\n * - wasDecrypted: if the data was successfully decrypted or not\n */\n async getAndTryDecryptReceiptAttachment(\n receipt: models.Receipt,\n attachmentId: string,\n validator: (decrypted: ArrayBuffer) => Promise<boolean> = () => Promise.resolve(true)\n ): Promise<{ data: ArrayBuffer; wasDecrypted: boolean }> {\n return await this.crypto.xapi.tryDecryptDataOf(\n { entity: receipt, type: EntityWithDelegationTypeName.Receipt },\n await this.getReceiptAttachment(receipt.id!, attachmentId),\n (x) => validator(x)\n )\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given receipt\n */\n async hasWriteAccess(receipt: models.Receipt): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: receipt, type: EntityWithDelegationTypeName.Receipt })\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the receipt.\n * @param receipt the receipt to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n receipt: models.Receipt,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Receipt> {\n return this.shareWithMany(receipt, { [delegateId]: options })\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param receipt the receipt to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n receipt: models.Receipt,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Receipt> {\n return (await this.tryShareWithMany(receipt, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing receipt with other data owners, allowing them to access the non-encrypted data of the receipt and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param receipt the receipt to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * receipt does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n receipt: models.Receipt,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Receipt>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(receipt, EntityWithDelegationTypeName.Receipt)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyReceipt(entityWithEncryptionKey) : receipt\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Receipt,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareReceipt(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Receipt\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Receipt })\n }\n\n getEncryptionKeysOf(entity: models.Receipt): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Receipt }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Receipt, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: EntityWithDelegationTypeName.Receipt }, delegates)\n }\n}\n"]}
|
|
@@ -53,8 +53,8 @@ class IccRecoveryXApi {
|
|
|
53
53
|
* @return an hexadecimal string that is the `recoveryKey` which will allow the user to recover his keypair later or
|
|
54
54
|
* from another device. This value must be kept secret from other users. You can use this value with {@link recoverKeyPairs}
|
|
55
55
|
*/
|
|
56
|
-
createRecoveryInfoForAvailableKeyPairs(
|
|
57
|
-
return __awaiter(this,
|
|
56
|
+
createRecoveryInfoForAvailableKeyPairs() {
|
|
57
|
+
return __awaiter(this, arguments, void 0, function* (options = {}) {
|
|
58
58
|
const selfId = yield this.dataOwnerApi.getCurrentDataOwnerId();
|
|
59
59
|
const allAvailableKeys = yield this.keyManager.getCurrentUserHierarchyAvailableKeypairs();
|
|
60
60
|
let dataOwnersToInclude;
|
|
@@ -119,8 +119,8 @@ class IccRecoveryXApi {
|
|
|
119
119
|
* This value must be kept secret from users other than the current data owner and the delegate.
|
|
120
120
|
* You can use this value with {@link recoverExchangeData}
|
|
121
121
|
*/
|
|
122
|
-
createExchangeDataRecoveryInfo(
|
|
123
|
-
return __awaiter(this,
|
|
122
|
+
createExchangeDataRecoveryInfo(delegateId_1) {
|
|
123
|
+
return __awaiter(this, arguments, void 0, function* (delegateId, options = {}) {
|
|
124
124
|
const exchangeDataToDelegate = yield this.exchangeData.base.getExchangeDataByDelegatorDelegatePair(yield this.dataOwnerApi.getCurrentDataOwnerId(), delegateId);
|
|
125
125
|
const decryptionKeys = this.keyManager.getDecryptionKeys();
|
|
126
126
|
const decryptedInformation = [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-recovery-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-recovery-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,sCAAkD;AAMlD,mCAAgC;AAEhC,yEAAqE;AAGrE,0EAA8E;AAArE,sIAAA,4BAA4B,OAAA;AAErC,MAAa,eAAe;IAC1B,YACmB,eAAmC,EACnC,sBAA8C,EAC9C,UAAqC,EACrC,YAA8B,EAC9B,UAA4B,EAC5B,YAAiC;QALjC,oBAAe,GAAf,eAAe,CAAoB;QACnC,2BAAsB,GAAtB,sBAAsB,CAAwB;QAC9C,eAAU,GAAV,UAAU,CAA2B;QACrC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC5B,iBAAY,GAAZ,YAAY,CAAqB;IACjD,CAAC;IAEJ;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,sCAAsC,CAAC,UAAsE,EAAE;;YACnH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,wCAAwC,EAAE,CAAA;YACzF,IAAI,mBAAuG,CAAA;YAC3G,IAAI,OAAO,CAAC,kBAAkB,EAAE;gBAC9B,mBAAmB,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;aAC3E;iBAAM;gBACL,mBAAmB,GAAG,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;aAC9C;YACD,MAAM,cAAc,GAAoF,EAAE,CAAA;YAC1G,KAAK,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,mBAAmB,EAAE;gBACvD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,WAAW,CAAC,CAAA;gBACnE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,0BAA0B,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC3F,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,4BAA4B,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/F,MAAM,KAAK,GAA0D,EAAE,CAAA;gBACvE,KAAK,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,IAAI,EAAE;oBACrC,IAAI,QAAQ,EAAE;wBACZ,MAAM,SAAS,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;wBACrF,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE;4BAC7B,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAU,CAAC,MAAM,EAAE,CAAC,CAAA;yBACnD;6BAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE;4BAClC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAU,CAAC,IAAI,EAAE,CAAC,CAAA;yBACjD;6BAAM;4BACL,OAAO,CAAC,IAAI,CAAC,oBAAoB,SAAS,mBAAmB,WAAW,kDAAkD,CAAC,CAAA;yBAC5H;qBACF;iBACF;gBACD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAA;aACpC;YACD,OAAO,MAAM,IAAI,CAAC,sBAAsB,CAAC,oCAAoC,CAAC,MAAM,EAAE,cAAc,EAAE,OAAO,CAAC,eAAe,CAAC,CAAA;QAChI,CAAC;KAAA;IAED;;OAEG;IACH,eAAe,CACb,WAAmB,EACnB,UAAmB;QAEnB,OAAO,IAAI,CAAC,sBAAsB,CAAC,iCAAiC,CAAC,WAAW,EAAE,UAAU,CAAC,CAAA;IAC/F,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACG,8BAA8B,CAAC,UAAkB,EAAE,UAAwC,EAAE;;YACjG,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,sCAAsC,CAChG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,UAAU,CACX,CAAA;YACD,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAA;YAC1D,MAAM,oBAAoB,GAKpB,EAAE,CAAA;YACR,KAAK,MAAM,YAAY,IAAI,sBAAsB,EAAE;gBACjD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,YAAY,EAAE,cAAc,CAAC,CAAA;gBAC1G,IAAI,aAAa,KAAK,SAAS,EAAE;oBAC/B,oBAAoB,CAAC,IAAI,iCAAM,aAAa,KAAE,cAAc,EAAE,YAAY,CAAC,EAAG,IAAG,CAAA;iBAClF;aACF;YACD,OAAO,IAAI,CAAC,sBAAsB,CAAC,qCAAqC,CAAC,UAAU,EAAE,oBAAoB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,mBAAmB,CAAC,WAAmB;;YAC3C,MAAM,kBAAkB,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAClI,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,qCAAqC,CAAC,WAAW,CAAC,CAAA;YAClH,IAAI,SAAS,IAAI,qBAAqB,EAAE;gBACtC,OAAO,qBAAqB,CAAC,OAAO,CAAA;aACrC;YACD,KAAK,MAAM,gBAAgB,IAAI,qBAAqB,CAAC,OAAO,EAAE;gBAC5D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAA;gBACvG,IAAI,CAAC,aAAa,EAAE;oBAClB,OAAO,CAAC,IAAI,CAAC,2CAA2C,gBAAgB,CAAC,cAAc,gCAAgC,CAAC,CAAA;iBACzH;qBAAM;oBACL,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,yCAAyC,CAAC;wBACrE,YAAY,EAAE,aAAa;wBAC3B,iBAAiB,EAAE,kBAAkB;wBACrC,cAAc,EAAE,gBAAgB,CAAC,cAAc;wBAC/C,sBAAsB,EAAE,gBAAgB,CAAC,sBAAsB;wBAC/D,qBAAqB,EAAE,gBAAgB,CAAC,qBAAqB;wBAC7D,yBAAyB,EAAE,EAAE;qBAC9B,CAAC,CAAA;iBACH;aACF;YACD,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;gBACxH,OAAO,CAAC,IAAI,CAAC,0CAA0C,WAAW,+BAA+B,CAAC,aAAa,CAAC,CAAA;YAClH,CAAC,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,YAAY,CAAC,sBAAsB,EAAE,CAAA;YAChD,OAAO,IAAI,CAAA;QACb,CAAC;KAAA;IAED;;;;;;OAMG;IACG,kBAAkB,CAAC,WAAmB;;YAC1C,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAA;QAC/G,CAAC;KAAA;IAED;;;;OAIG;IACG,wBAAwB,CAAC,WAAmB;;YAChD,OAAO,IAAI,CAAC,wBAAwB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,iCAAiC,CAAC,WAAW,CAAC,CAAC,CAAA;QACjH,CAAC;KAAA;IAED;;;;OAIG;IACG,+BAA+B,CAAC,WAAmB;;YACvD,OAAO,IAAI,CAAC,wBAAwB,CAClC,MAAM,IAAI,CAAC,eAAe,CAAC,uCAAuC,CAAC,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,WAAW,CAAC,CACpH,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACG,oCAAoC,CAAC,WAAmB;;YAC5D,OAAO,IAAI,CAAC,wBAAwB,CAClC,MAAM,IAAI,CAAC,eAAe,CAAC,uCAAuC,CAAC,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EAAE,WAAW,CAAC,CACzH,CAAA;QACH,CAAC;KAAA;IAEa,wBAAwB,CAAC,YAAqB;;YAC1D,IAAI,YAAY,CAAC,WAAW,KAAK,SAAS;gBAAE,OAAO,YAAY,CAAC,WAAW,CAAA;YAC3E,MAAM,IAAI,KAAK,CAAC,yCAAyC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;QAC1F,CAAC;KAAA;CACF;AAlND,0CAkNC","sourcesContent":["import { KeyPair, ShaVersion } from './crypto/RSA'\nimport { RecoveryDataEncryption, RecoveryDataUseFailureReason } from './crypto/RecoveryDataEncryption'\nimport { IccRecoveryDataApi } from '../icc-api/api/internal/IccRecoveryDataApi'\nimport { UserEncryptionKeysManager } from './crypto/UserEncryptionKeysManager'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { ua2hex } from './utils'\nimport { Content } from '../icc-api/model/Content'\nimport { RecoveryData } from '../icc-api/model/internal/RecoveryData'\nimport { ExchangeDataManager } from './crypto/ExchangeDataManager'\n\nexport { RecoveryDataUseFailureReason } from './crypto/RecoveryDataEncryption'\n\nexport class IccRecoveryXApi {\n constructor(\n private readonly baseRecoveryApi: IccRecoveryDataApi,\n private readonly recoveryDataEncryption: RecoveryDataEncryption,\n private readonly keyManager: UserEncryptionKeysManager,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives,\n private readonly exchangeData: ExchangeDataManager\n ) {}\n\n /**\n * Create recovery data for the logged user and stores it encrypted on the iCure server. This allows the user that created\n * it to recover all the currently available keypairs at a later time by just providing the string returned by this method to the\n * {@link recoverKeyPairs} method.