@icure/api 8.6.18 → 8.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccDocumentApi.d.ts +10 -2
- package/icc-api/api/IccDocumentApi.js +22 -4
- package/icc-api/api/IccDocumentApi.js.map +1 -1
- package/icc-api/api/IccReceiptApi.d.ts +17 -0
- package/icc-api/api/IccReceiptApi.js +52 -0
- package/icc-api/api/IccReceiptApi.js.map +1 -1
- package/icc-api/model/DataAttachment.d.ts +22 -0
- package/icc-api/model/DataAttachment.js.map +1 -1
- package/icc-api/model/Document.d.ts +6 -0
- package/icc-api/model/Document.js.map +1 -1
- package/icc-api/model/Receipt.d.ts +6 -0
- package/icc-api/model/Receipt.js.map +1 -1
- package/icc-x-api/crypto/BaseExchangeDataManager.js +2 -2
- package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/ExchangeDataManager.js +3 -3
- package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtils.d.ts +1 -1
- package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +8 -2
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
- package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -1
- package/icc-x-api/icc-accesslog-x-api.js +7 -7
- package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
- package/icc-x-api/icc-calendar-item-x-api.js +7 -7
- package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
- package/icc-x-api/icc-classification-x-api.js +4 -5
- package/icc-x-api/icc-classification-x-api.js.map +1 -1
- package/icc-x-api/icc-code-x-api.d.ts +2 -2
- package/icc-x-api/icc-code-x-api.js +3 -33
- package/icc-x-api/icc-code-x-api.js.map +1 -1
- package/icc-x-api/icc-contact-x-api.js +20 -33
- package/icc-x-api/icc-contact-x-api.js.map +1 -1
- package/icc-x-api/icc-doctemplate-x-api.js.map +1 -1
- package/icc-x-api/icc-document-x-api.d.ts +8 -7
- package/icc-x-api/icc-document-x-api.js +64 -22
- package/icc-x-api/icc-document-x-api.js.map +1 -1
- package/icc-x-api/icc-form-x-api.js +3 -4
- package/icc-x-api/icc-form-x-api.js.map +1 -1
- package/icc-x-api/icc-helement-x-api.js +11 -11
- package/icc-x-api/icc-helement-x-api.js.map +1 -1
- package/icc-x-api/icc-invoice-x-api.js +3 -4
- package/icc-x-api/icc-invoice-x-api.js.map +1 -1
- package/icc-x-api/icc-maintenance-task-x-api.js +3 -3
- package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
- package/icc-x-api/icc-patient-x-api.js +29 -29
- package/icc-x-api/icc-patient-x-api.js.map +1 -1
- package/icc-x-api/icc-receipt-x-api.d.ts +40 -0
- package/icc-x-api/icc-receipt-x-api.js +79 -1
- package/icc-x-api/icc-receipt-x-api.js.map +1 -1
- package/icc-x-api/icc-topic-x-api.js.map +1 -1
- package/icc-x-api/index.js +1 -1
- package/icc-x-api/index.js.map +1 -1
- package/icc-x-api/utils/code-util.d.ts +23 -0
- package/icc-x-api/utils/code-util.js +39 -2
- package/icc-x-api/utils/code-util.js.map +1 -1
- package/icc-x-api/utils/collection-utils.d.ts +13 -0
- package/icc-x-api/utils/collection-utils.js +69 -0
- package/icc-x-api/utils/collection-utils.js.map +1 -1
- package/icc-x-api/utils/compression-utils.d.ts +28 -0
- package/icc-x-api/utils/compression-utils.js +106 -0
- package/icc-x-api/utils/compression-utils.js.map +1 -0
- package/icc-x-api/utils/crypto-utils.js +7 -7
- package/icc-x-api/utils/crypto-utils.js.map +1 -1
- package/icc-x-api/utils/formatting-util.d.ts +1 -3
- package/icc-x-api/utils/formatting-util.js +15 -17
- package/icc-x-api/utils/formatting-util.js.map +1 -1
- package/icc-x-api/utils/hcp-util.js +2 -3
- package/icc-x-api/utils/hcp-util.js.map +1 -1
- package/icc-x-api/utils/insurability-util.js +10 -8
- package/icc-x-api/utils/insurability-util.js.map +1 -1
- package/icc-x-api/utils/lzma-wasm.d.ts +6 -0
- package/icc-x-api/utils/lzma-wasm.js +81 -0
- package/icc-x-api/utils/lzma-wasm.js.map +1 -0
- package/icc-x-api/utils/mutex.d.ts +12 -0
- package/icc-x-api/utils/mutex.js +26 -0
- package/icc-x-api/utils/mutex.js.map +1 -0
- package/icc-x-api/utils/websocket.js +7 -7
- package/icc-x-api/utils/websocket.js.map +1 -1
- package/icc-x-api/wasm/lzma/lzma.js +2 -0
- package/icc-x-api/wasm/lzma/lzma.wasm +0 -0
- package/package.json +2 -11
- package/icc-x-api/utils/uuid-encoder.d.ts +0 -44
- package/icc-x-api/utils/uuid-encoder.js +0 -114
- package/icc-x-api/utils/uuid-encoder.js.map +0 -1
- package/test/icc-api/api/IccAgendaApi.d.ts +0 -1
- package/test/icc-api/api/IccAgendaApi.js +0 -64
- package/test/icc-api/api/IccAgendaApi.js.map +0 -1
- package/test/icc-api/api/IccAnonymousAccessApi.d.ts +0 -1
- package/test/icc-api/api/IccAnonymousAccessApi.js +0 -58
- package/test/icc-api/api/IccAnonymousAccessApi.js.map +0 -1
- package/test/icc-api/api/IccCalendarItemApi.d.ts +0 -1
- package/test/icc-api/api/IccCalendarItemApi.js +0 -67
- package/test/icc-api/api/IccCalendarItemApi.js.map +0 -1
- package/test/icc-api/api/IccCalendarItemTypeApi.d.ts +0 -1
- package/test/icc-api/api/IccCalendarItemTypeApi.js +0 -96
- package/test/icc-api/api/IccCalendarItemTypeApi.js.map +0 -1
- package/test/icc-api/api/IccCodeApi.d.ts +0 -1
- package/test/icc-api/api/IccCodeApi.js +0 -38
- package/test/icc-api/api/IccCodeApi.js.map +0 -1
- package/test/icc-api/api/IccDocumentApi.d.ts +0 -1
- package/test/icc-api/api/IccDocumentApi.js +0 -199
- package/test/icc-api/api/IccDocumentApi.js.map +0 -1
- package/test/icc-api/api/IccGroupApi.d.ts +0 -1
- package/test/icc-api/api/IccGroupApi.js +0 -50
- package/test/icc-api/api/IccGroupApi.js.map +0 -1
- package/test/icc-api/api/IccKeywordApi.d.ts +0 -1
- package/test/icc-api/api/IccKeywordApi.js +0 -64
- package/test/icc-api/api/IccKeywordApi.js.map +0 -1
- package/test/icc-api/api/IccMedicalLocationApi.d.ts +0 -1
- package/test/icc-api/api/IccMedicalLocationApi.js +0 -64
- package/test/icc-api/api/IccMedicalLocationApi.js.map +0 -1
- package/test/icc-api/api/IccPlaceApi.d.ts +0 -1
- package/test/icc-api/api/IccPlaceApi.js +0 -64
- package/test/icc-api/api/IccPlaceApi.js.map +0 -1
- package/test/icc-api/api/IccRecoveryDataApi.d.ts +0 -1
- package/test/icc-api/api/IccRecoveryDataApi.js +0 -95
- package/test/icc-api/api/IccRecoveryDataApi.js.map +0 -1
- package/test/icc-api/api/IccRoleApi.d.ts +0 -1
- package/test/icc-api/api/IccRoleApi.js +0 -34
- package/test/icc-api/api/IccRoleApi.js.map +0 -1
- package/test/icc-api/api/IccUserApi.d.ts +0 -1
- package/test/icc-api/api/IccUserApi.js +0 -96
- package/test/icc-api/api/IccUserApi.js.map +0 -1
- package/test/icc-api/e2e/IccCalendarItemApi.d.ts +0 -1
- package/test/icc-api/e2e/IccCalendarItemApi.js +0 -46
- package/test/icc-api/e2e/IccCalendarItemApi.js.map +0 -1
- package/test/icc-api/model/modelHelpersTest.d.ts +0 -1
- package/test/icc-api/model/modelHelpersTest.js +0 -45
- package/test/icc-api/model/modelHelpersTest.js.map +0 -1
- package/test/icc-x-api/auth/group-switch-test.d.ts +0 -1
- package/test/icc-x-api/auth/group-switch-test.js +0 -81
- package/test/icc-x-api/auth/group-switch-test.js.map +0 -1
- package/test/icc-x-api/auth/jwt-concurrency-test.d.ts +0 -2
- package/test/icc-x-api/auth/jwt-concurrency-test.js +0 -112
- package/test/icc-x-api/auth/jwt-concurrency-test.js.map +0 -1
- package/test/icc-x-api/auth/jwt-provider-test.d.ts +0 -1
- package/test/icc-x-api/auth/jwt-provider-test.js +0 -197
- package/test/icc-x-api/auth/jwt-provider-test.js.map +0 -1
- package/test/icc-x-api/auth/smart-auth-provider-test.d.ts +0 -1
- package/test/icc-x-api/auth/smart-auth-provider-test.js +0 -224
- package/test/icc-x-api/auth/smart-auth-provider-test.js.map +0 -1
- package/test/icc-x-api/autofix-anonymity-test.d.ts +0 -1
- package/test/icc-x-api/autofix-anonymity-test.js +0 -122
- package/test/icc-x-api/autofix-anonymity-test.js.map +0 -1
- package/test/icc-x-api/confidential-entities-test.d.ts +0 -1
- package/test/icc-x-api/confidential-entities-test.js +0 -168
- package/test/icc-x-api/confidential-entities-test.js.map +0 -1
- package/test/icc-x-api/crud/comprehensive-crud-test.d.ts +0 -1
- package/test/icc-x-api/crud/comprehensive-crud-test.js +0 -276
- package/test/icc-x-api/crud/comprehensive-crud-test.js.map +0 -1
- package/test/icc-x-api/crud/entities-crud-test-interface.d.ts +0 -16
- package/test/icc-x-api/crud/entities-crud-test-interface.js +0 -408
- package/test/icc-x-api/crud/entities-crud-test-interface.js.map +0 -1
- package/test/icc-x-api/crypto/anonymous-delegations-test.d.ts +0 -1
- package/test/icc-x-api/crypto/anonymous-delegations-test.js +0 -587
- package/test/icc-x-api/crypto/anonymous-delegations-test.js.map +0 -1
- package/test/icc-x-api/crypto/concurrency.d.ts +0 -1
- package/test/icc-x-api/crypto/concurrency.js +0 -35
- package/test/icc-x-api/crypto/concurrency.js.map +0 -1
- package/test/icc-x-api/crypto/crypto-utils.d.ts +0 -1
- package/test/icc-x-api/crypto/crypto-utils.js +0 -79
- package/test/icc-x-api/crypto/crypto-utils.js.map +0 -1
- package/test/icc-x-api/crypto/cryptoTest.d.ts +0 -2
- package/test/icc-x-api/crypto/cryptoTest.js +0 -402
- package/test/icc-x-api/crypto/cryptoTest.js.map +0 -1
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.d.ts +0 -1
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js +0 -166
- package/test/icc-x-api/crypto/delegate-ci-to-patient-with-missing-keys-test.js.map +0 -1
- package/test/icc-x-api/crypto/exchange-data-manager-test.d.ts +0 -1
- package/test/icc-x-api/crypto/exchange-data-manager-test.js +0 -674
- package/test/icc-x-api/crypto/exchange-data-manager-test.js.map +0 -1
- package/test/icc-x-api/crypto/full-crypto-test.d.ts +0 -1
- package/test/icc-x-api/crypto/full-crypto-test.js +0 -454
- package/test/icc-x-api/crypto/full-crypto-test.js.map +0 -1
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.d.ts +0 -1
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js +0 -379
- package/test/icc-x-api/crypto/legacy-metadata-migration-test.js.map +0 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.d.ts +0 -1
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js +0 -278
