@icure/api 8.2.7 → 8.2.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-x-api/icc-accesslog-x-api.d.ts +5 -2
- package/icc-x-api/icc-accesslog-x-api.js +9 -4
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.d.ts +3 -2
- package/icc-x-api/icc-classification-x-api.js +5 -3
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.d.ts +2 -5
- package/icc-x-api/icc-contact-x-api.js +3 -6
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.d.ts +3 -2
- package/icc-x-api/icc-document-x-api.js +5 -3
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.d.ts +3 -2
- package/icc-x-api/icc-form-x-api.js +5 -3
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.d.ts +2 -5
- package/icc-x-api/icc-helement-x-api.js +3 -6
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.d.ts +3 -2
- package/icc-x-api/icc-invoice-x-api.js +5 -3
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.d.ts +2 -0
- package/icc-x-api/icc-maintenance-task-x-api.js +2 -1
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.d.ts +2 -0
- package/icc-x-api/icc-patient-x-api.js +4 -1
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.d.ts +2 -0
- package/icc-x-api/icc-receipt-x-api.js +4 -1
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-time-table-x-api.d.ts +2 -1
- package/icc-x-api/icc-time-table-x-api.js +4 -1
- package/icc-x-api/icc-time-table-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.d.ts +3 -2
- package/icc-x-api/icc-topic-x-api.js +3 -3
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/package.json +1 -1
|
@@ -32,8 +32,8 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
|
|
|
32
32
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
33
33
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
34
34
|
* auto-delegations, in such case the access level specified here will be used.
|
|
35
|
-
* -
|
|
36
|
-
*
|
|
35
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
36
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
37
37
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
38
38
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
39
39
|
* @return a new instance of access log.
|
|
@@ -43,6 +43,7 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
|
|
|
43
43
|
[dataOwnerId: string]: AccessLevelEnum;
|
|
44
44
|
};
|
|
45
45
|
sfkOption?: SecretIdUseOption;
|
|
46
|
+
ignoreAutoDelegations?: boolean;
|
|
46
47
|
alternateRootDelegation?: string;
|
|
47
48
|
}): Promise<models.AccessLog>;
|
|
48
49
|
/**
|
|
@@ -54,6 +55,7 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
|
|
|
54
55
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
55
56
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
56
57
|
* auto-delegations, in such case the access level specified here will be used.
|
|
58
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
57
59
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
58
60
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
59
61
|
* @return a new instance of access log.
|
|
@@ -62,6 +64,7 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
|
|
|
62
64
|
additionalDelegates?: {
|
|
63
65
|
[dataOwnerId: string]: AccessLevelEnum;
|
|
64
66
|
};
|
|
67
|
+
ignoreAutoDelegations?: boolean;
|
|
65
68
|
alternateRootDelegation?: string;
|
|
66
69
|
}): Promise<models.AccessLog>;
|
|
67
70
|
/**
|
|
@@ -43,8 +43,8 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
43
43
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
44
44
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
45
45
|
* auto-delegations, in such case the access level specified here will be used.
|
|
46
|
-
* -
|
|
47
|
-
*
|
|
46
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
47
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
48
48
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
49
49
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
50
50
|
* @return a new instance of access log.