\n *\n * You can also provide an expiration time for the recovery data (through `options.lifetimeSeconds`). If you do so, the recovery dat\n * a will be deleted automatically after that amount seconds has passed. If you don't provide an expiration time, the recovery data\n * will be available until it is explicitly deleted.\n *\n * This could be used to:\n * - Provide some sort of one-use \"recovery codes\" to the user, which he can use to recover his keypair if he loses\n * his device. In this case you should not put any expiration time on the recovery data.\n * - Provide a way for the user to easily \"copy\" the key from one device to another. In this case you should put a\n * short expiration time on the recovery data (a few minutes), so that it will automatically be deleted if it is\n * not used after all.\n *\n * # Important\n *\n * A malicious user that can login as the creator of the recovery data or that can access directly the database\n * containing the recovery data will be able to get the private key of the data owner from the recovery key returned\n * by this method. Therefore, the resulting recovery key must be kept secret, just like a private key.\n *\n * @param options optional parameters:\n * - `includeParentsKeys` if true, the recovery data will also contain any available keypairs for parents data owners.\n * - `lifetimeSeconds` the amount of seconds the recovery data will be available. If not provided, the recovery data will be available until it is\n * explicitly deleted.\n * @return an hexadecimal string that is the `recoveryKey` which will allow the user to recover his keypair later or\n * from another device. This value must be kept secret from other users. You can use this value with {@link recoverKeyPairs}\n */\n async createRecoveryInfoForAvailableKeyPairs(options: { includeParentsKeys?: boolean; lifetimeSeconds?: number } = {}): Promise<string> {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const allAvailableKeys = await this.keyManager.getCurrentUserHierarchyAvailableKeypairs()\n let dataOwnersToInclude: { dataOwnerId: string; keys: { pair: KeyPair<CryptoKey>; verified: boolean }[] }[]\n if (options.includeParentsKeys) {\n dataOwnersToInclude = [allAvailableKeys.self, ...allAvailableKeys.parents]\n } else {\n dataOwnersToInclude = [allAvailableKeys.self]\n }\n const keyPairsToSave: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] } = {}\n for (const { dataOwnerId, keys } of dataOwnersToInclude) {\n const dataOwner = await this.dataOwnerApi.getDataOwner(dataOwnerId)\n const sha1Keys = new Set(this.dataOwnerApi.getHexPublicKeysWithSha1Of(dataOwner.dataOwner))\n const sha256Keys = new Set(this.dataOwnerApi.getHexPublicKeysWithSha256Of(dataOwner.dataOwner))\n const pairs: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] = []\n for (const { pair, verified } of keys) {\n if (verified) {\n const pubKeyHex = ua2hex(await this.primitives.RSA.exportKey(pair.publicKey, 'spki'))\n if (sha256Keys.has(pubKeyHex)) {\n pairs.push({ pair, algorithm: ShaVersion.Sha256 })\n } else if (sha1Keys.has(pubKeyHex)) {\n pairs.push({ pair, algorithm: ShaVersion.Sha1 })\n } else {\n console.warn(`Found stored key ${pubKeyHex} for data owner ${dataOwnerId} which is not saved in the data owner. Ignoring.`)\n }\n }\n }\n keyPairsToSave[dataOwnerId] = pairs\n }\n return await this.recoveryDataEncryption.createAndSaveKeyPairsRecoveryDataFor(selfId, keyPairsToSave, options.lifetimeSeconds)\n }\n\n /**\n * Equivalent to {@link KeyPairRecoverer.recoverWithRecoveryKey}\n */\n recoverKeyPairs(\n recoveryKey: string,\n autoDelete: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n return this.recoveryDataEncryption.getAndDecryptKeyPairsRecoveryData(recoveryKey, autoDelete)\n }\n\n /**\n * Create recovery data that allows the delegate {@link delegateId} recover the content of exchange data from the\n * current data owner to the delegate.\n *\n * This can be useful in the following situations:\n * - A user lost access to his old keypair and is asking for access back to his data. This is similar to the\n * give-access-back mechanism, except that instead of having to verify the public key of the delegate as in the\n * give-access-back, the delegator has to provide the recovery key to the delegate: the delegator has to properly\n * identify the delegate instead of validating that the public key belongs to the delegate.\n * - A patient is not yet registered in the system and therefore has no keypair, but the doctor wants to already share\n * some data with them. The doctor can create some placeholder exchange data, encrypted only with his own key\n * through the {@link IccPatientXApi.forceInitialiseExchangeDataToNewlyInvitedPatient} method, then create recovery data\n * for it and share the recovery key with the patient. The moment the patient logs in and creates his keypair he\n * will use the {@link recoverExchangeData} method to \"complete\" the placeholder exchange data.\n *\n * @param delegateId id of the delegate that needs access to his exchange data from the current data owner. This can't\n * be the id of the current data owner (you should instead recover the keypair).\n * @param options optional parameters:\n * - `lifetimeSeconds` the amount of seconds the recovery data will be available. If not provided, the recovery data will be available until it is\n * explicitly deleted.\n * @return an hexadecimal string that is the `recoveryKey` which will allow the delegate to gain access to the exchange data.\n * This value must be kept secret from users other than the current data owner and the delegate.\n * You can use this value with {@link recoverExchangeData}\n */\n async createExchangeDataRecoveryInfo(delegateId: string, options: { lifetimeSeconds?: number } = {}): Promise<string> {\n const exchangeDataToDelegate = await this.exchangeData.base.getExchangeDataByDelegatorDelegatePair(\n await this.dataOwnerApi.getCurrentDataOwnerId(),\n delegateId\n )\n const decryptionKeys = this.keyManager.getDecryptionKeys()\n const decryptedInformation: {\n exchangeDataId: string\n rawExchangeKey: ArrayBuffer\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n }[] = []\n for (const exchangeData of exchangeDataToDelegate) {\n const decryptedData = await this.exchangeData.base.tryRawDecryptExchangeData(exchangeData, decryptionKeys)\n if (decryptedData !== undefined) {\n decryptedInformation.push({ ...decryptedData, exchangeDataId: exchangeData.id! })\n }\n }\n return this.recoveryDataEncryption.createAndSaveExchangeDataRecoveryData(delegateId, decryptedInformation, options.lifetimeSeconds)\n }\n\n /**\n * Recover the content of exchange data from the delegator that created the recovery data at the provided.\n * {@link recoveryKey} to the current delegate. This will enable the current user to access the exchange data with\n * any of his private keys available on the device from which this method was called.\n * The exchange data will be automatically deleted from the server after the process completes successfully.\n *\n * @param recoveryKey the result of a call to {@link createExchangeDataRecoveryInfo} by a delegator.\n * @return null on success or a failure reason if the recovery data could not be used to perform the operation.\n * @throws If the recovery data is valid but the process fails for other reasons.\n */\n async recoverExchangeData(recoveryKey: string): Promise<RecoveryDataUseFailureReason | null> {\n const selfEncryptionKeys = Object.fromEntries(this.keyManager.getSelfVerifiedKeys().map((k) => [k.fingerprint, k.pair.publicKey]))\n const recoveredExchangeData = await this.recoveryDataEncryption.getAndDecryptExchangeDataRecoveryData(recoveryKey)\n if ('failure' in recoveredExchangeData) {\n return recoveredExchangeData.failure\n }\n for (const exchangeDataInfo of recoveredExchangeData.success) {\n const retrievedData = await this.exchangeData.base.getExchangeDataById(exchangeDataInfo.exchangeDataId)\n if (!retrievedData) {\n console.warn(`Could not recover exchange data with id ${exchangeDataInfo.exchangeDataId} as it was not found. Ignoring`)\n } else {\n await this.exchangeData.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData: retrievedData,\n newEncryptionKeys: selfEncryptionKeys,\n rawExchangeKey: exchangeDataInfo.rawExchangeKey,\n rawAccessControlSecret: exchangeDataInfo.rawAccessControlSecret,\n rawSharedSignatureKey: exchangeDataInfo.rawSharedSignatureKey,\n newDelegatorSignatureKeys: {},\n })\n }\n }\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryDataEncryption.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Could not delete recovery data with id ${recoveryKey} after successful recovery: ${e}. Ignoring.`)\n })\n await this.exchangeData.clearOrRepopulateCache()\n return null\n }\n\n /**\n * Deletes the recovery information associated to a certain recovery key. You can use this method with the recovery key for any kind of data,\n * regardless of how you obtained the recovery key (from the {@link createRecoveryInfoForAvailableKeyPairs} or from the\n * {@link createExchangeDataRecoveryInfo} methods).\n * If there is no data associated to the provided recovery key, this method will do nothing.\n * @param recoveryKey the recovery key associated to the recovery information to delete.\n */\n async deleteRecoveryInfo(recoveryKey: string): Promise<void> {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryDataEncryption.recoveryKeyToId(recoveryKey))\n }\n\n /**\n * Deletes the recovery information associated to a certain data owner, regardless of type.\n * @param dataOwnerId the data owner for which to delete the recovery data.\n * @return the number of deleted recovery information.\n */\n async deleteAllRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(await this.baseRecoveryApi.deleteAllRecoveryDataForRecipient(dataOwnerId))\n }\n\n /**\n * Deletes all key pair recovery information for a certain data owner.\n * @param dataOwnerId the data owner for which to delete the key pair recovery information.\n * @return the number of deleted key pair recovery information.\n */\n async deleteAllKeyPairRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(\n await this.baseRecoveryApi.deleteAllRecoveryDataOfTypeForRecipient(RecoveryData.Type.KEYPAIR_RECOVERY, dataOwnerId)\n )\n }\n\n /**\n * Deletes all exchange data recovery information for a certain data owner.\n * @param dataOwnerId the data owner for which to delete the exchange data recovery information.