- package/test/icc-x-api/crypto/secure-delegations-manager-test.js.map +0 -1
- package/test/icc-x-api/crypto/shamir.d.ts +0 -2
- package/test/icc-x-api/crypto/shamir.js +0 -167
- package/test/icc-x-api/crypto/shamir.js.map +0 -1
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.d.ts +0 -1
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js +0 -71
- package/test/icc-x-api/crypto/share-to-newly-created-patient-from-hcp.js.map +0 -1
- package/test/icc-x-api/crypto/soft-deleted-data-owners.d.ts +0 -2
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js +0 -113
- package/test/icc-x-api/crypto/soft-deleted-data-owners.js.map +0 -1
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.d.ts +0 -1
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js +0 -246
- package/test/icc-x-api/crypto/user-encryption-keys-manager-test.js.map +0 -1
- package/test/icc-x-api/entity-with-attachments-api-test.d.ts +0 -1
- package/test/icc-x-api/entity-with-attachments-api-test.js +0 -142
- package/test/icc-x-api/entity-with-attachments-api-test.js.map +0 -1
- package/test/icc-x-api/filters/filters.d.ts +0 -1
- package/test/icc-x-api/filters/filters.js +0 -49
- package/test/icc-x-api/filters/filters.js.map +0 -1
- package/test/icc-x-api/filters/healthelement.d.ts +0 -1
- package/test/icc-x-api/filters/healthelement.js +0 -333
- package/test/icc-x-api/filters/healthelement.js.map +0 -1
- package/test/icc-x-api/icc-accesslog-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-accesslog-x-api.js +0 -106
- package/test/icc-x-api/icc-accesslog-x-api.js.map +0 -1
- package/test/icc-x-api/icc-application-settings-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-application-settings-x-api.js +0 -91
- package/test/icc-x-api/icc-application-settings-x-api.js.map +0 -1
- package/test/icc-x-api/icc-auth-api.d.ts +0 -1
- package/test/icc-x-api/icc-auth-api.js +0 -47
- package/test/icc-x-api/icc-auth-api.js.map +0 -1
- package/test/icc-x-api/icc-calendar-item-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-calendar-item-x-api.js +0 -150
- package/test/icc-x-api/icc-calendar-item-x-api.js.map +0 -1
- package/test/icc-x-api/icc-contact-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-contact-x-api.js +0 -355
- package/test/icc-x-api/icc-contact-x-api.js.map +0 -1
- package/test/icc-x-api/icc-document-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-document-x-api.js +0 -76
- package/test/icc-x-api/icc-document-x-api.js.map +0 -1
- package/test/icc-x-api/icc-form-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-form-x-api.js +0 -413
- package/test/icc-x-api/icc-form-x-api.js.map +0 -1
- package/test/icc-x-api/icc-hcparty-x-api-test.d.ts +0 -1
- package/test/icc-x-api/icc-hcparty-x-api-test.js +0 -43
- package/test/icc-x-api/icc-hcparty-x-api-test.js.map +0 -1
- package/test/icc-x-api/icc-helement-x-api-test.d.ts +0 -1
- package/test/icc-x-api/icc-helement-x-api-test.js +0 -155
- package/test/icc-x-api/icc-helement-x-api-test.js.map +0 -1
- package/test/icc-x-api/icc-invoice-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-invoice-x-api.js +0 -99
- package/test/icc-x-api/icc-invoice-x-api.js.map +0 -1
- package/test/icc-x-api/icc-maintenance-task-x-api-test.d.ts +0 -1
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js +0 -222
- package/test/icc-x-api/icc-maintenance-task-x-api-test.js.map +0 -1
- package/test/icc-x-api/icc-message-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-message-x-api.js +0 -54
- package/test/icc-x-api/icc-message-x-api.js.map +0 -1
- package/test/icc-x-api/icc-patient-x-api-test.d.ts +0 -1
- package/test/icc-x-api/icc-patient-x-api-test.js +0 -165
- package/test/icc-x-api/icc-patient-x-api-test.js.map +0 -1
- package/test/icc-x-api/icc-recovery-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-recovery-x-api.js +0 -175
- package/test/icc-x-api/icc-recovery-x-api.js.map +0 -1
- package/test/icc-x-api/icc-topic-x-api.d.ts +0 -1
- package/test/icc-x-api/icc-topic-x-api.js +0 -269
- package/test/icc-x-api/icc-topic-x-api.js.map +0 -1
- package/test/icc-x-api/icc-user-x-api-test.d.ts +0 -1
- package/test/icc-x-api/icc-user-x-api-test.js +0 -99
- package/test/icc-x-api/icc-user-x-api-test.js.map +0 -1
- package/test/icc-x-api/keyless-api.d.ts +0 -1
- package/test/icc-x-api/keyless-api.js +0 -125
- package/test/icc-x-api/keyless-api.js.map +0 -1
- package/test/icc-x-api/patient-user.d.ts +0 -2
- package/test/icc-x-api/patient-user.js +0 -103
- package/test/icc-x-api/patient-user.js.map +0 -1
- package/test/icc-x-api/storage/storage.d.ts +0 -1
- package/test/icc-x-api/storage/storage.js +0 -48
- package/test/icc-x-api/storage/storage.js.map +0 -1
- package/test/icc-x-api/test-api-no-parent.d.ts +0 -1
- package/test/icc-x-api/test-api-no-parent.js +0 -79
- package/test/icc-x-api/test-api-no-parent.js.map +0 -1
- package/test/icc-x-api/test-legacy-data-support.d.ts +0 -1
- package/test/icc-x-api/test-legacy-data-support.js +0 -375
- package/test/icc-x-api/test-legacy-data-support.js.map +0 -1
- package/test/icc-x-api/utils/graph-test.d.ts +0 -1
- package/test/icc-x-api/utils/graph-test.js +0 -54
- package/test/icc-x-api/utils/graph-test.js.map +0 -1
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.d.ts +0 -1
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js +0 -364
- package/test/icc-x-api/utils/lru-temporised-async-cache-test.js.map +0 -1
- package/test/support/CSM-185.d.ts +0 -1
- package/test/support/CSM-185.js +0 -124
- package/test/support/CSM-185.js.map +0 -1
- package/test/support/CSM-243.d.ts +0 -1
- package/test/support/CSM-243.js +0 -120
- package/test/support/CSM-243.js.map +0 -1
- package/test/support/CSM-543.d.ts +0 -1
- package/test/support/CSM-543.js +0 -164
- package/test/support/CSM-543.js.map +0 -1
- package/test/support/CSM-729.d.ts +0 -1
- package/test/support/CSM-729.js +0 -225
- package/test/support/CSM-729.js.map +0 -1
- package/test/support/CSM-87.d.ts +0 -0
- package/test/support/CSM-87.js +0 -21
- package/test/support/CSM-87.js.map +0 -1
- package/test/support/CSM-93.d.ts +0 -1
- package/test/support/CSM-93.js +0 -112
- package/test/support/CSM-93.js.map +0 -1
- package/test/utils/FakeDataOwnerApi.d.ts +0 -32
- package/test/utils/FakeDataOwnerApi.js +0 -136
- package/test/utils/FakeDataOwnerApi.js.map +0 -1
- package/test/utils/FakeEncryptionKeysManager.d.ts +0 -36
- package/test/utils/FakeEncryptionKeysManager.js +0 -98
- package/test/utils/FakeEncryptionKeysManager.js.map +0 -1
- package/test/utils/FakeExchangeDataApi.d.ts +0 -32
- package/test/utils/FakeExchangeDataApi.js +0 -92
- package/test/utils/FakeExchangeDataApi.js.map +0 -1
- package/test/utils/FakeExchangeDataManager.d.ts +0 -48
- package/test/utils/FakeExchangeDataManager.js +0 -82
- package/test/utils/FakeExchangeDataManager.js.map +0 -1
- package/test/utils/FakeExchangeDataMapManager.d.ts +0 -12
- package/test/utils/FakeExchangeDataMapManager.js +0 -38
- package/test/utils/FakeExchangeDataMapManager.js.map +0 -1
- package/test/utils/FakeGenericApi.d.ts +0 -16
- package/test/utils/FakeGenericApi.js +0 -65
- package/test/utils/FakeGenericApi.js.map +0 -1
- package/test/utils/KeylessCryptoStrategies.d.ts +0 -23
- package/test/utils/KeylessCryptoStrategies.js +0 -26
- package/test/utils/KeylessCryptoStrategies.js.map +0 -1
- package/test/utils/TestApi.d.ts +0 -3
- package/test/utils/TestApi.js +0 -30
- package/test/utils/TestApi.js.map +0 -1
- package/test/utils/TestCollectionUtils.d.ts +0 -1
- package/test/utils/TestCollectionUtils.js +0 -109
- package/test/utils/TestCollectionUtils.js.map +0 -1
- package/test/utils/TestCryptoStrategies.d.ts +0 -42
- package/test/utils/TestCryptoStrategies.js +0 -80
- package/test/utils/TestCryptoStrategies.js.map +0 -1
- package/test/utils/TestStorage.d.ts +0 -23
- package/test/utils/TestStorage.js +0 -61
- package/test/utils/TestStorage.js.map +0 -1
- package/test/utils/roles.d.ts +0 -14
- package/test/utils/roles.js +0 -345
- package/test/utils/roles.js.map +0 -1
- package/test/utils/test_utils.d.ts +0 -87
- package/test/utils/test_utils.js +0 -452
- package/test/utils/test_utils.js.map +0 -1
|
@@ -1,224 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
const types_1 = require("@icure/test-setup/types");
|
|
13
|
-
const mocha_1 = require("mocha");
|
|
14
|
-
const test_utils_1 = require("../../utils/test_utils");
|
|
15
|
-
const icc_x_api_1 = require("../../../icc-x-api");
|
|
16
|
-
const icc_api_1 = require("../../../icc-api");
|
|
17
|
-
require("isomorphic-fetch");
|
|
18
|
-
const SmartAuthProvider_1 = require("../../../icc-x-api/auth/SmartAuthProvider");
|
|
19
|
-
const chai_1 = require("chai");
|
|
20
|
-
const crypto_1 = require("crypto");
|
|
21
|
-
var initMasterApi = test_utils_1.TestUtils.initMasterApi;
|
|
22
|
-
const assert_1 = require("assert");
|
|
23
|
-
const otpauth_1 = require("otpauth");
|
|
24
|
-
(0, test_utils_1.setLocalStorage)(fetch);
|
|
25
|
-
let env;
|
|
26
|
-
let authApi;
|
|
27
|
-
describe('Smart authentication provider', () => {
|
|
28
|
-
(0, mocha_1.before)(function () {
|
|
29
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
30
|
-
this.timeout(600000);
|
|
31
|
-
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
32
|
-
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
33
|
-
authApi = new icc_api_1.IccAuthApi(env.iCureUrl, {}, new icc_x_api_1.NoAuthenticationProvider(), fetch);
|
|
34
|
-
});
|
|
35
|
-
});
|
|
36
|
-
function userApiWithProvider(authProvider) {
|
|
37
|
-
return new icc_api_1.IccUserApi(env.iCureUrl, {}, authProvider, fetch);
|
|
38
|
-
}
|
|
39
|
-
it('Should automatically ask for secret to get a new token, and reasks the secret if it is not valid', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
40
|
-
const { credentials } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
41
|
-
let calls = 0;
|
|
42
|
-