|
|
@@ -58,7 +58,9 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
58
58
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
59
59
|
throw new Error('Can only initialise entities as current data owner.');
|
|
60
60
|
const sfk = yield this.crypto.xapi.resolveSecretIdUseOptions({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, (_l = options.sfkOption) !== null && _l !== void 0 ? _l : SecretIdUseOption_1.SecretIdUseOption.UseAnySharedWithParent);
|
|
61
|
-
const extraDelegations = Object.assign(Object.assign({},
|
|
61
|
+
const extraDelegations = Object.assign(Object.assign({}, (options.ignoreAutoDelegations == true
|
|
62
|
+
? {}
|
|
63
|
+
: Object.fromEntries([...((_o = (_m = user.autoDelegations) === null || _m === void 0 ? void 0 : _m.all) !== null && _o !== void 0 ? _o : []), ...((_q = (_p = user.autoDelegations) === null || _p === void 0 ? void 0 : _p.administrativeData) !== null && _q !== void 0 ? _q : [])].map((x) => [x, AccessLevelEnum.WRITE])))), ((_r = options.additionalDelegates) !== null && _r !== void 0 ? _r : {}));
|
|
62
64
|
return new models_1.AccessLog(yield this.crypto.xapi
|
|
63
65
|
.entityWithInitialisedEncryptedMetadata(accessLog, utils_1.EntityWithDelegationTypeName.AccessLog, patient.id, sfk, true, extraDelegations, options.alternateRootDelegation)
|
|
64
66
|
.then((x) => x.updatedEntity));
|
|
@@ -73,6 +75,7 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
73
75
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
74
76
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
75
77
|
* auto-delegations, in such case the access level specified here will be used.
|
|
78
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
76
79
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
77
80
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
78
81
|
* @return a new instance of access log.
|
|
@@ -85,7 +88,9 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
|
|
|
85
88
|
const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user);
|
|
86
89
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
87
90
|
throw new Error('Can only initialise entities as current data owner.');
|
|
88
|
-
const extraDelegations = Object.assign(Object.assign({},
|
|
91
|
+
const extraDelegations = Object.assign(Object.assign({}, (options.ignoreAutoDelegations == true
|
|
92
|
+
? {}
|
|
93
|
+
: Object.fromEntries([...((_m = (_l = user.autoDelegations) === null || _l === void 0 ? void 0 : _l.all) !== null && _m !== void 0 ? _m : []), ...((_p = (_o = user.autoDelegations) === null || _o === void 0 ? void 0 : _o.administrativeData) !== null && _p !== void 0 ? _p : [])].map((x) => [x, AccessLevelEnum.WRITE])))), ((_q = options.additionalDelegates) !== null && _q !== void 0 ? _q : {}));
|
|
89
94
|
return new models_1.AccessLog(yield this.crypto.xapi
|
|
90
95
|
.entityWithInitialisedEncryptedMetadata(accessLog, utils_1.EntityWithDelegationTypeName.AccessLog, undefined, undefined, true, extraDelegations, options.alternateRootDelegation)
|
|
91
96
|
.then((x) => x.updatedEntity));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAAsF;AACtF,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AAKpE,mCAAqG;AAErG,kEAA8D;AAC9D,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAGzD,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAII,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,oBAAoB;6DACxB,IAAiB,EACjB,CAAM,EACN,UAGI,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,YAAY,GAC1C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IACG,MAAM;6DAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;OAGG;IACG,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC/G,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;OAEG;IACG,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED;;OAEG;IACH,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,OAAO,CAAC,KAAa,EAAE,UAAmC;;YAC9D,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CACvI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAED,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEa,SAAS,CAAC,SAAiB,EAAE,UAAmC;;YAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,UAAU,EACV,oCAA4B,CAAC,SAAS,EACtC,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAC9B,CAAA;QACH,CAAC;KAAA;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAEK,aAAa,CAAC,GAAc;;YAChC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED,qBAAqB,CAAC,IAAiB,EAAE,GAAc;QACrD,OAAO,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,UAAU,CAAC,CAAC,CAAA;IAC3H,CAAC;IAED,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAEK,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAC3H,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,SAAoB,EACpB,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,SAAoB,EACpB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAOC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AAtdD,4CAsdC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, ListOfIds, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.AccessLog))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the access log. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n ),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n patient.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstanceNoPatient(\n user: models.User,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_LOGIN',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n ),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all access logs with (allSecretForeignKeysDelimitedByComma, hcpartyId)\n *\n * After these painful steps, you have the access logs of the patient.\n *\n * @deprecated use {@link findIdsBy} instead\n * @param hcpartyId\n * @param patient (Promise)\n * @param usingPost\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n /**\n * Same as `findBy` but it will only return the ids of the access logs. It can also filter the access logs where AccessLog.date is between\n * startDate and endDate in ascending or descending order by that field. (default: ascending).