\n * @return the number of deleted exchange data recovery information.\n */\n async deleteAllExchangeDataRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(\n await this.baseRecoveryApi.deleteAllRecoveryDataOfTypeForRecipient(RecoveryData.Type.EXCHANGE_KEY_RECOVERY, dataOwnerId)\n )\n }\n\n private async getCountFromDeleteAllRes(deleteAllRes: Content): Promise<number> {\n if (deleteAllRes.numberValue !== undefined) return deleteAllRes.numberValue\n throw new Error(`Unexpected result from delete method: ${JSON.stringify(deleteAllRes)}`)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-recovery-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-recovery-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,sCAAkD;AAMlD,mCAAgC;AAEhC,yEAAqE;AAGrE,0EAA8E;AAArE,sIAAA,4BAA4B,OAAA;AAErC,MAAa,eAAe;IAC1B,YACmB,eAAmC,EACnC,sBAA8C,EAC9C,UAAqC,EACrC,YAA8B,EAC9B,UAA4B,EAC5B,YAAiC;QALjC,oBAAe,GAAf,eAAe,CAAoB;QACnC,2BAAsB,GAAtB,sBAAsB,CAAwB;QAC9C,eAAU,GAAV,UAAU,CAA2B;QACrC,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,eAAU,GAAV,UAAU,CAAkB;QAC5B,iBAAY,GAAZ,YAAY,CAAqB;IACjD,CAAC;IAEJ;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,sCAAsC;6DAAC,UAAsE,EAAE;YACnH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC9D,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,wCAAwC,EAAE,CAAA;YACzF,IAAI,mBAAuG,CAAA;YAC3G,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;gBAC/B,mBAAmB,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;YAC5E,CAAC;iBAAM,CAAC;gBACN,mBAAmB,GAAG,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC/C,CAAC;YACD,MAAM,cAAc,GAAoF,EAAE,CAAA;YAC1G,KAAK,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,IAAI,mBAAmB,EAAE,CAAC;gBACxD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,WAAW,CAAC,CAAA;gBACnE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,0BAA0B,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC3F,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,4BAA4B,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;gBAC/F,MAAM,KAAK,GAA0D,EAAE,CAAA;gBACvE,KAAK,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC;oBACtC,IAAI,QAAQ,EAAE,CAAC;wBACb,MAAM,SAAS,GAAG,IAAA,cAAM,EAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAA;wBACrF,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;4BAC9B,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAU,CAAC,MAAM,EAAE,CAAC,CAAA;wBACpD,CAAC;6BAAM,IAAI,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;4BACnC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,gBAAU,CAAC,IAAI,EAAE,CAAC,CAAA;wBAClD,CAAC;6BAAM,CAAC;4BACN,OAAO,CAAC,IAAI,CAAC,oBAAoB,SAAS,mBAAmB,WAAW,kDAAkD,CAAC,CAAA;wBAC7H,CAAC;oBACH,CAAC;gBACH,CAAC;gBACD,cAAc,CAAC,WAAW,CAAC,GAAG,KAAK,CAAA;YACrC,CAAC;YACD,OAAO,MAAM,IAAI,CAAC,sBAAsB,CAAC,oCAAoC,CAAC,MAAM,EAAE,cAAc,EAAE,OAAO,CAAC,eAAe,CAAC,CAAA;QAChI,CAAC;KAAA;IAED;;OAEG;IACH,eAAe,CACb,WAAmB,EACnB,UAAmB;QAEnB,OAAO,IAAI,CAAC,sBAAsB,CAAC,iCAAiC,CAAC,WAAW,EAAE,UAAU,CAAC,CAAA;IAC/F,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACG,8BAA8B;6DAAC,UAAkB,EAAE,UAAwC,EAAE;YACjG,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,sCAAsC,CAChG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,EAC/C,UAAU,CACX,CAAA;YACD,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,EAAE,CAAA;YAC1D,MAAM,oBAAoB,GAKpB,EAAE,CAAA;YACR,KAAK,MAAM,YAAY,IAAI,sBAAsB,EAAE,CAAC;gBAClD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,YAAY,EAAE,cAAc,CAAC,CAAA;gBAC1G,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;oBAChC,oBAAoB,CAAC,IAAI,iCAAM,aAAa,KAAE,cAAc,EAAE,YAAY,CAAC,EAAG,IAAG,CAAA;gBACnF,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,sBAAsB,CAAC,qCAAqC,CAAC,UAAU,EAAE,oBAAoB,EAAE,OAAO,CAAC,eAAe,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;;;;;;;;OASG;IACG,mBAAmB,CAAC,WAAmB;;YAC3C,MAAM,kBAAkB,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;YAClI,MAAM,qBAAqB,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,qCAAqC,CAAC,WAAW,CAAC,CAAA;YAClH,IAAI,SAAS,IAAI,qBAAqB,EAAE,CAAC;gBACvC,OAAO,qBAAqB,CAAC,OAAO,CAAA;YACtC,CAAC;YACD,KAAK,MAAM,gBAAgB,IAAI,qBAAqB,CAAC,OAAO,EAAE,CAAC;gBAC7D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,mBAAmB,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAA;gBACvG,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,OAAO,CAAC,IAAI,CAAC,2CAA2C,gBAAgB,CAAC,cAAc,gCAAgC,CAAC,CAAA;gBAC1H,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,yCAAyC,CAAC;wBACrE,YAAY,EAAE,aAAa;wBAC3B,iBAAiB,EAAE,kBAAkB;wBACrC,cAAc,EAAE,gBAAgB,CAAC,cAAc;wBAC/C,sBAAsB,EAAE,gBAAgB,CAAC,sBAAsB;wBAC/D,qBAAqB,EAAE,gBAAgB,CAAC,qBAAqB;wBAC7D,yBAAyB,EAAE,EAAE;qBAC9B,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;YACD,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;gBACxH,OAAO,CAAC,IAAI,CAAC,0CAA0C,WAAW,+BAA+B,CAAC,aAAa,CAAC,CAAA;YAClH,CAAC,CAAC,CAAA;YACF,MAAM,IAAI,CAAC,YAAY,CAAC,sBAAsB,EAAE,CAAA;YAChD,OAAO,IAAI,CAAA;QACb,CAAC;KAAA;IAED;;;;;;OAMG;IACG,kBAAkB,CAAC,WAAmB;;YAC1C,MAAM,IAAI,CAAC,eAAe,CAAC,kBAAkB,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAA;QAC/G,CAAC;KAAA;IAED;;;;OAIG;IACG,wBAAwB,CAAC,WAAmB;;YAChD,OAAO,IAAI,CAAC,wBAAwB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,iCAAiC,CAAC,WAAW,CAAC,CAAC,CAAA;QACjH,CAAC;KAAA;IAED;;;;OAIG;IACG,+BAA+B,CAAC,WAAmB;;YACvD,OAAO,IAAI,CAAC,wBAAwB,CAClC,MAAM,IAAI,CAAC,eAAe,CAAC,uCAAuC,CAAC,2BAAY,CAAC,IAAI,CAAC,gBAAgB,EAAE,WAAW,CAAC,CACpH,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACG,oCAAoC,CAAC,WAAmB;;YAC5D,OAAO,IAAI,CAAC,wBAAwB,CAClC,MAAM,IAAI,CAAC,eAAe,CAAC,uCAAuC,CAAC,2BAAY,CAAC,IAAI,CAAC,qBAAqB,EAAE,WAAW,CAAC,CACzH,CAAA;QACH,CAAC;KAAA;IAEa,wBAAwB,CAAC,YAAqB;;YAC1D,IAAI,YAAY,CAAC,WAAW,KAAK,SAAS;gBAAE,OAAO,YAAY,CAAC,WAAW,CAAA;YAC3E,MAAM,IAAI,KAAK,CAAC,yCAAyC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC,CAAA;QAC1F,CAAC;KAAA;CACF;AAlND,0CAkNC","sourcesContent":["import { KeyPair, ShaVersion } from './crypto/RSA'\nimport { RecoveryDataEncryption, RecoveryDataUseFailureReason } from './crypto/RecoveryDataEncryption'\nimport { IccRecoveryDataApi } from '../icc-api/api/internal/IccRecoveryDataApi'\nimport { UserEncryptionKeysManager } from './crypto/UserEncryptionKeysManager'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { CryptoPrimitives } from './crypto/CryptoPrimitives'\nimport { ua2hex } from './utils'\nimport { Content } from '../icc-api/model/Content'\nimport { RecoveryData } from '../icc-api/model/internal/RecoveryData'\nimport { ExchangeDataManager } from './crypto/ExchangeDataManager'\n\nexport { RecoveryDataUseFailureReason } from './crypto/RecoveryDataEncryption'\n\nexport class IccRecoveryXApi {\n constructor(\n private readonly baseRecoveryApi: IccRecoveryDataApi,\n private readonly recoveryDataEncryption: RecoveryDataEncryption,\n private readonly keyManager: UserEncryptionKeysManager,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly primitives: CryptoPrimitives,\n private readonly exchangeData: ExchangeDataManager\n ) {}\n\n /**\n * Create recovery data for the logged user and stores it encrypted on the iCure server. This allows the user that created\n * it to recover all the currently available keypairs at a later time by just providing the string returned by this method to the\n * {@link recoverKeyPairs} method.\n *\n * You can also provide an expiration time for the recovery data (through `options.lifetimeSeconds`). If you do so, the recovery dat\n * a will be deleted automatically after that amount seconds has passed. If you don't provide an expiration time, the recovery data\n * will be available until it is explicitly deleted.\n *\n * This could be used to:\n * - Provide some sort of one-use \"recovery codes\" to the user, which he can use to recover his keypair if he loses\n * his device. In this case you should not put any expiration time on the recovery data.\n * - Provide a way for the user to easily \"copy\" the key from one device to another. In this case you should put a\n * short expiration time on the recovery data (a few minutes), so that it will automatically be deleted if it is\n * not used after all.\n *\n * # Important\n *\n * A malicious user that can login as the creator of the recovery data or that can access directly the database\n * containing the recovery data will be able to get the private key of the data owner from the recovery key returned\n * by this method. Therefore, the resulting recovery key must be kept secret, just like a private key.\n *\n * @param options optional parameters:\n * - `includeParentsKeys` if true, the recovery data will also contain any available keypairs for parents data owners.\n * - `lifetimeSeconds` the amount of seconds the recovery data will be available. If not provided, the recovery data will be available until it is\n * explicitly deleted.\n * @return an hexadecimal string that is the `recoveryKey` which will allow the user to recover his keypair later or\n * from another device. This value must be kept secret from other users. You can use this value with {@link recoverKeyPairs}\n */\n async createRecoveryInfoForAvailableKeyPairs(options: { includeParentsKeys?: boolean; lifetimeSeconds?: number } = {}): Promise<string> {\n const selfId = await this.dataOwnerApi.getCurrentDataOwnerId()\n const allAvailableKeys = await this.keyManager.getCurrentUserHierarchyAvailableKeypairs()\n let dataOwnersToInclude: { dataOwnerId: string; keys: { pair: KeyPair<CryptoKey>; verified: boolean }[] }[]\n if (options.includeParentsKeys) {\n dataOwnersToInclude = [allAvailableKeys.self, ...allAvailableKeys.parents]\n } else {\n dataOwnersToInclude = [allAvailableKeys.self]\n }\n const keyPairsToSave: { [delegateId: string]: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] } = {}\n for (const { dataOwnerId, keys } of dataOwnersToInclude) {\n const dataOwner = await this.dataOwnerApi.getDataOwner(dataOwnerId)\n const sha1Keys = new Set(this.dataOwnerApi.getHexPublicKeysWithSha1Of(dataOwner.dataOwner))\n const sha256Keys = new Set(this.dataOwnerApi.getHexPublicKeysWithSha256Of(dataOwner.dataOwner))\n const pairs: { pair: KeyPair<CryptoKey>; algorithm: ShaVersion }[] = []\n for (const { pair, verified } of keys) {\n if (verified) {\n const pubKeyHex = ua2hex(await this.primitives.RSA.exportKey(pair.publicKey, 'spki'))\n if (sha256Keys.has(pubKeyHex)) {\n pairs.push({ pair, algorithm: ShaVersion.Sha256 })\n } else if (sha1Keys.has(pubKeyHex)) {\n pairs.push({ pair, algorithm: ShaVersion.Sha1 })\n } else {\n console.warn(`Found stored key ${pubKeyHex} for data owner ${dataOwnerId} which is not saved in the data owner. Ignoring.