const authProvider = yield SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
43
|
-
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
44
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
45
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
46
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
47
|
-
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
48
|
-
if (calls == 0) {
|
|
49
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
50
|
-
}
|
|
51
|
-
else if (calls == 1) {
|
|
52
|
-
(0, chai_1.expect)(previousAttempts).to.have.length(1);
|
|
53
|
-
(0, chai_1.expect)(previousAttempts[0].value).to.equal('wrong');
|
|
54
|
-
(0, chai_1.expect)(previousAttempts[0].secretType).to.equal(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
55
|
-
}
|
|
56
|
-
else
|
|
57
|
-
(0, assert_1.fail)(`Unexpected number of calls: ${calls}`);
|
|
58
|
-
return calls++ == 0
|
|
59
|
-
? { value: 'wrong', secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN } // pragma: allowlist secret
|
|
60
|
-
: { value: credentials.password, secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN };
|
|
61
|
-
}),
|
|
62
|
-
});
|
|
63
|
-
const userApi = userApiWithProvider(authProvider);
|
|
64
|
-
const user = yield userApi.getCurrentUser();
|
|
65
|
-
(0, chai_1.expect)(user.healthcarePartyId).to.equal(credentials.dataOwnerId);
|
|
66
|
-
(0, chai_1.expect)(calls).to.equal(2);
|
|
67
|
-
}));
|
|
68
|
-
(0, test_utils_1.itNoLite)('Should automatically ask for a more powerful secret to perform elevated-security operations if the available secret/token is not good enough', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
69
|
-
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
70
|
-
const initialUser = yield api.userApi.getCurrentUser();
|
|
71
|
-
const masterApi = yield initMasterApi(env);
|
|
72
|
-
const userToken = (0, crypto_1.randomUUID)();
|
|
73
|
-
const userPw = (0, crypto_1.randomUUID)();
|
|
74
|
-
const userWithLongTokenAndPw = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw, authenticationTokens: {
|
|
75
|
-
'test-long-lived-token': {
|
|
76
|
-
token: userToken,
|
|
77
|
-
creationTime: Date.now(),
|
|
78
|
-
validity: 60 * 60 * 24 * 7,
|
|
79
|
-
},
|
|
80
|
-
} }));
|
|
81
|
-
let calls = 0;
|
|
82
|
-
const authProvider = yield SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
83
|
-
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
84
|
-
if (calls == 0) {
|
|
85
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
86
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
87
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
88
|
-
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
89
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
90
|
-
calls++;
|
|
91
|
-
return { value: userToken, secretType: SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN };
|
|
92
|
-
}
|
|
93
|
-
else if (calls == 1) {
|
|
94
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
95
|
-
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
96
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
97
|
-
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
98
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
99
|
-
calls++;
|
|
100
|
-
return { value: userPw, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
101
|
-
}
|
|
102
|
-
else
|
|
103
|
-
throw new Error(`Unexpected number of calls: ${calls}`);
|
|
104
|
-
}),
|
|
105
|
-
});
|
|
106
|
-
const userApi = userApiWithProvider(authProvider);
|
|
107
|
-
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithLongTokenAndPw.rev);
|
|
108
|
-
(0, chai_1.expect)(calls).to.equal(1);
|
|
109
|
-
const newPw = (0, crypto_1.randomUUID)();
|
|
110
|
-
const userWithNewPw = yield userApi.modifyUser(Object.assign(Object.assign({}, userWithLongTokenAndPw), { passwordHash: newPw }));
|
|
111
|
-
(0, chai_1.expect)(userWithNewPw.rev).to.not.equal(userWithLongTokenAndPw.rev);
|
|
112
|
-
(0, chai_1.expect)(calls).to.equal(2);
|
|
113
|
-
const retrievedWithNewPw = yield userApiWithProvider(new icc_x_api_1.BasicAuthenticationProvider(credentials.user, newPw)).getCurrentUser();
|
|
114
|
-
(0, chai_1.expect)(retrievedWithNewPw.rev).to.equal(userWithNewPw.rev);
|
|
115
|
-
const couldRetrieveWithOldPw = yield userApiWithProvider(new icc_x_api_1.BasicAuthenticationProvider(credentials.user, userPw))
|
|
116
|
-
.getCurrentUser()
|
|
117
|
-
.then(() => true, () => false);
|
|
118
|
-
(0, chai_1.expect)(couldRetrieveWithOldPw).to.be.false;
|
|
119
|
-
}));
|
|
120
|
-
(0, test_utils_1.itNoLite)('Should automatically ask for TOTP after password if user has 2fa enabled', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
121
|
-
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
122
|
-
const initialUser = yield api.userApi.getCurrentUser();
|
|
123
|
-
const masterApi = yield initMasterApi(env);
|
|
124
|
-
const totpSecret = 'AAPX7PW2RJIGZ3D4'; // pragma: allowlist secret (fake secret generated only for test)
|
|
125
|
-
const totp = new otpauth_1.TOTP({
|
|
126
|
-
algorithm: 'SHA1',
|
|
127
|
-
digits: 6,
|
|
128
|
-
period: 30,
|
|
129
|
-
secret: totpSecret,
|
|
130
|
-
});
|
|
131
|
-
const userPw = (0, crypto_1.randomUUID)();
|
|
132
|
-
yield masterApi.userApi.enable2fa(initialUser.id, totpSecret);
|
|
133
|
-
const userWithPwAnd2fa = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw }));
|
|
134
|
-
let calls = 0;
|
|
135
|
-
const authProvider = yield SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
136
|
-
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
137
|
-
if (calls == 0) {
|
|
138
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
139
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.LONG_LIVED_TOKEN);
|
|
140
|
-
(0, chai_1.expect)(acceptedSecrets).to.include(SmartAuthProvider_1.AuthSecretType.SHORT_LIVED_TOKEN);
|
|
141
|
-
(0, chai_1.expect)(acceptedSecrets).to.not.include(SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN);
|
|
142
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
143
|
-
calls++;
|
|
144
|
-
return { value: userPw, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
145
|
-
}
|
|
146
|
-
else if (calls == 1 || calls == 2) {
|
|
147
|
-
(0, chai_1.expect)(acceptedSecrets).to.have.members([SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN]);
|
|
148
|
-
if (calls == 1)
|
|
149
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
150
|
-
if (calls == 2)
|
|
151
|
-
(0, chai_1.expect)(previousAttempts).to.have.length(1);
|
|
152
|
-
return calls++ == 1
|
|
153
|
-
? { value: totp.generate() + '13', secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }
|
|
154
|
-
: { value: totp.generate(), secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN };
|
|
155
|
-
}
|
|
156
|
-
else
|
|
157
|
-
throw new Error(`Unexpected number of calls: ${calls}`);
|
|
158
|
-
}),
|
|
159
|
-
});
|
|
160
|
-
const userApi = userApiWithProvider(authProvider);
|
|
161
|
-
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev);
|
|
162
|
-
(0, chai_1.expect)(calls).to.equal(3);
|
|
163
|
-
}));
|
|
164
|
-
(0, test_utils_1.itNoLite)('Should ask for TOTP directly if password is cached', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
165
|
-
const { credentials, api } = yield (0, test_utils_1.createNewHcpApi)(env);
|
|
166
|
-
const initialUser = yield api.userApi.getCurrentUser();
|
|
167
|
-
const masterApi = yield initMasterApi(env);
|
|
168
|
-
const totpSecret = 'AAPX7PW2RJIGZ3D4'; // pragma: allowlist secret (fake secret generated only for test)
|
|
169
|
-
const totp = new otpauth_1.TOTP({
|
|
170
|
-
algorithm: 'SHA1',
|
|
171
|
-
digits: 6,
|
|
172
|
-
period: 30,
|
|
173
|
-
secret: totpSecret,
|
|
174
|
-
});
|
|
175
|
-
const userPw = (0, crypto_1.randomUUID)();
|
|
176
|
-
yield masterApi.userApi.enable2fa(initialUser.id, totpSecret);
|
|
177
|
-
const userWithPwAnd2fa = yield masterApi.userApi.modifyUser(Object.assign(Object.assign({}, initialUser), { passwordHash: userPw }));
|
|
178
|
-
let calls = 0;
|
|
179
|
-
const authProvider = yield SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, credentials.user, {
|
|
180
|
-
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
181
|
-
(0, chai_1.expect)(acceptedSecrets).to.have.members([SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN]);
|
|
182
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
183
|
-
(0, chai_1.expect)(calls++).to.equal(0);
|
|
184
|
-
return { value: totp.generate(), secretType: SmartAuthProvider_1.AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN };
|
|
185
|
-
}),
|
|
186
|
-
}, {
|
|
187
|
-
initialSecret: { password: userPw },
|
|
188
|
-
});
|
|
189
|
-
const userApi = userApiWithProvider(authProvider);
|
|
190
|
-
(0, chai_1.expect)((yield userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev);
|
|
191
|
-
(0, chai_1.expect)(calls).to.equal(1);
|
|
192
|
-
}));
|
|
193
|
-
(0, test_utils_1.itNoLite)('Switched provider should keep cached secrets and should be able to have elevated security context', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
194
|
-
var _a;
|
|
195
|
-
const details = yield (0, test_utils_1.createUserInMultipleGroups)(env);
|
|
196
|
-
let calls = 0;
|
|
197
|
-
const authProvider = yield SmartAuthProvider_1.SmartAuthProvider.initialise(authApi, details.userLogin, {
|
|
198
|
-
getSecret: (acceptedSecrets, previousAttempts) => __awaiter(void 0, void 0, void 0, function* () {
|
|
199
|
-
(0, chai_1.expect)(acceptedSecrets).to.have.include(SmartAuthProvider_1.AuthSecretType.PASSWORD);
|
|
200
|
-
(0, chai_1.expect)(previousAttempts).to.be.empty;
|
|
201
|
-
(0, chai_1.expect)(calls++).to.equal(0);
|
|
202
|
-
return { value: details.userPw12, secretType: SmartAuthProvider_1.AuthSecretType.PASSWORD };
|
|
203
|
-
}),
|
|
204
|
-
});
|
|
205
|
-
const defaultGroupUserApi = userApiWithProvider(authProvider);
|