\n */\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean): Promise<string[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n return extractedKeys && extractedKeys.length > 0\n ? this.findAccessLogIdsByDataOwnerPatientDate(hcpartyId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n async decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return (await this.crypto.xapi.tryDecryptEntities(accessLogs, EntityWithDelegationTypeName.AccessLog, (json) => new AccessLog(json))).map(\n ({ entity }) => entity\n )\n }\n\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private async encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return this.crypto.xapi.tryEncryptEntities(\n accessLogs,\n EntityWithDelegationTypeName.AccessLog,\n this.encryptedFields,\n false,\n false,\n (json) => new AccessLog(json)\n )\n }\n\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n async getAccessLogs(ids: ListOfIds): Promise<AccessLog[]> {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogsWithUser(user: models.User, ids: ListOfIds): Promise<AccessLog[]> {\n return super.getAccessLogs(ids).then((accessLogs) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLogs))\n }\n\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretId?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, EntityWithDelegationTypeName.AccessLog)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.AccessLog,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.AccessLog },\n delegates\n )\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAAsF;AACtF,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AAKpE,mCAAqG;AAErG,kEAA8D;AAC9D,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAGzD,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAKI,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,oBAAoB;6DACxB,IAAiB,EACjB,CAAM,EACN,UAII,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,YAAY,GAC1C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IACG,MAAM;6DAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;OAGG;IACG,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC/G,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;OAEG;IACG,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED;;OAEG;IACH,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,OAAO,CAAC,KAAa,EAAE,UAAmC;;YAC9D,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CACvI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAED,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEa,SAAS,CAAC,SAAiB,EAAE,UAAmC;;YAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,UAAU,EACV,oCAA4B,CAAC,SAAS,EACtC,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAC9B,CAAA;QACH,CAAC;KAAA;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAEK,aAAa,CAAC,GAAc;;YAChC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED,qBAAqB,CAAC,IAAiB,EAAE,GAAc;QACrD,OAAO,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,UAAU,CAAC,CAAC,CAAA;IAC3H,CAAC;IAED,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAEK,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAC3H,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,SAAoB,EACpB,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,SAAoB,EACpB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAOC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA7dD,4CA6dC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, ListOfIds, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.AccessLog))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - sfkOption: specifies which sfk of the owning entity to use.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n patient.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstanceNoPatient(\n user: models.User,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_LOGIN',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all access logs with (allSecretForeignKeysDelimitedByComma, hcpartyId)\n *\n * After these painful steps, you have the access logs of the patient.\n *\n * @deprecated use {@link findIdsBy} instead\n * @param hcpartyId\n * @param patient (Promise)\n * @param usingPost\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n /**\n * Same as `findBy` but it will only return the ids of the access logs. It can also filter the access logs where AccessLog.date is between\n * startDate and endDate in ascending or descending order by that field. (default: ascending).\n */\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean): Promise<string[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n return extractedKeys && extractedKeys.length > 0\n ? this.findAccessLogIdsByDataOwnerPatientDate(hcpartyId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n async decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return (await this.crypto.xapi.tryDecryptEntities(accessLogs, EntityWithDelegationTypeName.AccessLog, (json) => new AccessLog(json))).map(\n ({ entity }) => entity\n )\n }\n\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private async encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return this.crypto.xapi.tryEncryptEntities(\n accessLogs,\n EntityWithDelegationTypeName.AccessLog,\n this.encryptedFields,\n false,\n false,\n (json) => new AccessLog(json)\n )\n }\n\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n async getAccessLogs(ids: ListOfIds): Promise<AccessLog[]> {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogsWithUser(user: models.User, ids: ListOfIds): Promise<AccessLog[]> {\n return super.getAccessLogs(ids).then((accessLogs) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLogs))\n }\n\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretId?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, EntityWithDelegationTypeName.AccessLog)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.AccessLog,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.AccessLog },\n delegates\n )\n }\n}\n"]}
|
|
@@ -30,8 +30,8 @@ export declare class IccClassificationXApi extends IccClassificationApi implemen
|
|
|
30
30
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
31
31
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
32
32
|
* auto-delegations, in such case the access level specified here will be used.