`)\n }\n }\n }\n keyPairsToSave[dataOwnerId] = pairs\n }\n return await this.recoveryDataEncryption.createAndSaveKeyPairsRecoveryDataFor(selfId, keyPairsToSave, options.lifetimeSeconds)\n }\n\n /**\n * Equivalent to {@link KeyPairRecoverer.recoverWithRecoveryKey}\n */\n recoverKeyPairs(\n recoveryKey: string,\n autoDelete: boolean\n ): Promise<{ success: { [dataOwnerId: string]: { [publicKeySpki: string]: KeyPair<CryptoKey> } } } | { failure: RecoveryDataUseFailureReason }> {\n return this.recoveryDataEncryption.getAndDecryptKeyPairsRecoveryData(recoveryKey, autoDelete)\n }\n\n /**\n * Create recovery data that allows the delegate {@link delegateId} recover the content of exchange data from the\n * current data owner to the delegate.\n *\n * This can be useful in the following situations:\n * - A user lost access to his old keypair and is asking for access back to his data. This is similar to the\n * give-access-back mechanism, except that instead of having to verify the public key of the delegate as in the\n * give-access-back, the delegator has to provide the recovery key to the delegate: the delegator has to properly\n * identify the delegate instead of validating that the public key belongs to the delegate.\n * - A patient is not yet registered in the system and therefore has no keypair, but the doctor wants to already share\n * some data with them. The doctor can create some placeholder exchange data, encrypted only with his own key\n * through the {@link IccPatientXApi.forceInitialiseExchangeDataToNewlyInvitedPatient} method, then create recovery data\n * for it and share the recovery key with the patient. The moment the patient logs in and creates his keypair he\n * will use the {@link recoverExchangeData} method to \"complete\" the placeholder exchange data.\n *\n * @param delegateId id of the delegate that needs access to his exchange data from the current data owner. This can't\n * be the id of the current data owner (you should instead recover the keypair).\n * @param options optional parameters:\n * - `lifetimeSeconds` the amount of seconds the recovery data will be available. If not provided, the recovery data will be available until it is\n * explicitly deleted.\n * @return an hexadecimal string that is the `recoveryKey` which will allow the delegate to gain access to the exchange data.\n * This value must be kept secret from users other than the current data owner and the delegate.\n * You can use this value with {@link recoverExchangeData}\n */\n async createExchangeDataRecoveryInfo(delegateId: string, options: { lifetimeSeconds?: number } = {}): Promise<string> {\n const exchangeDataToDelegate = await this.exchangeData.base.getExchangeDataByDelegatorDelegatePair(\n await this.dataOwnerApi.getCurrentDataOwnerId(),\n delegateId\n )\n const decryptionKeys = this.keyManager.getDecryptionKeys()\n const decryptedInformation: {\n exchangeDataId: string\n rawExchangeKey: ArrayBuffer\n rawAccessControlSecret: ArrayBuffer\n rawSharedSignatureKey: ArrayBuffer\n }[] = []\n for (const exchangeData of exchangeDataToDelegate) {\n const decryptedData = await this.exchangeData.base.tryRawDecryptExchangeData(exchangeData, decryptionKeys)\n if (decryptedData !== undefined) {\n decryptedInformation.push({ ...decryptedData, exchangeDataId: exchangeData.id! })\n }\n }\n return this.recoveryDataEncryption.createAndSaveExchangeDataRecoveryData(delegateId, decryptedInformation, options.lifetimeSeconds)\n }\n\n /**\n * Recover the content of exchange data from the delegator that created the recovery data at the provided.\n * {@link recoveryKey} to the current delegate. This will enable the current user to access the exchange data with\n * any of his private keys available on the device from which this method was called.\n * The exchange data will be automatically deleted from the server after the process completes successfully.\n *\n * @param recoveryKey the result of a call to {@link createExchangeDataRecoveryInfo} by a delegator.\n * @return null on success or a failure reason if the recovery data could not be used to perform the operation.\n * @throws If the recovery data is valid but the process fails for other reasons.\n */\n async recoverExchangeData(recoveryKey: string): Promise<RecoveryDataUseFailureReason | null> {\n const selfEncryptionKeys = Object.fromEntries(this.keyManager.getSelfVerifiedKeys().map((k) => [k.fingerprint, k.pair.publicKey]))\n const recoveredExchangeData = await this.recoveryDataEncryption.getAndDecryptExchangeDataRecoveryData(recoveryKey)\n if ('failure' in recoveredExchangeData) {\n return recoveredExchangeData.failure\n }\n for (const exchangeDataInfo of recoveredExchangeData.success) {\n const retrievedData = await this.exchangeData.base.getExchangeDataById(exchangeDataInfo.exchangeDataId)\n if (!retrievedData) {\n console.warn(`Could not recover exchange data with id ${exchangeDataInfo.exchangeDataId} as it was not found. Ignoring`)\n } else {\n await this.exchangeData.base.updateExchangeDataWithRawDecryptedContent({\n exchangeData: retrievedData,\n newEncryptionKeys: selfEncryptionKeys,\n rawExchangeKey: exchangeDataInfo.rawExchangeKey,\n rawAccessControlSecret: exchangeDataInfo.rawAccessControlSecret,\n rawSharedSignatureKey: exchangeDataInfo.rawSharedSignatureKey,\n newDelegatorSignatureKeys: {},\n })\n }\n }\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryDataEncryption.recoveryKeyToId(recoveryKey)).catch((e) => {\n console.warn(`Could not delete recovery data with id ${recoveryKey} after successful recovery: ${e}. Ignoring.`)\n })\n await this.exchangeData.clearOrRepopulateCache()\n return null\n }\n\n /**\n * Deletes the recovery information associated to a certain recovery key. You can use this method with the recovery key for any kind of data,\n * regardless of how you obtained the recovery key (from the {@link createRecoveryInfoForAvailableKeyPairs} or from the\n * {@link createExchangeDataRecoveryInfo} methods).\n * If there is no data associated to the provided recovery key, this method will do nothing.\n * @param recoveryKey the recovery key associated to the recovery information to delete.\n */\n async deleteRecoveryInfo(recoveryKey: string): Promise<void> {\n await this.baseRecoveryApi.deleteRecoveryData(await this.recoveryDataEncryption.recoveryKeyToId(recoveryKey))\n }\n\n /**\n * Deletes the recovery information associated to a certain data owner, regardless of type.\n * @param dataOwnerId the data owner for which to delete the recovery data.\n * @return the number of deleted recovery information.\n */\n async deleteAllRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(await this.baseRecoveryApi.deleteAllRecoveryDataForRecipient(dataOwnerId))\n }\n\n /**\n * Deletes all key pair recovery information for a certain data owner.\n * @param dataOwnerId the data owner for which to delete the key pair recovery information.\n * @return the number of deleted key pair recovery information.\n */\n async deleteAllKeyPairRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(\n await this.baseRecoveryApi.deleteAllRecoveryDataOfTypeForRecipient(RecoveryData.Type.KEYPAIR_RECOVERY, dataOwnerId)\n )\n }\n\n /**\n * Deletes all exchange data recovery information for a certain data owner.\n * @param dataOwnerId the data owner for which to delete the exchange data recovery information.\n * @return the number of deleted exchange data recovery information.\n */\n async deleteAllExchangeDataRecoveryInfoFor(dataOwnerId: string): Promise<number> {\n return this.getCountFromDeleteAllRes(\n await this.baseRecoveryApi.deleteAllRecoveryDataOfTypeForRecipient(RecoveryData.Type.EXCHANGE_KEY_RECOVERY, dataOwnerId)\n )\n }\n\n private async getCountFromDeleteAllRes(deleteAllRes: Content): Promise<number> {\n if (deleteAllRes.numberValue !== undefined) return deleteAllRes.numberValue\n throw new Error(`Unexpected result from delete method: ${JSON.stringify(deleteAllRes)}`)\n }\n}\n"]}
|
|
@@ -48,9 +48,9 @@ class IccTimeTableXApi extends icc_api_1.IccTimeTableApi {
|
|
|
48
48
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
49
49
|
* @return a new instance of timetable.
|
|
50
50
|
*/
|
|
51
|
-
newInstance(
|
|
52
|
-
|
|
53
|
-
|
|
51
|
+
newInstance(user_1, tt_1) {
|
|
52
|
+
return __awaiter(this, arguments, void 0, function* (user, tt, options = {}) {
|
|
53
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
|
|
54
54
|
const timeTable = Object.assign(Object.assign({}, (tt !== null && tt !== void 0 ? tt : {})), { id: (_a = tt === null || tt === void 0 ? void 0 : tt.id) !== null && _a !== void 0 ? _a : this.crypto.primitives.randomUuid(), created: (_b = tt === null || tt === void 0 ? void 0 : tt.created) !== null && _b !== void 0 ? _b : new Date().getTime(), modified: (_c = tt === null || tt === void 0 ? void 0 : tt.modified) !== null && _c !== void 0 ? _c : new Date().getTime(), responsible: (_d = tt === null || tt === void 0 ? void 0 : tt.responsible) !== null && _d !== void 0 ? _d : (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined), author: (_e = tt === null || tt === void 0 ? void 0 : tt.author) !== null && _e !== void 0 ? _e : (this.autofillAuthor ? user.id : undefined), codes: (_f = tt === null || tt === void 0 ? void 0 : tt.codes) !== null && _f !== void 0 ? _f : [], tags: (_g = tt === null || tt === void 0 ? void 0 : tt.tags) !== null && _g !== void 0 ? _g : [] });
|
|
55
55
|
const extraDelegations = Object.assign(Object.assign({}, Object.fromEntries([...((_j = (_h = user.autoDelegations) === null || _h === void 0 ? void 0 : _h.all) !== null && _j !== void 0 ? _j : []), ...((_l = (_k = user.autoDelegations) === null || _k === void 0 ? void 0 : _k.administrativeData) !== null && _l !== void 0 ? _l : [])].map((d) => [d, AccessLevelEnum.WRITE]))), ((_m = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _m !== void 0 ? _m : {}));
|
|
56
56
|
return new models.TimeTable(yield this.crypto.xapi
|
|
@@ -79,8 +79,8 @@ class IccTimeTableXApi extends icc_api_1.IccTimeTableApi {
|
|
|
79
79
|
* - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.