|
206
|
-
const defaultGroupUser = yield defaultGroupUserApi.getCurrentUser();
|
|
207
|
-
const otherGroupId = details.group1.id == defaultGroupUser.groupId ? details.group2.id : details.group1.id;
|
|
208
|
-
const matches = yield defaultGroupUserApi.getMatchingUsers();
|
|
209
|
-
const switchedUserApi = userApiWithProvider(yield authProvider.switchGroup(otherGroupId, matches));
|
|
210
|
-
const switchedUser = yield switchedUserApi.getCurrentUser();
|
|
211
|
-
(0, chai_1.expect)(switchedUser.id).to.not.equal(defaultGroupUser.id);
|
|
212
|
-
(0, chai_1.expect)(switchedUser.groupId).to.equal(otherGroupId);
|
|
213
|
-
const updatedDefault = yield switchedUserApi.modifyUser(Object.assign(Object.assign({}, switchedUser), { authenticationTokens: {
|
|
214
|
-
'new-token': {
|
|
215
|
-
token: (0, crypto_1.randomUUID)(),
|
|
216
|
-
creationTime: Date.now(),
|
|
217
|
-
validity: 60 * 60 * 24 * 7,
|
|
218
|
-
},
|
|
219
|
-
} }));
|
|
220
|
-
(0, chai_1.expect)(updatedDefault.rev).to.not.equal(switchedUser.rev);
|
|
221
|
-
(0, chai_1.expect)(Object.keys((_a = updatedDefault.authenticationTokens) !== null && _a !== void 0 ? _a : {})).to.not.be.empty;
|
|
222
|
-
}));
|
|
223
|
-
});
|
|
224
|
-
//# sourceMappingURL=smart-auth-provider-test.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"smart-auth-provider-test.js","sourceRoot":"","sources":["../../../../test/icc-x-api/auth/smart-auth-provider-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,mDAAmE;AACnE,iCAA8B;AAC9B,uDAAqJ;AACrJ,kDAAkH;AAClH,8CAAyD;AACzD,4BAAyB;AACzB,iFAAgH;AAChH,+BAA6B;AAC7B,mCAAmC;AACnC,IAAO,aAAa,GAAG,sBAAS,CAAC,aAAa,CAAA;AAC9C,mCAA6B;AAC7B,qCAA8B;AAC9B,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AAEtB,IAAI,GAAa,CAAA;AACjB,IAAI,OAAmB,CAAA;AAEvB,QAAQ,CAAC,+BAA+B,EAAE,GAAG,EAAE;IAC7C,IAAA,cAAM,EAAC;;YACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YACpB,MAAM,WAAW,GAAG,MAAM,IAAA,sCAAyB,GAAE,CAAA;YACrD,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAA,uBAAe,GAAE,CAAC,CAAA;YAClD,OAAO,GAAG,IAAI,oBAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,IAAI,oCAAwB,EAAE,EAAE,KAAK,CAAC,CAAA;QACnF,CAAC;KAAA,CAAC,CAAA;IAEF,SAAS,mBAAmB,CAAC,YAAoC;QAC/D,OAAO,IAAI,oBAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,CAAC,CAAA;IAC9D,CAAC;IAED,EAAE,CAAC,kGAAkG,EAAE,GAAS,EAAE;QAChH,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QAClD,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,MAAM,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YACjF,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;gBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;gBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;gBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;gBACtF,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACf,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;gBACtC,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBAC1C,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;oBACnD,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;gBAClF,CAAC;;oBAAM,IAAA,aAAI,EAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;gBACnD,OAAO,KAAK,EAAE,IAAI,CAAC;oBACjB,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAC,2BAA2B;oBAC7F,CAAC,CAAC,EAAE,KAAK,EAAE,WAAW,CAAC,QAAQ,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAA;YAClF,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,cAAc,EAAE,CAAA;QAC3C,IAAA,aAAM,EAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC,CAAA;QAChE,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EACN,8IAA8I,EAC9I,GAAS,EAAE;QACT,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,SAAS,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC9B,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,sBAAsB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCAC5D,WAAW,KACd,YAAY,EAAE,MAAM,EACpB,oBAAoB,EAAE;gBACpB,uBAAuB,EAAE;oBACvB,KAAK,EAAE,SAAS;oBAChB,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;oBACxB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;iBAC3B;aACF,IACD,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,MAAM,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YACjF,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACf,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,kCAAc,CAAC,gBAAgB,EAAE,CAAA;gBAC1E,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACtB,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACvE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;gBAC/D,CAAC;;oBAAM,MAAM,IAAI,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAA;QACjF,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACzB,MAAM,KAAK,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC1B,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,UAAU,iCAAM,sBAAsB,KAAE,YAAY,EAAE,KAAK,IAAG,CAAA;QAClG,IAAA,aAAM,EAAC,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAA;QAClE,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACzB,MAAM,kBAAkB,GAAG,MAAM,mBAAmB,CAAC,IAAI,uCAA2B,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,cAAc,EAAE,CAAA;QAC/H,IAAA,aAAM,EAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1D,MAAM,sBAAsB,GAAG,MAAM,mBAAmB,CAAC,IAAI,uCAA2B,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;aAChH,cAAc,EAAE;aAChB,IAAI,CACH,GAAG,EAAE,CAAC,IAAI,EACV,GAAG,EAAE,CAAC,KAAK,CACZ,CAAA;QACH,IAAA,aAAM,EAAC,sBAAsB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;IAC5C,CAAC,CAAA,CACF,CAAA;IAED,IAAA,qBAAQ,EAAC,0EAA0E,EAAE,GAAS,EAAE;QAC9F,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAA,CAAC,iEAAiE;QACvG,MAAM,IAAI,GAAG,IAAI,cAAI,CAAC;YACpB,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,UAAU;SACnB,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAG,EAAE,UAAU,CAAC,CAAA;QAC9D,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCACtD,WAAW,KACd,YAAY,EAAE,MAAM,IACpB,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,MAAM,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE;YACjF,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACf,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;oBAC3D,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,gBAAgB,CAAC,CAAA;oBACnE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,kCAAc,CAAC,iBAAiB,CAAC,CAAA;oBACpE,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAA;oBACtF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpC,KAAK,EAAE,CAAA;oBACP,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;gBAC/D,CAAC;qBAAM,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;oBACpC,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAC,CAAA;oBACzF,IAAI,KAAK,IAAI,CAAC;wBAAE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;oBACpD,IAAI,KAAK,IAAI,CAAC;wBAAE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;oBAC1D,OAAO,KAAK,EAAE,IAAI,CAAC;wBACjB,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE;wBAC/F,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE,CAAA;gBAC5F,CAAC;;oBAAM,MAAM,IAAI,KAAK,CAAC,+BAA+B,KAAK,EAAE,CAAC,CAAA;YAChE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAC3E,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EAAC,oDAAoD,EAAE,GAAS,EAAE;QACxE,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAA;QACvD,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;QACtD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAA,CAAC,iEAAiE;QACvG,MAAM,IAAI,GAAG,IAAI,cAAI,CAAC;YACpB,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,EAAE;YACV,MAAM,EAAE,UAAU;SACnB,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,IAAA,mBAAU,GAAE,CAAA;QAC3B,MAAM,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAG,EAAE,UAAU,CAAC,CAAA;QAC9D,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,iCACtD,WAAW,KACd,YAAY,EAAE,MAAM,IACpB,CAAA;QACF,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,MAAM,qCAAiB,CAAC,UAAU,CACrD,OAAO,EACP,WAAW,CAAC,IAAI,EAChB;YACE,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,kCAAc,CAAC,+BAA+B,CAAC,CAAC,CAAA;gBACzF,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;gBACpC,IAAA,aAAM,EAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC3B,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,kCAAc,CAAC,+BAA+B,EAAE,CAAA;YAC/F,CAAC,CAAA;SACF,EACD;YACE,aAAa,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;SACpC,CACF,CAAA;QACD,MAAM,OAAO,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QACjD,IAAA,aAAM,EAAC,CAAC,MAAM,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAA;QAC3E,IAAA,aAAM,EAAC,KAAK,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAC3B,CAAC,CAAA,CAAC,CAAA;IAEF,IAAA,qBAAQ,EAAC,mGAAmG,EAAE,GAAS,EAAE;;QACvH,MAAM,OAAO,GAAG,MAAM,IAAA,uCAA0B,EAAC,GAAG,CAAC,CAAA;QACrD,IAAI,KAAK,GAAG,CAAC,CAAA;QACb,MAAM,YAAY,GAAG,MAAM,qCAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,SAAS,EAAE;YAClF,SAAS,EAAE,CAAO,eAAiC,EAAE,gBAAqC,EAAE,EAAE;gBAC5F,IAAA,aAAM,EAAC,eAAe,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,kCAAc,CAAC,QAAQ,CAAC,CAAA;gBAChE,IAAA,aAAM,EAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAA;gBACpC,IAAA,aAAM,EAAC,KAAK,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC3B,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,kCAAc,CAAC,QAAQ,EAAE,CAAA;YACzE,CAAC,CAAA;SACF,CAAC,CAAA;QACF,MAAM,mBAAmB,GAAG,mBAAmB,CAAC,YAAY,CAAC,CAAA;QAC7D,MAAM,gBAAgB,GAAG,MAAM,mBAAmB,CAAC,cAAc,EAAE,CAAA;QACnE,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAA;QAC1G,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,gBAAgB,EAAE,CAAA;QAC5D,MAAM,eAAe,GAAG,mBAAmB,CAAC,MAAM,YAAY,CAAC,WAAW,CAAC,YAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnG,MAAM,YAAY,GAAG,MAAM,eAAe,CAAC,cAAc,EAAE,CAAA;QAC3D,IAAA,aAAM,EAAC,YAAY,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAA;QACzD,IAAA,aAAM,EAAC,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,eAAe,CAAC,UAAU,iCAClD,YAAY,KACf,oBAAoB,EAAE;gBACpB,WAAW,EAAE;oBACX,KAAK,EAAE,IAAA,mBAAU,GAAE;oBACnB,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE;oBACxB,QAAQ,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC;iBAC3B;aACF,IACD,CAAA;QACF,IAAA,aAAM,EAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACzD,IAAA,aAAM,EAAC,MAAM,CAAC,IAAI,CAAC,MAAA,cAAc,CAAC,oBAAoB,mCAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,KAAK,CAAA;IAChF,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { getEnvVariables, TestVars } from '@icure/test-setup/types'\nimport { before } from 'mocha'\nimport { createNewHcpApi, createUserInMultipleGroups, getEnvironmentInitializer, itNoLite, setLocalStorage, TestUtils } from '../../utils/test_utils'\nimport { AuthenticationProvider, BasicAuthenticationProvider, NoAuthenticationProvider } from '../../../icc-x-api'\nimport { IccAuthApi, IccUserApi } from '../../../icc-api'\nimport 'isomorphic-fetch'\nimport { AuthSecretDetails, AuthSecretType, SmartAuthProvider } from '../../../icc-x-api/auth/SmartAuthProvider'\nimport { expect } from 'chai'\nimport { randomUUID } from 'crypto'\nimport initMasterApi = TestUtils.initMasterApi\nimport { fail } from 'assert'\nimport { TOTP } from 'otpauth'\nsetLocalStorage(fetch)\n\nlet env: TestVars\nlet authApi: IccAuthApi\n\ndescribe('Smart authentication provider', () => {\n before(async function () {\n this.timeout(600000)\n const initializer = await getEnvironmentInitializer()\n env = await initializer.execute(getEnvVariables())\n authApi = new IccAuthApi(env.iCureUrl, {}, new NoAuthenticationProvider(), fetch)\n })\n\n function userApiWithProvider(authProvider: AuthenticationProvider): IccUserApi {\n return new IccUserApi(env.iCureUrl, {}, authProvider, fetch)\n }\n\n it('Should automatically ask for secret to get a new token, and reasks the secret if it is not valid', async () => {\n const { credentials } = await createNewHcpApi(env)\n let calls = 0\n const authProvider = await SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n if (calls == 0) {\n expect(previousAttempts).to.be.empty\n } else if (calls == 1) {\n expect(previousAttempts).to.have.length(1)\n expect(previousAttempts[0].value).to.equal('wrong')\n expect(previousAttempts[0].secretType).to.equal(AuthSecretType.LONG_LIVED_TOKEN)\n } else fail(`Unexpected number of calls: ${calls}`)\n return calls++ == 0\n ? { value: 'wrong', secretType: AuthSecretType.LONG_LIVED_TOKEN } // pragma: allowlist secret\n : { value: credentials.password, secretType: AuthSecretType.LONG_LIVED_TOKEN }\n },\n })\n const userApi = userApiWithProvider(authProvider)\n const user = await userApi.getCurrentUser()\n expect(user.healthcarePartyId).to.equal(credentials.dataOwnerId)\n expect(calls).to.equal(2)\n })\n\n itNoLite(\n 'Should automatically ask for a more powerful secret to perform elevated-security operations if the available secret/token is not good enough',\n async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const userToken = randomUUID()\n const userPw = randomUUID()\n const userWithLongTokenAndPw = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n authenticationTokens: {\n 'test-long-lived-token': {\n token: userToken,\n creationTime: Date.now(),\n validity: 60 * 60 * 24 * 7,\n },\n },\n })\n let calls = 0\n const authProvider = await SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n if (calls == 0) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userToken, secretType: AuthSecretType.LONG_LIVED_TOKEN }\n } else if (calls == 1) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.not.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userPw, secretType: AuthSecretType.PASSWORD }\n } else throw new Error(`Unexpected number of calls: ${calls}`)\n },\n })\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithLongTokenAndPw.rev)\n expect(calls).to.equal(1)\n const newPw = randomUUID()\n const userWithNewPw = await userApi.modifyUser({ ...userWithLongTokenAndPw, passwordHash: newPw })\n expect(userWithNewPw.rev).to.not.equal(userWithLongTokenAndPw.rev)\n expect(calls).to.equal(2)\n const retrievedWithNewPw = await userApiWithProvider(new BasicAuthenticationProvider(credentials.user, newPw)).getCurrentUser()\n expect(retrievedWithNewPw.rev).to.equal(userWithNewPw.rev)\n const couldRetrieveWithOldPw = await userApiWithProvider(new BasicAuthenticationProvider(credentials.user, userPw))\n .getCurrentUser()\n .then(\n () => true,\n () => false\n )\n expect(couldRetrieveWithOldPw).to.be.false\n }\n )\n\n itNoLite('Should automatically ask for TOTP after password if user has 2fa enabled', async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const totpSecret = 'AAPX7PW2RJIGZ3D4' // pragma: allowlist secret (fake secret generated only for test)\n const totp = new TOTP({\n algorithm: 'SHA1',\n digits: 6,\n period: 30,\n secret: totpSecret,\n })\n const userPw = randomUUID()\n await masterApi.userApi.enable2fa(initialUser.id!, totpSecret)\n const userWithPwAnd2fa = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n })\n let calls = 0\n const authProvider = await SmartAuthProvider.initialise(authApi, credentials.user, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n if (calls == 0) {\n expect(acceptedSecrets).to.include(AuthSecretType.PASSWORD)\n expect(acceptedSecrets).to.include(AuthSecretType.LONG_LIVED_TOKEN)\n expect(acceptedSecrets).to.include(AuthSecretType.SHORT_LIVED_TOKEN)\n expect(acceptedSecrets).to.not.include(AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN)\n expect(previousAttempts).to.be.empty\n calls++\n return { value: userPw, secretType: AuthSecretType.PASSWORD }\n } else if (calls == 1 || calls == 2) {\n expect(acceptedSecrets).to.have.members([AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN])\n if (calls == 1) expect(previousAttempts).to.be.empty\n if (calls == 2) expect(previousAttempts).to.have.length(1)\n return calls++ == 1\n ? { value: totp.generate() + '13', secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n : { value: totp.generate(), secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n } else throw new Error(`Unexpected number of calls: ${calls}`)\n },\n })\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev)\n expect(calls).to.equal(3)\n })\n\n itNoLite('Should ask for TOTP directly if password is cached', async () => {\n const { credentials, api } = await createNewHcpApi(env)\n const initialUser = await api.userApi.getCurrentUser()\n const masterApi = await initMasterApi(env)\n const totpSecret = 'AAPX7PW2RJIGZ3D4' // pragma: allowlist secret (fake secret generated only for test)\n const totp = new TOTP({\n algorithm: 'SHA1',\n digits: 6,\n period: 30,\n secret: totpSecret,\n })\n const userPw = randomUUID()\n await masterApi.userApi.enable2fa(initialUser.id!, totpSecret)\n const userWithPwAnd2fa = await masterApi.userApi.modifyUser({\n ...initialUser,\n passwordHash: userPw,\n })\n let calls = 0\n const authProvider = await SmartAuthProvider.initialise(\n authApi,\n credentials.user,\n {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.have.members([AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN])\n expect(previousAttempts).to.be.empty\n expect(calls++).to.equal(0)\n return { value: totp.generate(), secretType: AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN }\n },\n },\n {\n initialSecret: { password: userPw },\n }\n )\n const userApi = userApiWithProvider(authProvider)\n expect((await userApi.getCurrentUser()).rev).to.equal(userWithPwAnd2fa.rev)\n expect(calls).to.equal(1)\n })\n\n itNoLite('Switched provider should keep cached secrets and should be able to have elevated security context', async () => {\n const details = await createUserInMultipleGroups(env)\n let calls = 0\n const authProvider = await SmartAuthProvider.initialise(authApi, details.userLogin, {\n getSecret: async (acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]) => {\n expect(acceptedSecrets).to.have.include(AuthSecretType.PASSWORD)\n expect(previousAttempts).to.be.empty\n expect(calls++).to.equal(0)\n return { value: details.userPw12, secretType: AuthSecretType.PASSWORD }\n },\n })\n const defaultGroupUserApi = userApiWithProvider(authProvider)\n const defaultGroupUser = await defaultGroupUserApi.getCurrentUser()\n const otherGroupId = details.group1.id == defaultGroupUser.groupId ? details.group2.id : details.group1.id\n const matches = await defaultGroupUserApi.getMatchingUsers()\n const switchedUserApi = userApiWithProvider(await authProvider.switchGroup(otherGroupId!, matches))\n const switchedUser = await switchedUserApi.getCurrentUser()\n expect(switchedUser.id).to.not.equal(defaultGroupUser.id)\n expect(switchedUser.groupId).to.equal(otherGroupId)\n const updatedDefault = await switchedUserApi.modifyUser({\n ...switchedUser,\n authenticationTokens: {\n 'new-token': {\n token: randomUUID(),\n creationTime: Date.now(),\n validity: 60 * 60 * 24 * 7,\n },\n },\n })\n expect(updatedDefault.rev).to.not.equal(switchedUser.rev)\n expect(Object.keys(updatedDefault.authenticationTokens ?? {})).to.not.be.empty\n })\n})\n"]}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import 'isomorphic-fetch';
|
|
@@ -1,122 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
const mocha_1 = require("mocha");
|
|
13
|
-
const test_utils_1 = require("../utils/test_utils");
|
|
14
|
-
const types_1 = require("@icure/test-setup/types");
|
|
15
|
-
const DataOwnerTypeEnum_1 = require("../../icc-api/model/DataOwnerTypeEnum");
|
|
16
|
-
const icc_x_api_1 = require("../../icc-x-api");
|
|
17
|
-
const chai_1 = require("chai");
|
|
18
|
-
const TestStorage_1 = require("../utils/TestStorage");
|
|
19
|
-
const crypto_1 = require("crypto");
|
|
20
|
-
require("isomorphic-fetch");
|
|
21
|
-
(0, test_utils_1.setLocalStorage)(fetch);
|
|
22
|
-
let env;
|
|
23
|
-
describe('Autofix anonymity tests', () => {
|
|
24
|
-
(0, mocha_1.before)(function () {
|
|
25
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
26
|
-
this.timeout(600000);
|
|
27
|
-
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