|
|
33
|
-
* -
|
|
34
|
-
*
|
|
33
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
34
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
35
35
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
36
36
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
37
37
|
* @return a new instance of classification.
|
|
@@ -41,6 +41,7 @@ export declare class IccClassificationXApi extends IccClassificationApi implemen
|
|
|
41
41
|
[dataOwnerId: string]: AccessLevelEnum;
|
|
42
42
|
};
|
|
43
43
|
sfkOption?: SecretIdUseOption;
|
|
44
|
+
ignoreAutoDelegations?: boolean;
|
|
44
45
|
alternateRootDelegation?: string;
|
|
45
46
|
}): Promise<models.Classification>;
|
|
46
47
|
/**
|
|
@@ -43,8 +43,8 @@ class IccClassificationXApi extends icc_api_1.IccClassificationApi {
|
|
|
43
43
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
44
44
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
45
45
|
* auto-delegations, in such case the access level specified here will be used.
|
|
46
|
-
* -
|
|
47
|
-
*
|
|
46
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
47
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
48
48
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
49
49
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
50
50
|
* @return a new instance of classification.
|
|
@@ -57,7 +57,9 @@ class IccClassificationXApi extends icc_api_1.IccClassificationApi {
|
|
|
57
57
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
58
58
|
throw new Error('Can only initialise entities as current data owner.');
|
|
59
59
|
const sfk = yield this.crypto.xapi.resolveSecretIdUseOptions({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, (_k = options.sfkOption) !== null && _k !== void 0 ? _k : SecretIdUseOption_1.SecretIdUseOption.UseAnySharedWithParent);
|
|
60
|
-
const extraDelegations = Object.assign(Object.assign({},
|
|
60
|
+
const extraDelegations = Object.assign(Object.assign({}, (options.ignoreAutoDelegations == true
|
|
61
|
+
? {}
|
|
62
|
+
: Object.fromEntries([...((_m = (_l = user.autoDelegations) === null || _l === void 0 ? void 0 : _l.all) !== null && _m !== void 0 ? _m : []), ...((_p = (_o = user.autoDelegations) === null || _o === void 0 ? void 0 : _o.medicalInformation) !== null && _p !== void 0 ? _p : [])].map((d) => [d, AccessLevelEnum.WRITE])))), ((_q = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _q !== void 0 ? _q : {}));
|
|
61
63
|
return new models.Classification(yield this.crypto.xapi
|
|
62
64
|
.entityWithInitialisedEncryptedMetadata(classification, utils_1.EntityWithDelegationTypeName.Classification, patient === null || patient === void 0 ? void 0 : patient.id, sfk, true, extraDelegations, options.alternateRootDelegation)
|
|
63
65
|
.then((x) => x.updatedEntity));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"icc-classification-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-classification-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAiD;AAGjD,kDAAiD;AAEjD,4BAA2B;AAC3B,iCAAgC;AAEhC,0EAAgG;AAChG,wEAAoE;AAIpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AACtD,kEAA8D;AAE9D,MAAa,qBAAsB,SAAQ,8BAAoB;IAI7D,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,cAAc,CAAC,CAAC,CAAA;IACpJ,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QARtC,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,IAAS,EAAE,EACX,UAII,EAAE;;YAEN,MAAM,cAAc,mCACf,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,0CAA0C,EACjD,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,eAAe,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,eAAe,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAC1E,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAC3E,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,MAAM,CAAC,WAAW,CACnB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,GACE,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,cAAc,CAC9B,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,cAAc,EACd,oCAA4B,CAAC,cAAc,EAC3C,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EACX,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACG,MAAM,CAAC,SAAiB,EAAE,OAAuB;;YACrD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,8CAA8C,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACvG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,8CAA8C,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC7H,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,cAAqC;;YAC5D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,cAAqC;;YACxD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,CAAC,CAAA;QACvH,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,cAAqC,EACrC,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACtE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,cAAqC,EACrC,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACtF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,cAAqC,EACrC,SAOC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CACpF,cAAc,EACd,oCAA4B,CAAC,cAAc,CAC5C,CAAA;YACD,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,cAAc,CAAA;YACzH,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,cAAc;aAClD,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,CACxC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAA6B;QAE7B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,CAAC,CAAA;IACxI,CAAC;IAED,mBAAmB,CAAC,MAA6B;QAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IACpH,CAAC;IAED,uCAAuC,CAAC,MAA6B,EAAE,SAAmB;QACxF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAC7D,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA5PD,sDA4PC","sourcesContent":["import { IccClassificationApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as models from '../icc-api/model/models'\n\nimport * as _ from 'lodash'\nimport * as moment from 'moment'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { EntityWithDelegationTypeName } from './utils'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\n\nexport class IccClassificationXApi extends IccClassificationApi implements EncryptedEntityXApi<models.Classification> {\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Classification))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of classification with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this classification refers to.