|
|
80
80
|
* @return the updated entity
|
|
81
81
|
*/
|
|
82
|
-
shareWith(
|
|
83
|
-
return __awaiter(this,
|
|
82
|
+
shareWith(delegateId_1, timeTable_1) {
|
|
83
|
+
return __awaiter(this, arguments, void 0, function* (delegateId, timeTable, options = {}) {
|
|
84
84
|
return this.shareWithMany(timeTable, { [delegateId]: options });
|
|
85
85
|
});
|
|
86
86
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-time-table-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-time-table-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,4CAA2C;AAG3C,wCAA4C;AAK5C,kDAAiD;AACjD,0EAAgG;AAChG,4EAAwE;AAIxE,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AAEtD,MAAa,gBAAiB,SAAQ,yBAAe;IAGnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAVtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,mBAAc,GAAd,cAAc,CAAS;QAX1C,SAAI,GAAQ,IAAI,CAAA;QAoBd,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;OAYG;IACG,WAAW,CACf,IAAU,EACV,EAAa,EACb,UAII,EAAE;;;YAEN,MAAM,SAAS,mCACV,CAAC,EAAE,aAAF,EAAE,cAAF,EAAE,GAAI,EAAE,CAAC,KACb,EAAE,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EACjD,OAAO,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC5C,QAAQ,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC9C,WAAW,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC5G,MAAM,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EACjE,KAAK,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,KAAK,mCAAI,EAAE,EACtB,IAAI,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,mCAAI,EAAE,GACrB,CAAA;YAED,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YAED,OAAO,IAAI,MAAM,CAAC,SAAS,CACzB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED;;OAEG;IACG,cAAc,CAAC,SAA2B;;YAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,SAAS,CACb,UAAkB,EAClB,SAA2B,EAC3B,UAII,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACG,aAAa,CACjB,SAA2B,EAC3B,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,SAA2B,EAC3B,SAMC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC/G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;oBAClD,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAClC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAwB;QAExB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAwB;QAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAwB,EAAE,SAAmB;QACnF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AAvMD,4CAuMC","sourcesContent":["import * as i18n from './rsrc/contact.i18n'\n\nimport * as _ from 'lodash'\nimport { IccTimeTableApi } from '../icc-api'\nimport { User } from '../icc-api/model/User'\nimport { TimeTable } from '../icc-api/model/TimeTable'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { MaintenanceTask } from '../icc-api/model/models'\nimport { EntityWithDelegationTypeName } from './utils'\n\nexport class IccTimeTableXApi extends IccTimeTableApi implements EncryptedEntityXApi<models.TimeTable> {\n i18n: any = i18n\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.TimeTable))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of timetable with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param tt initialised data for the timetable. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of timetable.\n */\n async newInstance(\n user: User,\n tt: TimeTable,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n alternateRootDelegation?: string\n } = {}\n ) {\n const timeTable: TimeTable = {\n ...(tt ?? {}),\n id: tt?.id ?? this.crypto.primitives.randomUuid(),\n created: tt?.created ?? new Date().getTime(),\n modified: tt?.modified ?? new Date().getTime(),\n responsible: tt?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: tt?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: tt?.codes ?? [],\n tags: tt?.tags ?? [],\n }\n\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n\n return new models.TimeTable(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n timeTable,\n EntityWithDelegationTypeName.TimeTable,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given time table\n */\n async hasWriteAccess(timeTable: models.TimeTable): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: timeTable, type: EntityWithDelegationTypeName.TimeTable })\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the time table.\n * @param timeTable the time table to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n timeTable: models.TimeTable,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.TimeTable> {\n return this.shareWithMany(timeTable, { [delegateId]: options })\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param timeTable the time table to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n timeTable: models.TimeTable,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.TimeTable> {\n return (await this.tryShareWithMany(timeTable, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param timeTable the time table to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n timeTable: models.TimeTable,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.TimeTable>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(timeTable, EntityWithDelegationTypeName.TimeTable)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyTimeTable(entityWithEncryptionKey) : timeTable\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.TimeTable,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareTimeTable(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.TimeTable\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.TimeTable })\n }\n\n getEncryptionKeysOf(entity: models.TimeTable): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.TimeTable }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.TimeTable, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.TimeTable },\n delegates\n )\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-time-table-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-time-table-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,4CAA2C;AAG3C,wCAA4C;AAK5C,kDAAiD;AACjD,0EAAgG;AAChG,4EAAwE;AAIxE,wEAAoE;AACpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AAEtD,MAAa,gBAAiB,SAAQ,yBAAe;IAGnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAVtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,mBAAc,GAAd,cAAc,CAAS;QAX1C,SAAI,GAAQ,IAAI,CAAA;QAoBd,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;OAYG;IACG,WAAW;6DACf,IAAU,EACV,EAAa,EACb,UAII,EAAE;;YAEN,MAAM,SAAS,mCACV,CAAC,EAAE,aAAF,EAAE,cAAF,EAAE,GAAI,EAAE,CAAC,KACb,EAAE,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EACjD,OAAO,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC5C,QAAQ,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC9C,WAAW,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC5G,MAAM,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EACjE,KAAK,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,KAAK,mCAAI,EAAE,EACtB,IAAI,EAAE,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,mCAAI,EAAE,GACrB,CAAA;YAED,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YAED,OAAO,IAAI,MAAM,CAAC,SAAS,CACzB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAA2B;;YAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,SAAS;6DACb,UAAkB,EAClB,SAA2B,EAC3B,UAII,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACG,aAAa,CACjB,SAA2B,EAC3B,SAMC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,gBAAgB,CACpB,SAA2B,EAC3B,SAMC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC/G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,+CAAsB,CAAC,KAAK;oBAClD,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAClC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAwB;QAExB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAwB;QAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAwB,EAAE,SAAmB;QACnF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AAvMD,4CAuMC","sourcesContent":["import * as i18n from './rsrc/contact.i18n'\n\nimport * as _ from 'lodash'\nimport { IccTimeTableApi } from '../icc-api'\nimport { User } from '../icc-api/model/User'\nimport { TimeTable } from '../icc-api/model/TimeTable'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { MaintenanceTask } from '../icc-api/model/models'\nimport { EntityWithDelegationTypeName } from './utils'\n\nexport class IccTimeTableXApi extends IccTimeTableApi implements EncryptedEntityXApi<models.TimeTable> {\n i18n: any = i18n\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.TimeTable))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of timetable with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param tt initialised data for the timetable. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of timetable.\n */\n async newInstance(\n user: User,\n tt: TimeTable,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n preferredSfk?: string\n alternateRootDelegation?: string\n } = {}\n ) {\n const timeTable: TimeTable = {\n ...(tt ?? {}),\n id: tt?.id ?? this.crypto.primitives.randomUuid(),\n created: tt?.created ?? new Date().getTime(),\n modified: tt?.modified ?? new Date().getTime(),\n responsible: tt?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: tt?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: tt?.codes ?? [],\n tags: tt?.tags ?? [],\n }\n\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n\n return new models.TimeTable(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n timeTable,\n EntityWithDelegationTypeName.TimeTable,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given time table\n */\n async hasWriteAccess(timeTable: models.TimeTable): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: timeTable, type: EntityWithDelegationTypeName.TimeTable })\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the time table.\n * @param timeTable the time table to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n timeTable: models.TimeTable,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.TimeTable> {\n return this.shareWithMany(timeTable, { [delegateId]: options })\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param timeTable the time table to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n timeTable: models.TimeTable,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.TimeTable> {\n return (await this.tryShareWithMany(timeTable, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing time table with other data owners, allowing them to access the non-encrypted data of the time table and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param timeTable the time table to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * time table does not have encrypted content.\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n timeTable: models.TimeTable,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.TimeTable>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(timeTable, EntityWithDelegationTypeName.TimeTable)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyTimeTable(entityWithEncryptionKey) : timeTable\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.TimeTable,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: ShareMetadataBehaviour.NEVER,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareTimeTable(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.TimeTable\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.TimeTable })\n }\n\n getEncryptionKeysOf(entity: models.TimeTable): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.TimeTable }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.TimeTable, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.TimeTable },\n delegates\n )\n }\n}\n"]}
|
|
@@ -53,10 +53,10 @@ class IccTopicXApi extends icc_api_1.IccTopicApi {
|
|
|
53
53
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
54
54
|
* @return a new instance of topic.
|
|
55
55
|
*/
|
|
56
|
-
newInstance(
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
56
|
+
newInstance(user_1, patient_1) {
|
|
57
|
+
return __awaiter(this, arguments, void 0, function* (user, patient, c = {}, // TODO: Why this isn't Topic?
|
|
58
|
+
options = {}) {
|
|
59
|
+
var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l;
|
|
60
60
|
if (!patient && options.sfkOption)
|
|
61
61
|
throw new Error('preferredSfk can only be specified if patient is specified.');
|
|
62
62
|
const topic = Object.assign(Object.assign({}, (c !== null && c !== void 0 ? c : {})), { id: (_a = c === null || c === void 0 ? void 0 : c.id) !== null && _a !== void 0 ? _a : this.crypto.primitives.randomUuid(), _type: 'org.taktik.icure.entities.Topic', created: (_b = c === null || c === void 0 ? void 0 : c.created) !== null && _b !== void 0 ? _b : new Date().getTime(), modified: (_c = c === null || c === void 0 ? void 0 : c.modified) !== null && _c !== void 0 ? _c : new Date().getTime(), responsible: (_d = c === null || c === void 0 ? void 0 : c.responsible) !== null && _d !== void 0 ? _d : (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined), author: (_e = c === null || c === void 0 ? void 0 : c.author) !== null && _e !== void 0 ? _e : (this.autofillAuthor ? user.id : undefined), codes: (_f = c === null || c === void 0 ? void 0 : c.codes) !== null && _f !== void 0 ? _f : [], tags: (_g = c === null || c === void 0 ? void 0 : c.tags) !== null && _g !== void 0 ? _g : [] });
|
|
@@ -132,8 +132,8 @@ class IccTopicXApi extends icc_api_1.IccTopicApi {
|
|
|
132
132
|
* - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.
|
|
133
133
|
* @return the updated entity
|
|
134
134
|
*/
|
|
135
|
-
shareWith(
|
|
136
|
-
return __awaiter(this,
|
|
135
|
+
shareWith(delegateId_1, topic_1) {
|
|
136
|
+
return __awaiter(this, arguments, void 0, function* (delegateId, topic, options = {}) {
|
|
137
137
|
return this.shareWithMany(topic, { [delegateId]: options });
|
|
138
138
|
});
|
|
139
139
|
}
|
|
@@ -209,8 +209,8 @@ class IccTopicXApi extends icc_api_1.IccTopicApi {