28
|
-
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
29
|
-
});
|
|
30
|
-
});
|
|
31
|
-
function initApi(dataOwnerType, isAnonymous) {
|
|
32
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
33
|
-
const cryptoStrats = {
|
|
34
|
-
dataOwnerRequiresAnonymousDelegation(dataOwner) {
|
|
35
|
-
if (isAnonymous)
|
|
36
|
-
return dataOwner.type == dataOwnerType;
|
|
37
|
-
else
|
|
38
|
-
return false;
|
|
39
|
-
},
|
|
40
|
-
generateNewKeyForDataOwner(self, cryptoPrimitives) {
|
|
41
|
-
throw new Error('This method should not be necessary for this test');
|
|
42
|
-
},
|
|
43
|
-
recoverAndVerifySelfHierarchyKeys(keysData, cryptoPrimitives) {
|
|
44
|
-
throw new Error('This method should not be necessary for this test');
|
|
45
|
-
},
|
|
46
|
-
verifyDelegatePublicKeys(delegate, publicKeys, cryptoPrimitives) {
|
|
47
|
-
return Promise.resolve(publicKeys);
|
|
48
|
-
},
|
|
49
|
-
};
|
|
50
|
-
let userDetails;
|
|
51
|
-
if (dataOwnerType == DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient) {
|
|
52
|
-
userDetails = (yield (0, test_utils_1.createNewPatientApi)(env)).credentials;
|
|
53
|
-
}
|
|
54
|
-
else if (dataOwnerType == DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp) {
|
|
55
|
-
userDetails = (yield (0, test_utils_1.createNewHcpApi)(env)).credentials;
|
|
56
|
-
}
|
|
57
|
-
else
|
|
58
|
-
throw new Error('Unsupported data owner type');
|
|
59
|
-
const storage = yield (0, TestStorage_1.testStorageWithKeys)([
|
|
60
|
-
{
|
|
61
|
-
dataOwnerId: userDetails.dataOwnerId,
|
|
62
|
-
pairs: [{ keyPair: { publicKey: userDetails.publicKey, privateKey: userDetails.privateKey }, shaVersion: icc_x_api_1.ShaVersion.Sha1 }],
|
|
63
|
-
},
|
|
64
|
-
]);
|
|
65
|
-
const api = yield icc_x_api_1.IcureApi.initialise(env.iCureUrl, { username: userDetails.user, password: userDetails.password }, cryptoStrats, crypto_1.webcrypto, fetch, {
|
|
66
|
-
keyStorage: storage.keyStorage,
|
|
67
|
-
entryKeysFactory: storage.keyFactory,
|
|
68
|
-
storage: storage.storage,
|
|
69
|
-
});
|
|
70
|
-
(0, chai_1.expect)((yield api.dataOwnerApi.getCurrentDataOwnerStub()).type).to.eq(dataOwnerType);
|
|
71
|
-
return api;
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
function doTest(dataOwnerType, isAnonymous) {
|
|
75
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
76
|
-
const api = yield initApi(dataOwnerType, isAnonymous);
|
|
77
|
-
const user = yield api.userApi.getCurrentUser();
|
|
78
|
-
const createdWithNewInstance = yield api.patientApi.createPatientWithUser(user, yield api.patientApi.newInstance(user, { firstName: 'q', lastName: 'q' }));
|
|
79
|
-
const createdByBackend = yield api.agendaApi.createAgenda({ id: api.cryptoApi.primitives.randomUuid(), name: 'whatever' });
|
|
80
|
-
if (isAnonymous) {
|
|
81
|
-
(0, chai_1.expect)(createdWithNewInstance.author).to.eq(undefined);
|
|
82
|
-
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq(undefined);
|
|
83
|
-
(0, chai_1.expect)(createdByBackend.author).to.eq(undefined);
|
|
84
|
-
(0, chai_1.expect)(createdByBackend.responsible).to.eq(undefined);
|
|
85
|
-
}
|
|
86
|
-
else {
|
|
87
|
-
const doId = api.dataOwnerApi.getDataOwnerIdOf(user);
|
|
88
|
-
(0, chai_1.expect)(createdWithNewInstance.author).to.eq(user.id);
|
|
89
|
-
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq(doId);
|
|
90
|
-
(0, chai_1.expect)(createdByBackend.author).to.eq(user.id);
|
|
91
|
-
(0, chai_1.expect)(createdByBackend.responsible).to.eq(doId);
|
|
92
|
-
}
|
|
93
|
-
const modified = yield api.agendaApi.modifyAgenda(Object.assign(Object.assign({}, createdByBackend), { name: 'whatever 2' }));
|
|
94
|
-
if (isAnonymous) {
|
|
95
|
-
(0, chai_1.expect)(createdWithNewInstance.author).to.eq(undefined);
|
|
96
|
-
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq(undefined);
|
|
97
|
-
(0, chai_1.expect)(createdByBackend.author).to.eq(undefined);
|
|
98
|
-
(0, chai_1.expect)(createdByBackend.responsible).to.eq(undefined);
|
|
99
|
-
}
|
|
100
|
-
else {
|
|
101
|
-
const doId = api.dataOwnerApi.getDataOwnerIdOf(user);
|
|
102
|
-
(0, chai_1.expect)(createdWithNewInstance.author).to.eq(user.id);
|
|
103
|
-
(0, chai_1.expect)(createdWithNewInstance.responsible).to.eq(doId);
|
|
104
|
-
(0, chai_1.expect)(createdByBackend.author).to.eq(user.id);
|
|
105
|
-
(0, chai_1.expect)(createdByBackend.responsible).to.eq(doId);
|
|
106
|
-
}
|
|
107
|
-
});
|
|
108
|
-
}
|
|
109
|
-
it('Entity created by a patient should omit author and responsible if crypto strategies require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
110
|
-
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient, true);
|
|
111
|
-
}));
|
|
112
|
-
it('Entity created by a patient should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
113
|
-
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Patient, false);
|
|
114
|
-
}));
|
|
115
|
-
it('Entity created by a HCP should omit author and responsible if crypto strategies require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
116
|
-
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp, true);
|
|
117
|
-
}));
|
|
118
|
-
it('Entity created by a HCP should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
119
|
-
yield doTest(DataOwnerTypeEnum_1.DataOwnerTypeEnum.Hcp, false);
|
|
120
|
-
}));
|
|
121
|
-
});
|
|
122
|
-
//# sourceMappingURL=autofix-anonymity-test.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"autofix-anonymity-test.js","sourceRoot":"","sources":["../../../test/icc-x-api/autofix-anonymity-test.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,iCAA8B;AAC9B,oDAAsH;AACtH,mDAAgF;AAChF,6EAAyE;AACzE,+CAAmG;AACnG,+BAA6B;AAG7B,sDAA0D;AAC1D,mCAAkC;AAElC,4BAAyB;AAEzB,IAAA,4BAAe,EAAC,KAAK,CAAC,CAAA;AAEtB,IAAI,GAAa,CAAA;AAEjB,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,IAAA,cAAM,EAAC;;YACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;YACpB,MAAM,WAAW,GAAG,MAAM,IAAA,sCAAyB,GAAE,CAAA;YACrD,GAAG,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAA,uBAAe,GAAE,CAAC,CAAA;QACpD,CAAC;KAAA,CAAC,CAAA;IAEF,SAAe,OAAO,CAAC,aAAgC,EAAE,WAAoB;;YAC3E,MAAM,YAAY,GAAqB;gBACrC,oCAAoC,CAAC,SAAkC;oBACrE,IAAI,WAAW;wBAAE,OAAO,SAAS,CAAC,IAAI,IAAI,aAAa,CAAA;;wBAClD,OAAO,KAAK,CAAA;gBACnB,CAAC;gBACD,0BAA0B,CAAC,IAAuB,EAAE,gBAAkC;oBACpF,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;gBACtE,CAAC;gBACD,iCAAiC,CAC/B,QAIG,EACH,gBAAkC;oBAIlC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;gBACtE,CAAC;gBACD,wBAAwB,CAAC,QAAiC,EAAE,UAAoB,EAAE,gBAAkC;oBAClH,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;gBACpC,CAAC;aACF,CAAA;YACD,IAAI,WAAwB,CAAA;YAC5B,IAAI,aAAa,IAAI,qCAAiB,CAAC,OAAO,EAAE,CAAC;gBAC/C,WAAW,GAAG,CAAC,MAAM,IAAA,gCAAmB,EAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAA;YAC5D,CAAC;iBAAM,IAAI,aAAa,IAAI,qCAAiB,CAAC,GAAG,EAAE,CAAC;gBAClD,WAAW,GAAG,CAAC,MAAM,IAAA,4BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAA;YACxD,CAAC;;gBAAM,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;YACrD,MAAM,OAAO,GAAG,MAAM,IAAA,iCAAmB,EAAC;gBACxC;oBACE,WAAW,EAAE,WAAW,CAAC,WAAW;oBACpC,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,WAAW,CAAC,SAAS,EAAE,UAAU,EAAE,WAAW,CAAC,UAAU,EAAE,EAAE,UAAU,EAAE,sBAAU,CAAC,IAAI,EAAE,CAAC;iBAC5H;aACF,CAAC,CAAA;YACF,MAAM,GAAG,GAAG,MAAM,oBAAQ,CAAC,UAAU,CACnC,GAAG,CAAC,QAAQ,EACZ,EAAE,QAAQ,EAAE,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,QAAQ,EAAE,EAC9D,YAAY,EACZ,kBAAgB,EAChB,KAAK,EACL;gBACE,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,gBAAgB,EAAE,OAAO,CAAC,UAAU;gBACpC,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CACF,CAAA;YACD,IAAA,aAAM,EAAC,CAAC,MAAM,GAAG,CAAC,YAAY,CAAC,uBAAuB,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,aAAa,CAAC,CAAA;YACpF,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAED,SAAe,MAAM,CAAC,aAAgC,EAAE,WAAoB;;YAC1E,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;YACrD,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;YAC/C,MAAM,sBAAsB,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,qBAAqB,CACvE,IAAI,EACJ,MAAM,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAC1E,CAAA;YACD,MAAM,gBAAgB,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;YAC1H,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBACtD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBAC3D,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBAChD,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;YACvD,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;gBACtD,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC9C,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,YAAY,iCAAM,gBAAgB,KAAE,IAAI,EAAE,YAAY,IAAG,CAAA;YAC9F,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBACtD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBAC3D,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;gBAChD,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,CAAA;YACvD,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBACpD,IAAA,aAAM,EAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;gBACtD,IAAA,aAAM,EAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC9C,IAAA,aAAM,EAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAA;YAClD,CAAC;QACH,CAAC;KAAA;IAED,EAAE,CAAC,gIAAgI,EAAE,GAAS,EAAE;QAC9I,MAAM,MAAM,CAAC,qCAAiB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAC/C,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,4IAA4I,EAAE,GAAS,EAAE;QAC1J,MAAM,MAAM,CAAC,qCAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAChD,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,4HAA4H,EAAE,GAAS,EAAE;QAC1I,MAAM,MAAM,CAAC,qCAAiB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;IAC3C,CAAC,CAAA,CAAC,CAAA;IAEF,EAAE,CAAC,wIAAwI,EAAE,GAAS,EAAE;QACtJ,MAAM,MAAM,CAAC,qCAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;IAC5C,CAAC,CAAA,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA","sourcesContent":["import { before } from 