\n * @param c initialised data for the classification. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the classification. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of classification.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n c: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n alternateRootDelegation?: string\n } = {}\n ): Promise<models.Classification> {\n const classification = {\n ...(c ?? {}),\n _type: 'org.taktik.icure.entities.Classification',\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n healthElementId: c?.healthElementId ?? this.crypto.primitives.randomUuid(),\n openingDate: c?.openingDate ?? parseInt(moment().format('YYYYMMDDHHmmss')),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n ),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Classification(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n classification,\n EntityWithDelegationTypeName.Classification,\n patient?.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @deprecated use {@link findIdsBy} instead.\n */\n async findBy(hcpartyId: string, patient: models.Patient) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? this.findClassificationsByHCPartyPatientForeignKeys(topmostParentId, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? this.findClassificationIdsByDataOwnerPatientCreated(topmostParentId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @param classification a classification\n * @return the id of the patient that the classification refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(classification: models.Classification): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: classification, type: EntityWithDelegationTypeName.Classification }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given classification\n */\n async hasWriteAccess(classification: models.Classification): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: classification, type: EntityWithDelegationTypeName.Classification })\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the classification.\n * @param classification the classification to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n classification: models.Classification,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Classification> {\n return this.shareWithMany(classification, { [delegateId]: options })\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param classification the classification to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n classification: models.Classification,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Classification> {\n return (await this.tryShareWithMany(classification, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param classification the classification to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n classification: models.Classification,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Classification>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(\n classification,\n EntityWithDelegationTypeName.Classification\n )\n const updatedEntity = entityWithEncryptionKey ? await this.modifyClassification(entityWithEncryptionKey) : classification\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Classification,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareClassifications(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Classification\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Classification })\n }\n\n getEncryptionKeysOf(entity: models.Classification): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Classification }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Classification, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.Classification },\n delegates\n )\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"icc-classification-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-classification-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAAiD;AAGjD,kDAAiD;AAEjD,4BAA2B;AAC3B,iCAAgC;AAEhC,0EAAgG;AAChG,wEAAoE;AAIpE,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAIzD,mCAAsD;AACtD,kEAA8D;AAE9D,MAAa,qBAAsB,SAAQ,8BAAoB;IAI7D,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,cAAc,CAAC,CAAC,CAAA;IACpJ,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QARtC,mBAAc,GAAd,cAAc,CAAS;QASxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,IAAS,EAAE,EACX,UAKI,EAAE;;YAEN,MAAM,cAAc,mCACf,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,0CAA0C,EACjD,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3G,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,eAAe,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,eAAe,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAC1E,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,QAAQ,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,GAC3E,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC,CACxC,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,cAAc,CAC9B,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,cAAc,EACd,oCAA4B,CAAC,cAAc,EAC3C,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EACX,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACG,MAAM,CAAC,SAAiB,EAAE,OAAuB;;YACrD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,8CAA8C,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACvG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAEK,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,8CAA8C,CAAC,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC7H,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;;OAIG;IACG,kBAAkB,CAAC,cAAqC;;YAC5D,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;QACrI,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,cAAqC;;YACxD,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,CAAC,CAAA;QACvH,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,cAAqC,EACrC,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACtE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,cAAqC,EACrC,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACtF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,cAAqC,EACrC,SAOC;;YAED,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CACpF,cAAc,EACd,oCAA4B,CAAC,cAAc,CAC5C,CAAA;YACD,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,cAAc,CAAA;YACzH,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAChE;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,cAAc;aAClD,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC,CACxC,CAAA;QACH,CAAC;KAAA;IAED,yBAAyB,CACvB,MAA6B;QAE7B,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,CAAC,CAAA;IACxI,CAAC;IAED,mBAAmB,CAAC,MAA6B;QAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAAE,SAAS,CAAC,CAAA;IACpH,CAAC;IAED,uCAAuC,CAAC,MAA6B,EAAE,SAAmB;QACxF,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,cAAc,EAAE,EAC7D,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA/PD,sDA+PC","sourcesContent":["import { IccClassificationApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as models from '../icc-api/model/models'\n\nimport * as _ from 'lodash'\nimport * as moment from 'moment'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { ShareResult } from './utils/ShareResult'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { EntityWithDelegationTypeName } from './utils'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\n\nexport class IccClassificationXApi extends IccClassificationApi implements EncryptedEntityXApi<models.Classification> {\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.Classification))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n /**\n * Creates a new instance of classification with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this classification refers to.\n * @param c initialised data for the classification. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - sfkOption: specifies which sfk of the owning entity to use.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of classification.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n c: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ): Promise<models.Classification> {\n const classification = {\n ...(c ?? {}),\n _type: 'org.taktik.icure.entities.Classification',\n id: c?.id ?? this.crypto.primitives.randomUuid(),\n created: c?.created ?? new Date().getTime(),\n modified: c?.modified ?? new Date().getTime(),\n responsible: c?.responsible ?? (this.autofillAuthor ? this.dataOwnerApi.getDataOwnerIdOf(user) : undefined),\n author: c?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: c?.codes ?? [],\n tags: c?.tags ?? [],\n healthElementId: c?.healthElementId ?? this.crypto.primitives.randomUuid(),\n openingDate: c?.openingDate ?? parseInt(moment().format('YYYYMMDDHHmmss')),\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.medicalInformation ?? [])].map((d) => [d, AccessLevelEnum.WRITE])\n )),\n ...(options?.additionalDelegates ?? {}),\n }\n return new models.Classification(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n classification,\n EntityWithDelegationTypeName.Classification,\n patient?.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @deprecated use {@link findIdsBy} instead.\n */\n async findBy(hcpartyId: string, patient: models.Patient) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? this.findClassificationsByHCPartyPatientForeignKeys(topmostParentId, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean) {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? this.findClassificationIdsByDataOwnerPatientCreated(topmostParentId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @param classification a classification\n * @return the id of the patient that the classification refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(classification: models.Classification): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: classification, type: EntityWithDelegationTypeName.Classification }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given classification\n */\n async hasWriteAccess(classification: models.Classification): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: classification, type: EntityWithDelegationTypeName.Classification })\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the classification.\n * @param classification the classification to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n classification: models.Classification,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Classification> {\n return this.shareWithMany(classification, { [delegateId]: options })\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param classification the classification to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n classification: models.Classification,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<models.Classification> {\n return (await this.tryShareWithMany(classification, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing classification with other data owners, allowing them to access the non-encrypted data of the classification and optionally also\n * the encrypted content, with read-only or read-write permissions.\n * @param classification the classification to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * classification does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this classification refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n classification: models.Classification,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<models.Classification>> {\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(\n classification,\n EntityWithDelegationTypeName.Classification\n )\n const updatedEntity = entityWithEncryptionKey ? await this.modifyClassification(entityWithEncryptionKey) : classification\n return this.crypto.xapi.simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.Classification,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareClassifications(x)\n )\n }\n\n getDataOwnersWithAccessTo(\n entity: models.Classification\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.Classification })\n }\n\n getEncryptionKeysOf(entity: models.Classification): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.Classification }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: models.Classification, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.Classification },\n delegates\n )\n }\n}\n"]}
|
|
@@ -42,11 +42,8 @@ export declare class IccContactXApi extends IccContactApi implements EncryptedEn
|
|
|
42
42
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
43
43
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
44
44
|
* auto-delegations, in such case the access level specified here will be used.