|
|
|
209
209
|
const _super = Object.create(null, {
|
|
210
210
|
filterTopicsBy: { get: () => super.filterTopicsBy }
|
|
211
211
|
});
|
|
212
|
-
var _a;
|
|
213
212
|
return __awaiter(this, void 0, void 0, function* () {
|
|
213
|
+
var _a;
|
|
214
214
|
const page = yield _super.filterTopicsBy.call(this, body, startDocumentId, limit);
|
|
215
215
|
const decryptedTopics = yield this.decrypt((_a = page.rows) !== null && _a !== void 0 ? _a : []);
|
|
216
216
|
return Object.assign(Object.assign({}, page), { rows: decryptedTopics });
|
|
@@ -303,8 +303,8 @@ class IccTopicXApi extends icc_api_1.IccTopicApi {
|
|
|
303
303
|
return (yield this.decrypt([updatedTopic]))[0];
|
|
304
304
|
});
|
|
305
305
|
}
|
|
306
|
-
subscribeToTopicEvents(
|
|
307
|
-
return __awaiter(this,
|
|
306
|
+
subscribeToTopicEvents(eventTypes_1, filter_1, eventFired_1) {
|
|
307
|
+
return __awaiter(this, arguments, void 0, function* (eventTypes, filter, eventFired, options = {}) {
|
|
308
308
|
return yield (0, utils_1.subscribeToEntityEvents)(this.host, this.authApi, utils_1.EntityWithDelegationTypeName.Topic, eventTypes, filter, eventFired, options, (encrypted) => __awaiter(this, void 0, void 0, function* () { return (yield this.decrypt([encrypted]))[0]; })).then((rs) => new Connection_1.ConnectionImpl(rs));
|
|
309
309
|
});
|
|
310
310
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-topic-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-topic-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAoD;AAIpD,kDAAiD;AAGjD,0EAAgG;AAChG,wEAAoE;AAGpE,qFAAiF;AAKjF,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AACzD,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAC3E,mCAAmJ;AAEnJ,4DAAwE;AACxE,kEAA8D;AAE9D,qCAAqC;AACrC,MAAa,YAAa,SAAQ,qBAAW;IAG3C,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,OAAmB,EACnB,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,gBAA+B,CAAC,aAAa,CAAC,EAC9C,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAZtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,YAAO,GAAP,OAAO,CAAY;QACnB,mBAAc,GAAd,cAAc,CAAS;QAWxC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;IACtE,CAAC;IAED,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3I,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW,CACf,IAAiB,EACjB,OAA8B,EAC9B,IAAW,EAAE,EAAE,8BAA8B;IAC7C,UAII,EAAE;;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAA;YAEjH,MAAM,KAAK,mCACN,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,KAAK,EAAE,iCAAiC,EACxC,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,GACpB,CAAA;YAED,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CAAC,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,GAC5F,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO;gBACjB,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC9C,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D;gBACH,CAAC,CAAC,SAAS,CAAA;YAEb,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAE7F,OAAO,IAAI,MAAM,CAAC,KAAK,CACrB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,KAAK,EACL,oCAA4B,CAAC,KAAK,EAClC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EACX,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAEK,OAAO,CAAC,MAA2B;;YACvC,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAC5H,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,MAA2B;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,MAAM,EACN,oCAA4B,CAAC,KAAK,EAClC,IAAI,CAAC,eAAe,EACpB,IAAI,EACJ,KAAK,EACL,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAC3B,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACY,WAAW,CAAC,IAAW;;;;;YACpC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;YAClD,MAAM,YAAY,GAAG,MAAM,OAAM,WAAW,YAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAA;YAC1D,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,KAAmB;;YAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;QACnH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,KAAmB;;YACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAA;QACrG,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS,CACb,UAAkB,EAClB,KAAmB,EACnB,UAKI,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC7D,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,KAAmB,EACnB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC7E,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,KAAmB,EACnB,SAOC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,KAAK,EAAE,oCAA4B,CAAC,KAAK,CAAC,CAAA;YACjI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YACvG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,KAAK;aACzC,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAC/B;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAoB;QAEpB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAA;IAC/H,CAAC;IAED,mBAAmB,CAAC,MAAoB;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;IAC3G,CAAC;IAED;;;;;;OAMG;IACY,cAAc,CAAC,IAAsB,EAAE,eAAwB,EAAE,KAAc;;;;;;YAC5F,MAAM,IAAI,GAAG,MAAM,OAAM,cAAc,YAAC,IAAI,EAAE,eAAe,EAAE,KAAK,CAAC,CAAA;YACrE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAA,IAAI,CAAC,IAAI,mCAAI,EAAE,CAAC,CAAA;YAC3D,uCACK,IAAI,KACP,IAAI,EAAE,eAAe,IACtB;;KACF;IAED;;;;OAIG;IACY,QAAQ,CAAC,EAAU;;;;;YAChC,MAAM,KAAK,GAAG,MAAM,OAAM,QAAQ,YAAC,EAAE,CAAC,CAAA;YACtC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAA;YACnD,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACY,SAAS,CAAC,IAAe;;;;;YACtC,MAAM,MAAM,GAAG,MAAM,OAAM,SAAS,YAAC,IAAI,CAAC,CAAA;YAC1C,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QACnC,CAAC;KAAA;IAED;;;;OAIG;IACY,WAAW,CAAC,IAAW;;;;;YACpC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;YAClD,MAAM,aAAa,GAAG,MAAM,OAAM,WAAW,YAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;YACjE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,aAAa,CAAC,CAAC,CAAA;YAC3D,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACY,cAAc,CAAC,IAAmD,EAAE,OAAe;;YAChG,MAAM,IAAI,KAAK,CAAC,2GAA2G,CAAC,CAAA;QAC9H,CAAC;KAAA;IAED;;;;;OAKG;IACG,uBAAuB,CAAC,IAAmD,EAAE,KAAY;;;;;YAC7F,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE;gBACjE,oBAAoB,EAAE,uBAAuB,CAAC,UAAU;aACzD,CAAC,CAAA;YAEF,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,OAAM,cAAc,YAAC,IAAI,EAAE,YAAY,CAAC,EAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAED;;;;;OAKG;IACG,iBAAiB,CAAC,IAA6B,EAAE,OAAe;;;;;YACpE,MAAM,YAAY,GAAG,MAAM,OAAM,iBAAiB,YAAC,IAAI,EAAE,OAAO,CAAC,CAAA;YACjE,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAChD,CAAC;KAAA;IAEK,sBAAsB,CAC1B,UAA8C,EAC9C,MAAyC,EACzC,UAA6C,EAC7C,UAA+B,EAAE;;YAEjC,OAAO,MAAM,IAAA,+BAAuB,EAClC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ,oCAA4B,CAAC,KAAK,EAClC,UAAU,EACV,MAAM,EACN,UAAU,EACV,OAAO,EACP,CAAO,SAAS,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,GAAA,CAC1D,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,2BAAc,CAAC,EAAE,CAAC,CAAC,CAAA;QACxC,CAAC;KAAA;IAED,uCAAuC,CAAC,MAAa,EAAE,SAAmB;QACxE,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;IAClJ,CAAC;CACF;AA3WD,oCA2WC","sourcesContent":["import { IccAuthApi, IccTopicApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { ListOfIds, MaintenanceTask, Topic, TopicRole } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { FilterChainTopic } from '../icc-api/model/FilterChainTopic'\nimport { PaginatedListTopic } from '../icc-api/model/PaginatedListTopic'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields, subscribeToEntityEvents, SubscriptionOptions } from './utils'\nimport { AbstractFilter } from './filters/filters'\nimport { Connection, ConnectionImpl } from '../icc-api/model/Connection'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\n\n// noinspection JSUnusedGlobalSymbols\nexport class IccTopicXApi extends IccTopicApi implements EncryptedEntityXApi<models.Topic> {\n private readonly encryptedFields: EncryptedFieldsManifest\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly authApi: IccAuthApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n encryptedKeys: Array<string> = ['description'],\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'Topic.')\n }\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Topic))\n }\n\n /**\n * Creates a new instance of topic with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this topic refers to.\n * @param c initialised data for the topic. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the topic. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of topic.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient | null,\n c: Topic = {}, // TODO: Why this isn't Topic?\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n alternateRootDelegation?: string\n } = {}\n ) {\n if (!patient && options.sfkOption) throw new Error('preferredSfk can only be specified if patient is specified.')\n\n const topic = {\n ...(c ?? {}),\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n _type: 'org.taktik.icure.entities.Topic',\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n }\n\n const extraDelegations = {\n ...Object.fromEntries((user.autoDelegations?.all ?? []).map((d) => [d, AccessLevelEnum.WRITE])),\n ...(options?.additionalDelegates ?? {}),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient\n ? await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n : undefined\n\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n\n return new models.Topic(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n topic,\n EntityWithDelegationTypeName.Topic,\n patient?.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n async decrypt(topics: Array<models.Topic>) {\n return (await this.crypto.xapi.tryDecryptEntities(topics, EntityWithDelegationTypeName.Topic, (x) => new models.Topic(x))).map(\n ({ entity }) => entity\n )\n }\n\n async encrypt(topics: Array<models.Topic>): Promise<Array<models.Topic>> {\n return this.crypto.xapi.tryEncryptEntities(\n topics,\n EntityWithDelegationTypeName.Topic,\n this.encryptedFields,\n true,\n false,\n (x) => new models.Topic(x)\n )\n }\n\n /**\n * Create and share a new topic with other participants.\n * @param body the topic to create.\n * @return the created topic.\n */\n override async createTopic(body: Topic): Promise<Topic> {\n const encryptedTopics = await this.encrypt([body])\n const createdTopic = await super.createTopic(encryptedTopics[0])\n const decryptedTopics = await this.decrypt([createdTopic])\n return decryptedTopics[0]\n }\n\n /**\n * @param topic a topic\n * @return the id of the patient that the topic refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(topic: models.Topic): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: topic, type: EntityWithDelegationTypeName.Topic }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given topic\n */\n async hasWriteAccess(topic: models.Topic): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: topic, type: EntityWithDelegationTypeName.Topic })\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the topic.\n * @param topic the topic to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n topic: models.Topic,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Topic> {\n return this.shareWithMany(topic, { [delegateId]: options })\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param topic the topic to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * topic does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n topic: models.Topic,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Topic> {\n return (await this.tryShareWithMany(topic, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param topic the topic to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * topic does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n topic: models.Topic,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Topic>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(topic, EntityWithDelegationTypeName.Topic)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyTopic(entityWithEncryptionKey) : topic\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Topic,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareTopics(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt([e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Topic\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Topic })\n }\n\n getEncryptionKeysOf(entity: models.Topic): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Topic }, undefined)\n }\n\n /**\n * Filter and decrypt topics by the given filter.\n * @param body the filter to apply.\n * @param startDocumentId the document id to start from (inclusive).\n * @param limit the maximum number of topics to return in the page.\n * @return a paginated list of topics.\n */\n override async filterTopicsBy(body: FilterChainTopic, startDocumentId?: string, limit?: number): Promise<PaginatedListTopic> {\n const page = await super.filterTopicsBy(body, startDocumentId, limit)\n const decryptedTopics = await this.decrypt(page.rows ?? [])\n return {\n ...page,\n rows: decryptedTopics,\n }\n }\n\n /**\n * Obtain the topic with the given id and decrypt it.\n * @param id the id of the topic to retrieve.\n * @return the decrypted topic.\n */\n override async getTopic(id: string): Promise<Topic> {\n const topic = await super.getTopic(id)\n const decryptedTopics = await this.decrypt([topic])\n return decryptedTopics[0]\n }\n\n /**\n * Obtain the topics with the given ids and decrypt them.\n * @param body the ids of the topics to retrieve.\n * @return the decrypted topics.\n */\n override async getTopics(body: ListOfIds): Promise<Array<Topic>> {\n const topics = await super.getTopics(body)\n return await this.decrypt(topics)\n }\n\n /**\n * Update and encrypt the given topic.\n * @param body the topic to update.\n * @return the updated decrypted topic.