'mocha'\nimport { createNewHcpApi, createNewPatientApi, getEnvironmentInitializer, setLocalStorage } from '../utils/test_utils'\nimport { getEnvVariables, TestVars, UserDetails } from '@icure/test-setup/types'\nimport { DataOwnerTypeEnum } from '../../icc-api/model/DataOwnerTypeEnum'\nimport { CryptoPrimitives, CryptoStrategies, IcureApi, KeyPair, ShaVersion } from '../../icc-x-api'\nimport { expect } from 'chai'\nimport { CryptoActorStubWithType } from '../../icc-api/model/CryptoActorStub'\nimport { DataOwnerWithType } from '../../icc-api/model/DataOwnerWithType'\nimport { testStorageWithKeys } from '../utils/TestStorage'\nimport { webcrypto } from 'crypto'\n\nimport 'isomorphic-fetch'\n\nsetLocalStorage(fetch)\n\nlet env: TestVars\n\ndescribe('Autofix anonymity tests', () => {\n before(async function () {\n this.timeout(600000)\n const initializer = await getEnvironmentInitializer()\n env = await initializer.execute(getEnvVariables())\n })\n\n async function initApi(dataOwnerType: DataOwnerTypeEnum, isAnonymous: boolean): Promise<IcureApi> {\n const cryptoStrats: CryptoStrategies = {\n dataOwnerRequiresAnonymousDelegation(dataOwner: CryptoActorStubWithType): boolean {\n if (isAnonymous) return dataOwner.type == dataOwnerType\n else return false\n },\n generateNewKeyForDataOwner(self: DataOwnerWithType, cryptoPrimitives: CryptoPrimitives): Promise<KeyPair<CryptoKey> | boolean> {\n throw new Error('This method should not be necessary for this test')\n },\n recoverAndVerifySelfHierarchyKeys(\n keysData: {\n dataOwner: DataOwnerWithType\n unknownKeys: string[]\n unavailableKeys: string[]\n }[],\n cryptoPrimitives: CryptoPrimitives\n ): Promise<{\n [p: string]: { recoveredKeys: { [p: string]: KeyPair<CryptoKey> }; keyAuthenticity: { [p: string]: boolean } }\n }> {\n throw new Error('This method should not be necessary for this test')\n },\n verifyDelegatePublicKeys(delegate: CryptoActorStubWithType, publicKeys: string[], cryptoPrimitives: CryptoPrimitives): Promise<string[]> {\n return Promise.resolve(publicKeys)\n },\n }\n let userDetails: UserDetails\n if (dataOwnerType == DataOwnerTypeEnum.Patient) {\n userDetails = (await createNewPatientApi(env)).credentials\n } else if (dataOwnerType == DataOwnerTypeEnum.Hcp) {\n userDetails = (await createNewHcpApi(env)).credentials\n } else throw new Error('Unsupported data owner type')\n const storage = await testStorageWithKeys([\n {\n dataOwnerId: userDetails.dataOwnerId,\n pairs: [{ keyPair: { publicKey: userDetails.publicKey, privateKey: userDetails.privateKey }, shaVersion: ShaVersion.Sha1 }],\n },\n ])\n const api = await IcureApi.initialise(\n env.iCureUrl,\n { username: userDetails.user, password: userDetails.password },\n cryptoStrats,\n webcrypto as any,\n fetch,\n {\n keyStorage: storage.keyStorage,\n entryKeysFactory: storage.keyFactory,\n storage: storage.storage,\n }\n )\n expect((await api.dataOwnerApi.getCurrentDataOwnerStub()).type).to.eq(dataOwnerType)\n return api\n }\n\n async function doTest(dataOwnerType: DataOwnerTypeEnum, isAnonymous: boolean) {\n const api = await initApi(dataOwnerType, isAnonymous)\n const user = await api.userApi.getCurrentUser()\n const createdWithNewInstance = await api.patientApi.createPatientWithUser(\n user,\n await api.patientApi.newInstance(user, { firstName: 'q', lastName: 'q' })\n )\n const createdByBackend = await api.agendaApi.createAgenda({ id: api.cryptoApi.primitives.randomUuid(), name: 'whatever' })\n if (isAnonymous) {\n expect(createdWithNewInstance.author).to.eq(undefined)\n expect(createdWithNewInstance.responsible).to.eq(undefined)\n expect(createdByBackend.author).to.eq(undefined)\n expect(createdByBackend.responsible).to.eq(undefined)\n } else {\n const doId = api.dataOwnerApi.getDataOwnerIdOf(user)\n expect(createdWithNewInstance.author).to.eq(user.id)\n expect(createdWithNewInstance.responsible).to.eq(doId)\n expect(createdByBackend.author).to.eq(user.id)\n expect(createdByBackend.responsible).to.eq(doId)\n }\n const modified = await api.agendaApi.modifyAgenda({ ...createdByBackend, name: 'whatever 2' })\n if (isAnonymous) {\n expect(createdWithNewInstance.author).to.eq(undefined)\n expect(createdWithNewInstance.responsible).to.eq(undefined)\n expect(createdByBackend.author).to.eq(undefined)\n expect(createdByBackend.responsible).to.eq(undefined)\n } else {\n const doId = api.dataOwnerApi.getDataOwnerIdOf(user)\n expect(createdWithNewInstance.author).to.eq(user.id)\n expect(createdWithNewInstance.responsible).to.eq(doId)\n expect(createdByBackend.author).to.eq(user.id)\n expect(createdByBackend.responsible).to.eq(doId)\n }\n }\n\n it('Entity created by a patient should omit author and responsible if crypto strategies require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Patient, true)\n })\n\n it('Entity created by a patient should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Patient, false)\n })\n\n it('Entity created by a HCP should omit author and responsible if crypto strategies require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Hcp, true)\n })\n\n it('Entity created by a HCP should autofix author and responsible if crypto strategies does not require anonymous delegations for the user', async () => {\n await doTest(DataOwnerTypeEnum.Hcp, false)\n })\n})\n"]}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import 'isomorphic-fetch';
|
|
@@ -1,168 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
const test_utils_1 = require("../utils/test_utils");
|
|
13
|
-
const types_1 = require("@icure/test-setup/types");
|
|
14
|
-
const chai_1 = require("chai");
|
|
15
|
-
require("isomorphic-fetch");
|
|
16
|
-
const icc_x_api_1 = require("../../icc-x-api");
|
|
17
|
-
const SecretIdUseOption_1 = require("../../icc-x-api/crypto/SecretIdUseOption");
|
|
18
|
-
var UseAnyConfidential = SecretIdUseOption_1.SecretIdUseOption.UseAnyConfidential;
|
|
19
|
-
var UseAnySharedWithParent = SecretIdUseOption_1.SecretIdUseOption.UseAnySharedWithParent;
|
|
20
|
-
const crypto_1 = require("crypto");
|
|
21
|
-
var UseAllConfidential = SecretIdUseOption_1.SecretIdUseOption.UseAllConfidential;
|
|
22
|
-
var UseAllSharedWithParent = SecretIdUseOption_1.SecretIdUseOption.UseAllSharedWithParent;
|
|
23
|
-
var UseNone = SecretIdUseOption_1.SecretIdUseOption.UseNone;
|
|
24
|
-
(0, test_utils_1.setLocalStorage)(fetch);
|
|
25
|
-
var env;
|
|
26
|
-
describe('test confidential helement', () => {
|
|
27
|
-
before(function () {
|
|
28
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
29
|
-
this.timeout(600000);
|
|
30
|
-
const initializer = yield (0, test_utils_1.getEnvironmentInitializer)();
|
|
31
|
-
env = yield initializer.execute((0, types_1.getEnvVariables)());
|
|
32
|
-
});
|
|
33
|
-
});
|
|
34
|
-
it('confidential entity should be accessible only to user, non confidential should be accessible also to parent', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
35
|
-
// Use only the top of the hierarchy for simplicity of the test
|
|
36
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env);
|
|
37
|
-
const pat = yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' });
|
|
38
|
-
const modifiedPatient = (yield childApi.patientApi.initConfidentialSecretId(pat, childUser));
|
|
39
|
-
const patientSecretIdsForParent = yield parentApi.patientApi.decryptSecretIdsOf(modifiedPatient);
|
|
40
|
-
const patientSecretIdsForChild = yield childApi.patientApi.decryptSecretIdsOf(modifiedPatient);
|
|
41
|
-
(0, chai_1.expect)(patientSecretIdsForParent).to.have.length(1);
|
|
42
|
-
(0, chai_1.expect)(patientSecretIdsForChild).to.have.length(2);
|
|
43
|
-
(0, chai_1.expect)(patientSecretIdsForChild).to.contain(patientSecretIdsForParent[0]);
|
|
44
|
-
(0, chai_1.expect)(patientSecretIdsForChild[0]).to.not.eq(patientSecretIdsForChild[1]);
|
|
45
|
-
const confidentialHe = yield childApi.healthcareElementApi.createHealthElementWithUser(childUser, yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Confidential info' }, { sfkOption: UseAnyConfidential, ignoreAutoDelegations: true }));
|
|
46
|
-
(0, chai_1.expect)(confidentialHe.descr).to.eq('Confidential info');
|
|
47
|
-
const nonConfidentialHe = yield childApi.healthcareElementApi.createHealthElementWithUser(childUser, yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Non confidential info' }, { sfkOption: UseAnySharedWithParent }));
|
|
48
|
-
(0, chai_1.expect)(nonConfidentialHe.descr).to.eq('Non confidential info');
|
|
49
|
-
const retrievedHesAsUser = yield childApi.healthcareElementApi.findBy(childUser.healthcarePartyId, modifiedPatient);
|
|
50
|
-
(0, chai_1.expect)(retrievedHesAsUser.length).to.equal(2, 'Child should see confidential and non-confidential data created by him');
|
|
51
|
-
(0, chai_1.expect)(retrievedHesAsUser.map((he) => he.id)).to.have.members([confidentialHe.id, nonConfidentialHe.id]);
|
|
52
|
-
const retrievedConfidential = retrievedHesAsUser.find((he) => he.id === confidentialHe.id);
|
|
53
|
-
const retrievedNonConfidential = retrievedHesAsUser.find((he) => he.id === nonConfidentialHe.id);
|
|
54
|
-
(0, chai_1.expect)(retrievedConfidential).to.deep.eq(confidentialHe);
|
|
55
|
-
(0, chai_1.expect)(retrievedNonConfidential).to.deep.eq(nonConfidentialHe);
|
|
56
|
-
const retrievedHesAsParent = yield parentApi.healthcareElementApi.findBy(parentUser.healthcarePartyId, modifiedPatient);
|
|
57
|
-
(0, chai_1.expect)(retrievedHesAsParent.length).to.equal(1, 'Parent should not see confidential data, but only non-confidential data created by child');
|
|
58
|
-
(0, chai_1.expect)(retrievedHesAsParent[0]).to.deep.eq(nonConfidentialHe);
|
|
59
|
-
let failedToRetrieve = false;
|
|
60
|
-
try {
|
|
61
|
-
yield parentApi.healthcareElementApi.getHealthElementWithUser(parentUser, confidentialHe.id);
|
|
62
|
-
}
|
|
63
|
-
catch (e) {
|
|
64
|
-
console.log(e);
|