|
|
45
|
-
* -
|
|
46
|
-
*
|
|
47
|
-
* the data owner did not share with any of his parents.
|
|
48
|
-
* - confidential: if true, the entity will be created as confidential. Confidential entities are not shared with auto-delegations, and the default
|
|
49
|
-
* foreign key used is any key that is not shared with any of the data owner parents. By default entities are created as non-confidential.
|
|
45
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
46
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
50
47
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
51
48
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
52
49
|
* @return a new instance of contact.
|
|
@@ -67,11 +67,8 @@ class IccContactXApi extends icc_api_1.IccContactApi {
|
|
|
67
67
|
* - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the
|
|
68
68
|
* auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with
|
|
69
69
|
* auto-delegations, in such case the access level specified here will be used.
|
|
70
|
-
* -
|
|
71
|
-
*
|
|
72
|
-
* the data owner did not share with any of his parents.
|
|
73
|
-
* - confidential: if true, the entity will be created as confidential. Confidential entities are not shared with auto-delegations, and the default
|
|
74
|
-
* foreign key used is any key that is not shared with any of the data owner parents. By default entities are created as non-confidential.
|
|
70
|
+
* - sfkOption: specifies which sfk of the owning entity to use.
|
|
71
|
+
* - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates
|
|
75
72
|
* - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,
|
|
76
73
|
* and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.
|
|
77
74
|
* @return a new instance of contact.
|
|
@@ -84,7 +81,7 @@ class IccContactXApi extends icc_api_1.IccContactApi {
|
|
|
84
81
|
if (ownerId !== (yield this.dataOwnerApi.getCurrentDataOwnerId()))
|
|
85
82
|
throw new Error('Can only initialise entities as current data owner.');
|
|
86
83
|
const sfk = yield this.crypto.xapi.resolveSecretIdUseOptions({ entity: patient, type: utils_1.EntityWithDelegationTypeName.Patient }, (_m = options.sfkOption) !== null && _m !== void 0 ? _m : SecretIdUseOption_1.SecretIdUseOption.UseAnySharedWithParent);
|
|
87
|
-
const extraDelegations = Object.assign(Object.assign({}, (options.ignoreAutoDelegations
|
|
84
|
+
const extraDelegations = Object.assign(Object.assign({}, (options.ignoreAutoDelegations == true
|
|
88
85
|
? {}
|
|
89
86
|
: Object.fromEntries([...((_p = (_o = user.autoDelegations) === null || _o === void 0 ? void 0 : _o.all) !== null && _p !== void 0 ? _p : []), ...((_r = (_q = user.autoDelegations) === null || _q === void 0 ? void 0 : _q.medicalInformation) !== null && _r !== void 0 ? _r : [])].map((d) => [d, AccessLevelEnum.WRITE])))), ((_s = options === null || options === void 0 ? void 0 : options.additionalDelegates) !== null && _s !== void 0 ? _s : {}));
|
|
90
87
|
const initialisationInfo = yield this.crypto.xapi.entityWithInitialisedEncryptedMetadata(contact, utils_1.EntityWithDelegationTypeName.Contact, patient.id, sfk, true, extraDelegations, options.alternateRootDelegation);
|