\n */\n override async modifyTopic(body: Topic): Promise<Topic> {\n const encryptedTopics = await this.encrypt([body])\n const modifiedTopic = await super.modifyTopic(encryptedTopics[0])\n const decryptedTopics = await this.decrypt([modifiedTopic])\n return decryptedTopics[0]\n }\n\n /**\n * @internal this method is for internal use only and may be changed without notice\n * @param body data owner id of the data owner to which the participant should be added and the topic role of the participant.\n * @param topicId Id of the topic to which the participant should be added.\n */\n override async addParticipant(body: { dataOwnerId: string; topicRole: TopicRole }, topicId: string): Promise<Topic> {\n throw new Error('Cannot add participant to topic without sharing it first. You should use addParticipantWithTopic instead.')\n }\n\n /**\n * This method is similar to {@link addParticipant} but it also shares the topic with the data owner before adding the participant.\n * @param body data owner id of the data owner to which the participant should be added and the topic role of the participant.\n * @param topic the topic to share and to which the participant should be added.\n * @return the updated topic.\n */\n async addParticipantWithTopic(body: { dataOwnerId: string; topicRole: TopicRole }, topic: Topic): Promise<Topic> {\n const updatedTopic = await this.shareWith(body.dataOwnerId, topic, {\n requestedPermissions: RequestedPermissionEnum.FULL_WRITE,\n })\n\n return (await this.decrypt([await super.addParticipant(body, updatedTopic.id!)]))[0]\n }\n\n /**\n * Remove the participant with the given data owner id from the topic with the given id.\n * @param body data owner id of the participant to remove.\n * @param topicId Id of the topic from which the participant should be removed.\n * @return the updated decrypted topic.\n */\n async removeParticipant(body: { dataOwnerId: string }, topicId: string): Promise<Topic> {\n const updatedTopic = await super.removeParticipant(body, topicId)\n return (await this.decrypt([updatedTopic]))[0]\n }\n\n async subscribeToTopicEvents(\n eventTypes: ('CREATE' | 'UPDATE' | 'DELETE')[],\n filter: AbstractFilter<Topic> | undefined,\n eventFired: (message: Topic) => Promise<void>,\n options: SubscriptionOptions = {}\n ): Promise<Connection> {\n return await subscribeToEntityEvents(\n this.host,\n this.authApi,\n EntityWithDelegationTypeName.Topic,\n eventTypes,\n filter,\n eventFired,\n options,\n async (encrypted) => (await this.decrypt([encrypted]))[0]\n ).then((rs) => new ConnectionImpl(rs))\n }\n\n createDelegationDeAnonymizationMetadata(entity: Topic, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: EntityWithDelegationTypeName.Topic }, delegates)\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-topic-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-topic-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAoD;AAIpD,kDAAiD;AAGjD,0EAAgG;AAChG,wEAAoE;AAGpE,qFAAiF;AAKjF,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AACzD,IAAO,uBAAuB,GAAG,uCAAkB,CAAC,uBAAuB,CAAA;AAC3E,mCAAmJ;AAEnJ,4DAAwE;AACxE,kEAA8D;AAE9D,qCAAqC;AACrC,MAAa,YAAa,SAAQ,qBAAW;IAG3C,YACE,IAAY,EACZ,OAAkC,EACjB,MAAqB,EACrB,YAA8B,EAC9B,OAAmB,EACnB,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,gBAA+B,CAAC,aAAa,CAAC,EAC9C,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAZtC,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAkB;QAC9B,YAAO,GAAP,OAAO,CAAY;QACnB,mBAAc,GAAd,cAAc,CAAS;QAWxC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;IACtE,CAAC;IAED,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3I,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAA8B,EAC9B,IAAW,EAAE,EAAE,8BAA8B;QAC7C,UAII,EAAE;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,SAAS;gBAAE,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAA;YAEjH,MAAM,KAAK,mCACN,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,KAAK,EAAE,iCAAiC,EACxC,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,GACpB,CAAA;YAED,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CAAC,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,GAC5F,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO;gBACjB,CAAC,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC9C,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D;gBACH,CAAC,CAAC,SAAS,CAAA;YAEb,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAE7F,OAAO,IAAI,MAAM,CAAC,KAAK,CACrB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,KAAK,EACL,oCAA4B,CAAC,KAAK,EAClC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EACX,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,MAA2B;;YACvC,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAC5H,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAEK,OAAO,CAAC,MAA2B;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,MAAM,EACN,oCAA4B,CAAC,KAAK,EAClC,IAAI,CAAC,eAAe,EACpB,IAAI,EACJ,KAAK,EACL,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAC3B,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACY,WAAW,CAAC,IAAW;;;;;YACpC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;YAClD,MAAM,YAAY,GAAG,MAAM,OAAM,WAAW,YAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;YAChE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAA;YAC1D,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,KAAmB;;YAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;QACnH,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,KAAmB;;YACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAA;QACrG,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,SAAS;6DACb,UAAkB,EAClB,KAAmB,EACnB,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QAC7D,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,KAAmB,EACnB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QAC7E,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,KAAmB,EACnB,SAOC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,KAAK,EAAE,oCAA4B,CAAC,KAAK,CAAC,CAAA;YACjI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YACvG,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,KAAK;aACzC,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAC/B;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACjF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAoB;QAEpB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,CAAC,CAAA;IAC/H,CAAC;IAED,mBAAmB,CAAC,MAAoB;QACtC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;IAC3G,CAAC;IAED;;;;;;OAMG;IACY,cAAc,CAAC,IAAsB,EAAE,eAAwB,EAAE,KAAc;;;;;;YAC5F,MAAM,IAAI,GAAG,MAAM,OAAM,cAAc,YAAC,IAAI,EAAE,eAAe,EAAE,KAAK,CAAC,CAAA;YACrE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAA,IAAI,CAAC,IAAI,mCAAI,EAAE,CAAC,CAAA;YAC3D,uCACK,IAAI,KACP,IAAI,EAAE,eAAe,IACtB;QACH,CAAC;KAAA;IAED;;;;OAIG;IACY,QAAQ,CAAC,EAAU;;;;;YAChC,MAAM,KAAK,GAAG,MAAM,OAAM,QAAQ,YAAC,EAAE,CAAC,CAAA;YACtC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,CAAA;YACnD,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACY,SAAS,CAAC,IAAe;;;;;YACtC,MAAM,MAAM,GAAG,MAAM,OAAM,SAAS,YAAC,IAAI,CAAC,CAAA;YAC1C,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QACnC,CAAC;KAAA;IAED;;;;OAIG;IACY,WAAW,CAAC,IAAW;;;;;YACpC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;YAClD,MAAM,aAAa,GAAG,MAAM,OAAM,WAAW,YAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAA;YACjE,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,aAAa,CAAC,CAAC,CAAA;YAC3D,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;QAC3B,CAAC;KAAA;IAED;;;;OAIG;IACY,cAAc,CAAC,IAAmD,EAAE,OAAe;;YAChG,MAAM,IAAI,KAAK,CAAC,2GAA2G,CAAC,CAAA;QAC9H,CAAC;KAAA;IAED;;;;;OAKG;IACG,uBAAuB,CAAC,IAAmD,EAAE,KAAY;;;;;YAC7F,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE;gBACjE,oBAAoB,EAAE,uBAAuB,CAAC,UAAU;aACzD,CAAC,CAAA;YAEF,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,OAAM,cAAc,YAAC,IAAI,EAAE,YAAY,CAAC,EAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACtF,CAAC;KAAA;IAED;;;;;OAKG;IACG,iBAAiB,CAAC,IAA6B,EAAE,OAAe;;;;;YACpE,MAAM,YAAY,GAAG,MAAM,OAAM,iBAAiB,YAAC,IAAI,EAAE,OAAO,CAAC,CAAA;YACjE,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAChD,CAAC;KAAA;IAEK,sBAAsB;6DAC1B,UAA8C,EAC9C,MAAyC,EACzC,UAA6C,EAC7C,UAA+B,EAAE;YAEjC,OAAO,MAAM,IAAA,+BAAuB,EAClC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,OAAO,EACZ,oCAA4B,CAAC,KAAK,EAClC,UAAU,EACV,MAAM,EACN,UAAU,EACV,OAAO,EACP,CAAO,SAAS,EAAE,EAAE,gDAAC,OAAA,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA,GAAA,CAC1D,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,2BAAc,CAAC,EAAE,CAAC,CAAC,CAAA;QACxC,CAAC;KAAA;IAED,uCAAuC,CAAC,MAAa,EAAE,SAAmB;QACxE,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAA;IAClJ,CAAC;CACF;AA3WD,oCA2WC","sourcesContent":["import { IccAuthApi, IccTopicApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\nimport * as models from '../icc-api/model/models'\nimport { ListOfIds, MaintenanceTask, Topic, TopicRole } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { FilterChainTopic } from '../icc-api/model/FilterChainTopic'\nimport { PaginatedListTopic } from '../icc-api/model/PaginatedListTopic'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields, subscribeToEntityEvents, SubscriptionOptions } from './utils'\nimport { AbstractFilter } from './filters/filters'\nimport { Connection, ConnectionImpl } from '../icc-api/model/Connection'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\n\n// noinspection JSUnusedGlobalSymbols\nexport class IccTopicXApi extends IccTopicApi implements EncryptedEntityXApi<models.Topic> {\n private readonly encryptedFields: EncryptedFieldsManifest\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private readonly crypto: IccCryptoXApi,\n private readonly dataOwnerApi: IccDataOwnerXApi,\n private readonly authApi: IccAuthApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n encryptedKeys: Array<string> = ['description'],\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n\n this.encryptedFields = parseEncryptedFields(encryptedKeys, 'Topic.')\n }\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Topic))\n }\n\n /**\n * Creates a new instance of topic with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this topic refers to.\n * @param c initialised data for the topic. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the topic. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of topic.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient | null,\n c: Topic = {}, // TODO: Why this isn't Topic?\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n alternateRootDelegation?: string\n } = {}\n ) {\n if (!patient && options.sfkOption) throw new Error('preferredSfk can only be specified if patient is specified.')\n\n const topic = {\n ...(c ?? {}),\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n _type: 'org.taktik.icure.entities.Topic',\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n }\n\n const extraDelegations = {\n ...Object.fromEntries((user.autoDelegations?.all ?? []).map((d) => [d, AccessLevelEnum.WRITE])),\n ...(options?.additionalDelegates ?? {}),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient\n ? await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n : undefined\n\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n\n return new models.Topic(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n topic,\n EntityWithDelegationTypeName.Topic,\n patient?.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n async decrypt(topics: Array<models.Topic>) {\n return (await this.crypto.xapi.tryDecryptEntities(topics, EntityWithDelegationTypeName.Topic, (x) => new models.Topic(x))).map(\n ({ entity }) => entity\n )\n }\n\n async encrypt(topics: Array<models.Topic>): Promise<Array<models.Topic>> {\n return this.crypto.xapi.tryEncryptEntities(\n topics,\n EntityWithDelegationTypeName.Topic,\n this.encryptedFields,\n true,\n false,\n (x) => new models.Topic(x)\n )\n }\n\n /**\n * Create and share a new topic with other participants.\n * @param body the topic to create.\n * @return the created topic.\n */\n override async createTopic(body: Topic): Promise<Topic> {\n const encryptedTopics = await this.encrypt([body])\n const createdTopic = await super.createTopic(encryptedTopics[0])\n const decryptedTopics = await this.decrypt([createdTopic])\n return decryptedTopics[0]\n }\n\n /**\n * @param topic a topic\n * @return the id of the patient that the topic refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(topic: models.Topic): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: topic, type: EntityWithDelegationTypeName.Topic }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given topic\n */\n async hasWriteAccess(topic: models.Topic): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: topic, type: EntityWithDelegationTypeName.Topic })\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the topic.\n * @param topic the topic to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n topic: models.Topic,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Topic> {\n return this.shareWithMany(topic, { [delegateId]: options })\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param topic the topic to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * topic does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n topic: models.Topic,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Topic> {\n return (await this.tryShareWithMany(topic, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing topic with other data owners, allowing them to access the non-encrypted data of the topic and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param topic the topic to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * topic does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this topic refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n topic: models.Topic,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Topic>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(topic, EntityWithDelegationTypeName.Topic)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyTopic(entityWithEncryptionKey) : topic\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Topic,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareTopics(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt([e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Topic\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Topic })\n }\n\n getEncryptionKeysOf(entity: models.Topic): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Topic }, undefined)\n }\n\n /**\n * Filter and decrypt topics by the given filter.