|
65
|
-
failedToRetrieve = true;
|
|
66
|
-
}
|
|
67
|
-
if (!(0, test_utils_1.isLiteTest)()) {
|
|
68
|
-
(0, chai_1.expect)(failedToRetrieve).to.equal(true, 'Parent should fail to retrieve confidential data');
|
|
69
|
-
}
|
|
70
|
-
// Even if in some way I could get the contact I should not be able to decrypt it
|
|
71
|
-
(0, chai_1.expect)(yield parentApi.cryptoApi.xapi.encryptionKeysOf({ entity: confidentialHe, type: icc_x_api_1.EntityWithDelegationTypeName.HealthElement }, undefined)).to.have.length(0);
|
|
72
|
-
}));
|
|
73
|
-
it('creation of confidential data should fail if no confidential secret id is available for patient', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
74
|
-
// Use only the top of the hierarchy for simplicity of the test
|
|
75
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env);
|
|
76
|
-
const pat = yield childApi.patientApi.createPatientWithUser(childUser, yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' }));
|
|
77
|
-
let failed = false;
|
|
78
|
-
try {
|
|
79
|
-
yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: UseAnyConfidential, ignoreAutoDelegations: true });
|
|
80
|
-
}
|
|
81
|
-
catch (_a) {
|
|
82
|
-
failed = true;
|
|
83
|
-
}
|
|
84
|
-
(0, chai_1.expect)(failed).to.equal(true, 'Creation of confidential data should fail if no confidential secret id is available for patient');
|
|
85
|
-
}));
|
|
86
|
-
it('creation of non-confidential data should fail if no secret id is available for parent', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
87
|
-
// Use only the top of the hierarchy for simplicity of the test
|
|
88
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env, false);
|
|
89
|
-
const pat = yield childApi.patientApi.createPatientWithUser(childUser, yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' }));
|
|
90
|
-
let failed = false;
|
|
91
|
-
try {
|
|
92
|
-
yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: UseAnySharedWithParent });
|
|
93
|
-
}
|
|
94
|
-
catch (_a) {
|
|
95
|
-
failed = true;
|
|
96
|
-
}
|
|
97
|
-
(0, chai_1.expect)(failed).to.equal(true, 'Creation of confidential data should fail if no non-confidential secret id is available for patient');
|
|
98
|
-
}));
|
|
99
|
-
it('confidential or non-confidential is irrelevant if api is initialised without parent key initialisation: data created by user is only accessible to him', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
100
|
-
// Use only the top of the hierarchy for simplicity of the test
|
|
101
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env, false, true);
|
|
102
|
-
const pat = yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' });
|
|
103
|
-
const confidentialHe = yield childApi.healthcareElementApi.createHealthElementWithUser(childUser, yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: UseAnyConfidential, ignoreAutoDelegations: true }));
|
|
104
|
-
(0, chai_1.expect)(confidentialHe.descr).to.eq('Confidential info');
|
|
105
|
-
const nonConfidentialHe = yield childApi.healthcareElementApi.createHealthElementWithUser(childUser, yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Non confidential info' }, { sfkOption: UseAnySharedWithParent }));
|
|
106
|
-
(0, chai_1.expect)(nonConfidentialHe.descr).to.eq('Non confidential info');
|
|
107
|
-
const retrievedHesAsUser = yield childApi.healthcareElementApi.findBy(childUser.healthcarePartyId, pat);
|
|
108
|
-
(0, chai_1.expect)(retrievedHesAsUser.length).to.equal(2, 'Child should see confidential and non-confidential data created by him');
|
|
109
|
-
(0, chai_1.expect)(retrievedHesAsUser.map((he) => he.id)).to.have.members([confidentialHe.id, nonConfidentialHe.id]);
|
|
110
|
-
const retrievedConfidential = retrievedHesAsUser.find((he) => he.id === confidentialHe.id);
|
|
111
|
-
const retrievedNonConfidential = retrievedHesAsUser.find((he) => he.id === nonConfidentialHe.id);
|
|
112
|
-
(0, chai_1.expect)(retrievedConfidential).to.deep.eq(confidentialHe);
|
|
113
|
-
(0, chai_1.expect)(retrievedNonConfidential).to.deep.eq(nonConfidentialHe);
|
|
114
|
-
yield parentApi.patientApi.decryptSecretIdsOf(pat);
|
|
115
|
-
}));
|
|
116
|
-
it('sfk confidential option should use one or all secret ids as requested', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
117
|
-
// Use only the top of the hierarchy for simplicity of the test
|
|
118
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env);
|
|
119
|
-
const pat = yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' });
|
|
120
|
-
let modifiedPatient = (yield childApi.patientApi.initConfidentialSecretId(pat, childUser));
|
|
121
|
-
modifiedPatient = yield childApi.patientApi.shareWith(childUser.healthcarePartyId, modifiedPatient, [(0, crypto_1.randomUUID)()]);
|
|
122
|
-
modifiedPatient = yield childApi.patientApi.shareWith(parentUser.healthcarePartyId, modifiedPatient, [(0, crypto_1.randomUUID)()]);
|
|
123
|
-
const patientSecretIdsForParent = yield parentApi.patientApi.decryptSecretIdsOf(modifiedPatient);
|
|
124
|
-
const patientSecretIdsForChild = yield childApi.patientApi.decryptSecretIdsOf(modifiedPatient);
|
|
125
|
-
(0, chai_1.expect)(patientSecretIdsForParent).to.have.length(2);
|
|
126
|
-
(0, chai_1.expect)(patientSecretIdsForChild).to.have.length(4);
|
|
127
|
-
const confidentialSecretIds = patientSecretIdsForChild.filter((x) => !patientSecretIdsForParent.includes(x));
|
|
128
|
-
const nonConfidentialSecretIds = patientSecretIdsForParent;
|
|
129
|
-
(0, chai_1.expect)(confidentialSecretIds).to.have.length(2);
|
|
130
|
-
(0, chai_1.expect)(yield childApi.patientApi.decryptConfidentialSecretIdsOf(modifiedPatient)).to.have.members(confidentialSecretIds);
|
|
131
|
-
(0, chai_1.expect)(yield childApi.patientApi.decryptNonConfidentialSecretIdsOf(modifiedPatient)).to.have.members(nonConfidentialSecretIds);
|
|
132
|
-
const anyConfidentialHe = yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Confidential info' }, { sfkOption: UseAnyConfidential, ignoreAutoDelegations: true });
|
|
133
|
-
(0, chai_1.expect)(anyConfidentialHe.secretForeignKeys).to.have.length(1);
|
|
134
|
-
(0, chai_1.expect)(confidentialSecretIds).to.include(anyConfidentialHe.secretForeignKeys[0]);
|
|
135
|
-
const allConfidentialHe = yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Confidential info' }, { sfkOption: UseAllConfidential, ignoreAutoDelegations: true });
|
|
136
|
-
(0, chai_1.expect)(allConfidentialHe.secretForeignKeys).to.have.members(confidentialSecretIds);
|
|
137
|
-
const anyNonConfidentialHe = yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Confidential info' }, { sfkOption: UseAnySharedWithParent });
|
|
138
|
-
(0, chai_1.expect)(anyNonConfidentialHe.secretForeignKeys).to.have.length(1);
|
|
139
|
-
(0, chai_1.expect)(nonConfidentialSecretIds).to.include(anyNonConfidentialHe.secretForeignKeys[0]);
|
|
140
|
-
const allNonConfidentialHe = yield childApi.healthcareElementApi.newInstance(childUser, modifiedPatient, { descr: 'Confidential info' }, { sfkOption: UseAllSharedWithParent });
|
|
141
|
-
(0, chai_1.expect)(allNonConfidentialHe.secretForeignKeys).to.have.members(nonConfidentialSecretIds);
|
|
142
|
-
}));
|
|
143
|
-
it('Should allow creation of half-links by using no sfk', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
144
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env);
|
|
145
|
-
const pat = yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' });
|
|
146
|
-
const halfLinkedHe = yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: UseNone, ignoreAutoDelegations: true });
|
|
147
|
-
(0, chai_1.expect)(halfLinkedHe.secretForeignKeys).to.have.length(0);
|
|
148
|
-
const decryptedPatientId = yield childApi.healthcareElementApi.decryptPatientIdOf(halfLinkedHe);
|
|
149
|
-
(0, chai_1.expect)(decryptedPatientId).to.have.length(1);
|
|
150
|
-
(0, chai_1.expect)(decryptedPatientId[0]).to.equal(pat.id);
|
|
151
|
-
}));
|
|
152
|
-
it('Should allow creation of links using the provided sfks', () => __awaiter(void 0, void 0, void 0, function* () {
|
|
153
|
-
const { parentApi: childApi, parentUser: childUser, grandApi: parentApi, grandUser: parentUser } = yield (0, test_utils_1.createHcpHierarchyApis)(env);
|
|
154
|
-
const pat = yield childApi.patientApi.newInstance(childUser, { firstName: 'John', lastName: 'Doe' });
|
|
155
|
-
const modifiedPatient = (yield childApi.patientApi.initConfidentialSecretId(pat, childUser));
|
|
156
|
-
const secretIds = yield childApi.patientApi.decryptSecretIdsOf(modifiedPatient);
|
|
157
|
-
(0, chai_1.expect)(secretIds).to.have.length(2);
|
|
158
|
-
const halfLinkedHe = yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: new SecretIdUseOption_1.SecretIdUseOption.Use([]), ignoreAutoDelegations: true });
|
|
159
|
-
(0, chai_1.expect)(halfLinkedHe.secretForeignKeys).to.have.length(0);
|
|
160
|
-
const linkedHeSfk0 = yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: new SecretIdUseOption_1.SecretIdUseOption.Use([secretIds[0]]), ignoreAutoDelegations: true });
|
|
161
|
-
(0, chai_1.expect)(linkedHeSfk0.secretForeignKeys).to.have.members([secretIds[0]]);
|
|
162
|
-
const linkedHeSfk1 = yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: new SecretIdUseOption_1.SecretIdUseOption.Use([secretIds[1]]), ignoreAutoDelegations: true });
|
|
163
|
-
(0, chai_1.expect)(linkedHeSfk1.secretForeignKeys).to.have.members([secretIds[1]]);
|
|
164
|
-
const linkedHeSfkBoth = yield childApi.healthcareElementApi.newInstance(childUser, pat, { descr: 'Confidential info' }, { sfkOption: new SecretIdUseOption_1.SecretIdUseOption.Use(secretIds), ignoreAutoDelegations: true });
|
|
165
|
-
(0, chai_1.expect)(linkedHeSfkBoth.secretForeignKeys).to.have.members(secretIds);
|
|
166
|
-
}));
|
|
167
|
-
});
|
|
168
|
-
//# sourceMappingURL=confidential-entities-test.js.map
|