@icure/api 8.6.4 → 8.6.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/icc-api/api/IccFormApi.d.ts +81 -0
  2. package/icc-api/api/IccFormApi.js +213 -0
  3. package/icc-api/api/IccFormApi.js.map +1 -1
  4. package/icc-x-api/icc-accesslog-x-api.d.ts +93 -0
  5. package/icc-x-api/icc-accesslog-x-api.js +93 -0
  6. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  7. package/icc-x-api/icc-calendar-item-x-api.d.ts +122 -0
  8. package/icc-x-api/icc-calendar-item-x-api.js +122 -0
  9. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  10. package/icc-x-api/icc-classification-x-api.d.ts +20 -0
  11. package/icc-x-api/icc-classification-x-api.js +20 -0
  12. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  13. package/icc-x-api/icc-code-x-api.d.ts +23 -0
  14. package/icc-x-api/icc-code-x-api.js +23 -0
  15. package/icc-x-api/icc-code-x-api.js.map +1 -1
  16. package/icc-x-api/icc-contact-x-api.d.ts +219 -1
  17. package/icc-x-api/icc-contact-x-api.js +219 -2
  18. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  19. package/icc-x-api/icc-data-owner-x-api.d.ts +14 -3
  20. package/icc-x-api/icc-data-owner-x-api.js +14 -3
  21. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  22. package/icc-x-api/icc-device-x-api.d.ts +8 -0
  23. package/icc-x-api/icc-device-x-api.js +8 -0
  24. package/icc-x-api/icc-device-x-api.js.map +1 -1
  25. package/icc-x-api/icc-doctemplate-x-api.d.ts +26 -0
  26. package/icc-x-api/icc-doctemplate-x-api.js +26 -0
  27. package/icc-x-api/icc-doctemplate-x-api.js.map +1 -1
  28. package/icc-x-api/icc-document-x-api.d.ts +114 -1
  29. package/icc-x-api/icc-document-x-api.js +127 -1
  30. package/icc-x-api/icc-document-x-api.js.map +1 -1
  31. package/icc-x-api/icc-form-x-api.d.ts +34 -4
  32. package/icc-x-api/icc-form-x-api.js +34 -4
  33. package/icc-x-api/icc-form-x-api.js.map +1 -1
  34. package/icc-x-api/icc-hcparty-x-api.d.ts +67 -0
  35. package/icc-x-api/icc-hcparty-x-api.js +67 -0
  36. package/icc-x-api/icc-hcparty-x-api.js.map +1 -1
  37. package/icc-x-api/icc-helement-x-api.d.ts +141 -0
  38. package/icc-x-api/icc-helement-x-api.js +141 -0
  39. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  40. package/icc-x-api/icc-invoice-x-api.d.ts +54 -0
  41. package/icc-x-api/icc-invoice-x-api.js +54 -0
  42. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  43. package/icc-x-api/icc-message-x-api.d.ts +162 -0
  44. package/icc-x-api/icc-message-x-api.js +162 -0
  45. package/icc-x-api/icc-message-x-api.js.map +1 -1
  46. package/icc-x-api/icc-patient-x-api.d.ts +245 -0
  47. package/icc-x-api/icc-patient-x-api.js +245 -1
  48. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  49. package/icc-x-api/icc-receipt-x-api.d.ts +25 -0
  50. package/icc-x-api/icc-receipt-x-api.js +25 -0
  51. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  52. package/icc-x-api/icc-user-x-api.d.ts +25 -0
  53. package/icc-x-api/icc-user-x-api.js +25 -0
  54. package/icc-x-api/icc-user-x-api.js.map +1 -1
  55. package/package.json +1 -1
  56. package/test/icc-x-api/icc-form-x-api.js +265 -1
  57. package/test/icc-x-api/icc-form-x-api.js.map +1 -1
  58. package/test/utils/roles.js +5 -0
  59. package/test/utils/roles.js.map +1 -1
  60. package/test/utils/test_utils.js +1 -21
  61. package/test/utils/test_utils.js.map +1 -1
@@ -98,21 +98,98 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
98
98
  * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead
99
99
  */
100
100
  findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any>;
101
+ /**
102
+ * Decrypts a list of access logs using the current data owner's keys.
103
+ * @param hcpId the id of the healthcare party performing the decryption.
104
+ * @param accessLogs the access logs to decrypt.
105
+ * @return the decrypted access logs.
106
+ */
101
107
  decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>>;
108
+ /**
109
+ * Encrypts the encrypted fields of a list of access logs.
110
+ * @param user the current user, used to determine the data owner for encryption.
111
+ * @param accessLogs the access logs to encrypt.
112
+ * @return the encrypted access logs.
113
+ */
102
114
  encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>>;
103
115
  private encryptAs;
116
+ /**
117
+ * @throws always. Use {@link createAccessLogWithUser} instead.
118
+ */
104
119
  createAccessLog(body?: models.AccessLog): never;
120
+ /**
121
+ * Creates an access log after encrypting its content.
122
+ * @param user the current user, used for encryption.
123
+ * @param body the access log to create.