\n * @param body the filter to apply.\n * @param startDocumentId the document id to start from (inclusive).\n * @param limit the maximum number of topics to return in the page.\n * @return a paginated list of topics.\n */\n override async filterTopicsBy(body: FilterChainTopic, startDocumentId?: string, limit?: number): Promise<PaginatedListTopic> {\n const page = await super.filterTopicsBy(body, startDocumentId, limit)\n const decryptedTopics = await this.decrypt(page.rows ?? [])\n return {\n ...page,\n rows: decryptedTopics,\n }\n }\n\n /**\n * Obtain the topic with the given id and decrypt it.\n * @param id the id of the topic to retrieve.\n * @return the decrypted topic.\n */\n override async getTopic(id: string): Promise<Topic> {\n const topic = await super.getTopic(id)\n const decryptedTopics = await this.decrypt([topic])\n return decryptedTopics[0]\n }\n\n /**\n * Obtain the topics with the given ids and decrypt them.\n * @param body the ids of the topics to retrieve.\n * @return the decrypted topics.\n */\n override async getTopics(body: ListOfIds): Promise<Array<Topic>> {\n const topics = await super.getTopics(body)\n return await this.decrypt(topics)\n }\n\n /**\n * Update and encrypt the given topic.\n * @param body the topic to update.\n * @return the updated decrypted topic.\n */\n override async modifyTopic(body: Topic): Promise<Topic> {\n const encryptedTopics = await this.encrypt([body])\n const modifiedTopic = await super.modifyTopic(encryptedTopics[0])\n const decryptedTopics = await this.decrypt([modifiedTopic])\n return decryptedTopics[0]\n }\n\n /**\n * @internal this method is for internal use only and may be changed without notice\n * @param body data owner id of the data owner to which the participant should be added and the topic role of the participant.\n * @param topicId Id of the topic to which the participant should be added.\n */\n override async addParticipant(body: { dataOwnerId: string; topicRole: TopicRole }, topicId: string): Promise<Topic> {\n throw new Error('Cannot add participant to topic without sharing it first. You should use addParticipantWithTopic instead.')\n }\n\n /**\n * This method is similar to {@link addParticipant} but it also shares the topic with the data owner before adding the participant.\n * @param body data owner id of the data owner to which the participant should be added and the topic role of the participant.\n * @param topic the topic to share and to which the participant should be added.\n * @return the updated topic.\n */\n async addParticipantWithTopic(body: { dataOwnerId: string; topicRole: TopicRole }, topic: Topic): Promise<Topic> {\n const updatedTopic = await this.shareWith(body.dataOwnerId, topic, {\n requestedPermissions: RequestedPermissionEnum.FULL_WRITE,\n })\n\n return (await this.decrypt([await super.addParticipant(body, updatedTopic.id!)]))[0]\n }\n\n /**\n * Remove the participant with the given data owner id from the topic with the given id.\n * @param body data owner id of the participant to remove.\n * @param topicId Id of the topic from which the participant should be removed.\n * @return the updated decrypted topic.\n */\n async removeParticipant(body: { dataOwnerId: string }, topicId: string): Promise<Topic> {\n const updatedTopic = await super.removeParticipant(body, topicId)\n return (await this.decrypt([updatedTopic]))[0]\n }\n\n async subscribeToTopicEvents(\n eventTypes: ('CREATE' | 'UPDATE' | 'DELETE')[],\n filter: AbstractFilter<Topic> | undefined,\n eventFired: (message: Topic) => Promise<void>,\n options: SubscriptionOptions = {}\n ): Promise<Connection> {\n return await subscribeToEntityEvents(\n this.host,\n this.authApi,\n EntityWithDelegationTypeName.Topic,\n eventTypes,\n filter,\n eventFired,\n options,\n async (encrypted) => (await this.decrypt([encrypted]))[0]\n ).then((rs) => new ConnectionImpl(rs))\n }\n\n createDelegationDeAnonymizationMetadata(entity: Topic, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: EntityWithDelegationTypeName.Topic }, delegates)\n }\n}\n"]}
|
|
@@ -66,15 +66,15 @@ class IccUserXApi extends IccUserApi_1.IccUserApi {
|
|
|
66
66
|
return _super.modifyUser.call(this, body);
|
|
67
67
|
});
|
|
68
68
|
}
|
|
69
|
-
subscribeToUserEvents(
|
|
70
|
-
return __awaiter(this,
|
|
69
|
+
subscribeToUserEvents(eventTypes_1, filter_1, eventFired_1) {
|
|
70
|
+
return __awaiter(this, arguments, void 0, function* (eventTypes, filter, eventFired, options = {}) {
|
|
71
71
|
const rs = yield (0, utils_1.subscribeToEntityEvents)(this.host, this.authApi, 'User', eventTypes, filter, eventFired, options);
|
|
72
72
|
return new Connection_1.ConnectionImpl(rs);
|
|
73
73
|
});
|
|
74
74
|
}
|
|
75
75
|
checkPassword(password) {
|
|
76
|
-
var _a;
|
|
77
76
|
return __awaiter(this, void 0, void 0, function* () {
|
|
77
|
+
var _a;
|
|
78
78
|
const userInfo = yield this.getGroupAndUserIdFromToken();
|
|
79
79
|
if (!!userInfo) {
|
|
80
80
|
console.log(this.authApi);
|
|
@@ -90,8 +90,8 @@ class IccUserXApi extends IccUserApi_1.IccUserApi {
|
|
|
90
90
|
});
|
|
91
91
|
}
|
|
92
92
|
getGroupAndUserIdFromToken() {
|
|
93
|
-
var _a;
|
|
94
93
|
return __awaiter(this, void 0, void 0, function* () {
|
|
94
|
+
var _a;
|
|
95
95
|
const token = (_a = (yield this.authenticationProvider.getIcureTokens())) === null || _a === void 0 ? void 0 : _a.token;
|
|
96
96
|
if (!token)
|
|
97
97
|
return undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-user-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-user-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0DAAsD;AACtD,0EAAgG;AAGhG,4DAAwE;AACxE,mCAA2E;AAE3E,+DAAuD;AACvD,4CAAwC;AACxC,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B,MAAa,WAAY,SAAQ,uBAAU;IAIzC,YACE,IAAY,EACZ,OAAkC,EAClC,yBAAiD,IAAI,iDAAwB,EAAE,EAC9D,OAAmB,EACpC,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAPtC,YAAO,GAAP,OAAO,CAAY;QAQpC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,cAAc,CAAC,cAAuB,KAAK;;QACzC,IAAI,WAAW;YAAE,OAAO,CAAC,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC,CAAA;;YACpE,OAAO,MAAA,IAAI,CAAC,iBAAiB,mCAAI,CAAC,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC,CAAA;IACzF,CAAC;IAEK,UAAU,CAAC,IAAW;;;;;;YAC1B,+FAA+F;YAC/F,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;YAC3B,IAAI,IAAI,CAAC,iBAAiB,IAAI,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,MAAK,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,EAAE,CAAA,EAAE;
|
|
1
|
+
{"version":3,"file":"icc-user-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-user-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0DAAsD;AACtD,0EAAgG;AAGhG,4DAAwE;AACxE,mCAA2E;AAE3E,+DAAuD;AACvD,4CAAwC;AACxC,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B,MAAa,WAAY,SAAQ,uBAAU;IAIzC,YACE,IAAY,EACZ,OAAkC,EAClC,yBAAiD,IAAI,iDAAwB,EAAE,EAC9D,OAAmB,EACpC,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAPtC,YAAO,GAAP,OAAO,CAAY;QAQpC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,cAAc,CAAC,cAAuB,KAAK;;QACzC,IAAI,WAAW;YAAE,OAAO,CAAC,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC,CAAA;;YACpE,OAAO,MAAA,IAAI,CAAC,iBAAiB,mCAAI,CAAC,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAC,cAAc,EAAE,CAAC,CAAA;IACzF,CAAC;IAEK,UAAU,CAAC,IAAW;;;;;;YAC1B,+FAA+F;YAC/F,MAAM,IAAI,CAAC,cAAc,EAAE,CAAA;YAC3B,IAAI,IAAI,CAAC,iBAAiB,IAAI,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,MAAK,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,EAAE,CAAA,EAAE,CAAC;gBAC7E,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,MAAM,OAAM,UAAU,YAAC,IAAI,EAAE,KAAK,CAAC,CAAO,CAAC,EAAE,EAAE;wBAClE,OAAO;wBACP,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;4BACzB,IAAI,QAAQ,GAAG,MAAM,OAAM,cAAc,WAAE,CAAA;4BAC3C,IAAI,IAAA,+BAAY,EAAC,CAAC,MAAM,IAAI,CAAC,iBAAiB,CAAE,EAAE,QAAQ,EAAE,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gCAC7F,OAAO,MAAM,OAAM,UAAU,4CAAM,IAAI,KAAE,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,oBAAoB,EAAE,QAAQ,CAAC,oBAAoB,IAAG,CAAA;4BACpH,CAAC;wBACH,CAAC;wBACD,MAAM,CAAC,CAAA;oBACT,CAAC,CAAA,CAAC,CAAA;oBACF,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,CAAA;oBACtD,OAAO,YAAY,CAAA;gBACrB,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAA;oBAClC,MAAM,CAAC,CAAA;gBACT,CAAC;YACH,CAAC;;gBAAM,OAAO,OAAM,UAAU,YAAC,IAAI,EAAC;QACtC,CAAC;KAAA;IAEK,qBAAqB;6DACzB,UAA8C,EAC9C,MAAwC,EACxC,UAAyC,EACzC,UAA+B,EAAE;YAEjC,MAAM,EAAE,GAAG,MAAM,IAAA,+BAAuB,EAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YAClH,OAAO,IAAI,2BAAc,CAAC,EAAE,CAAC,CAAA;QAC/B,CAAC;KAAA;IAEK,aAAa,CAAC,QAAgB;;;YAClC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,0BAA0B,EAAE,CAAA;YACxD,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;gBACzB,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAA;gBACnG,IAAI,CAAC;oBACH,OAAO,MAAA,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,UAAU,mCAAI,KAAK,CAAA;gBACtG,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,OAAO,CAAC,YAAY,QAAQ,IAAI,CAAC,CAAC,UAAU,IAAI,GAAG,CAAA;gBACrD,CAAC;YACH,CAAC;YACD,MAAM,KAAK,CAAC,+CAA+C,CAAC,CAAA;QAC9D,CAAC;KAAA;IAEa,0BAA0B;;;YACtC,MAAM,KAAK,GAAG,MAAA,CAAC,MAAM,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC,0CAAE,KAAK,CAAA;YACzE,IAAI,CAAC,KAAK;gBAAE,OAAO,SAAS,CAAA;YAC5B,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACnC,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC;gBAAE,OAAO,SAAS,CAAA;YAC5C,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,IAAA,WAAG,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;gBACtC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;gBAC5C,IAAI,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxB,OAAO,EAAE,OAAO,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,CAAA;gBAClE,CAAC;;oBAAM,OAAO,SAAS,CAAA;YACzB,CAAC;YAAC,WAAM,CAAC;gBACP,OAAO,SAAS,CAAA;YAClB,CAAC;QACH,CAAC;KAAA;CACF;AAvFD,kCAuFC","sourcesContent":["import { IccUserApi } from '../icc-api/api/IccUserApi'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { AbstractFilter } from './filters/filters'\nimport { User } from '../icc-api/model/User'\nimport { Connection, ConnectionImpl } from '../icc-api/model/Connection'\nimport { a2b, subscribeToEntityEvents, SubscriptionOptions } from './utils'\nimport { IccAuthApi } from '../icc-api'\nimport { objectEquals } from './utils/collection-utils'\nimport { XHR } from '../icc-api/api/XHR'\nimport XHRError = XHR.XHRError\n\nexport class IccUserXApi extends IccUserApi {\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n private cachedCurrentUser: Promise<User> | undefined\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n private readonly authApi: IccAuthApi,\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.fetchImpl = fetchImpl\n }\n\n getCurrentUser(bypassCache: boolean = false): Promise<User> {\n if (bypassCache) return (this.cachedCurrentUser = super.getCurrentUser())\n else return this.cachedCurrentUser ?? (this.cachedCurrentUser = super.getCurrentUser())\n }\n\n async modifyUser(body?: User): Promise<User> {\n //If we do not load the current user, we cannot know if the modification is on the current user\n await this.getCurrentUser()\n if (this.cachedCurrentUser && (await this.cachedCurrentUser).id === body?.id) {\n try {\n const modifiedUser = await super.modifyUser(body).catch(async (e) => {\n //It is\n if (e.statusCode === 409) {\n let userInDb = await super.getCurrentUser()\n if (objectEquals((await this.cachedCurrentUser)!, userInDb, ['authenticationTokens', 'rev'])) {\n return await super.modifyUser({ ...body, rev: userInDb.rev, authenticationTokens: userInDb.authenticationTokens })\n }\n }\n throw e\n })\n this.cachedCurrentUser = Promise.resolve(modifiedUser)\n return modifiedUser\n } catch (e) {\n this.cachedCurrentUser = undefined\n throw e\n }\n } else return super.modifyUser(body)\n }\n\n async subscribeToUserEvents(\n eventTypes: ('CREATE' | 'UPDATE' | 'DELETE')[],\n filter: AbstractFilter<User> | undefined,\n eventFired: (user: User) => Promise<void>,\n options: SubscriptionOptions = {}\n ): Promise<Connection> {\n const rs = await subscribeToEntityEvents(this.host, this.authApi, 'User', eventTypes, filter, eventFired, options)\n return new ConnectionImpl(rs)\n }\n\n async checkPassword(password: string): Promise<boolean> {\n const userInfo = await this.getGroupAndUserIdFromToken()\n if (!!userInfo) {\n console.log(this.authApi)\n const loginUserId = !!userInfo.groupId ? `${userInfo.groupId}/${userInfo.userId}` : userInfo.userId\n try {\n return (await this.authApi.login({ username: loginUserId, password: password })).successful ?? false\n } catch (e) {\n return e instanceof XHRError && e.statusCode == 417\n }\n }\n throw Error('Could not get current group and user from jwt')\n }\n\n private async getGroupAndUserIdFromToken(): Promise<{ groupId: string | undefined; userId: string } | undefined> {\n const token = (await this.authenticationProvider.getIcureTokens())?.token\n if (!token) return undefined\n const splitToken = token.split('.')\n if (splitToken.length != 3) return undefined\n try {\n const tokenString = a2b(splitToken[1])\n const parsedClaims = JSON.parse(tokenString)\n if (!!parsedClaims['u']) {\n return { groupId: parsedClaims['g'], userId: parsedClaims['u'] }\n } else return undefined\n } catch {\n return undefined\n }\n }\n}\n"]}
|