124
+ * @return the created and decrypted access log.
125
+ */
105
126
  createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any>;
127
+ /**
128
+ * @throws always. Use {@link getAccessLogWithUser} instead.
129
+ */
106
130
  getAccessLog(accessLogId: string): never;
131
+ /**
132
+ * Retrieves an access log by id and decrypts it.
133
+ * @param user the current user, used for decryption.
134
+ * @param accessLogId the id of the access log to retrieve.
135
+ * @return the decrypted access log.
136
+ */
107
137
  getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any>;
138
+ /**
139
+ * @throws always. Use {@link getAccessLogsWithUser} instead.
140
+ */
108
141
  getAccessLogs(ids: ListOfIds): Promise<AccessLog[]>;
142
+ /**
143
+ * Retrieves multiple access logs by their ids and decrypts them.
144
+ * @param user the current user, used for decryption.
145
+ * @param ids the list of access log ids to retrieve.
146
+ * @return the decrypted access logs.
147
+ */
109
148
  getAccessLogsWithUser(user: models.User, ids: ListOfIds): Promise<AccessLog[]>;
149
+ /**
150
+ * @throws always. Use {@link listAccessLogsWithUser} instead.
151
+ */
110
152
  listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never;
153
+ /**
154
+ * Lists access logs within a date range and decrypts them.
155
+ * @param user the current user, used for decryption.
156
+ * @param fromEpoch the start of the date range (epoch in ms).
157
+ * @param toEpoch the end of the date range (epoch in ms).
158
+ * @param startKey the pagination start key.
159
+ * @param startDocumentId the pagination start document id.
160
+ * @param limit the maximum number of results to return.
161
+ * @param descending if true, results are returned in descending order.
162
+ * @return a paginated list of decrypted access logs.
163
+ */
111
164
  listAccessLogsWithUser(user: models.User, fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number, descending?: boolean): Promise<PaginatedListAccessLog>;
165
+ /**
166
+ * @throws always. Use {@link modifyAccessLogWithUser} instead.
167
+ */
112
168
  modifyAccessLog(body?: models.AccessLog): never;
169
+ /**
170
+ * Modifies an access log after encrypting its content.
171
+ * @param user the current user, used for encryption/decryption.
172
+ * @param body the access log with updated fields.
173
+ * @return the modified and decrypted access log, or null if body was not provided.
174
+ */
113
175
  modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null>;
114
176
  private modifyAs;
177
+ /**
178
+ * @throws always. Use {@link findByUserAfterDateWithUser} instead.
179
+ */
115
180
  findByUserAfterDate(userId: string, accessType?: string, startDate?: number, startKey?: string, startDocumentId?: string, limit?: number, descending?: boolean): never;
181
+ /**
182
+ * Finds access logs by user id after a given date and decrypts them.
183
+ * @param user the current user, used for decryption.
184
+ * @param userId the id of the user whose access logs to find.
185
+ * @param accessType optional access type filter.
186
+ * @param startDate optional start date filter (epoch in ms).
187
+ * @param startKey the pagination start key.
188
+ * @param startDocumentId the pagination start document id.
189
+ * @param limit the maximum number of results to return.
190
+ * @param descending if true, results are returned in descending order.
191
+ * @return a paginated list of decrypted access logs.
192
+ */
116
193
  findByUserAfterDateWithUser(user: models.User, userId: string, accessType?: string, startDate?: number, startKey?: string, startDocumentId?: string, limit?: number, descending?: boolean): Promise<models.AccessLog | any>;
117
194
  /**
118
195
  * @param accessLog an access log
@@ -190,12 +267,28 @@ export declare class IccAccesslogXApi extends IccAccesslogApi implements Encrypt
190
267
  sharePatientId?: ShareMetadataBehaviour;
191
268
  };
192
269
  }): Promise<ShareResult<AccessLog>>;
270
+ /**
271
+ * Retrieves the data owners that have access to the given access log, along with their access levels.
272
+ * @param entity the access log.
273
+ * @return an object containing a map of data owner ids to their access levels, and a flag indicating if there are unknown anonymous data owners.
274
+ */
193
275
  getDataOwnersWithAccessTo(entity: AccessLog): Promise<{
194
276
  permissionsByDataOwnerId: {
195
277
  [p: string]: AccessLevelEnum;
196
278
  };
197
279
  hasUnknownAnonymousDataOwners: boolean;
198
280
  }>;
281
+ /**
282
+ * Retrieves the encryption keys of the given access log.
283
+ * @param entity the access log.
284
+ * @return the encryption key ids.
285
+ */
199
286
  getEncryptionKeysOf(entity: AccessLog): Promise<string[]>;
287
+ /**
288
+ * Creates or updates de-anonymization metadata for the given access log, allowing the specified delegates to
289
+ * identify the data owners that have access to it.
290
+ * @param entity the access log.
291
+ * @param delegates the data owner ids for which to create de-anonymization metadata.
292
+ */
200
293
  createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void>;
201
294
  }
@@ -155,11 +155,23 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
155
155
  findByHCPartyPatientSecretFKeysArray(hcPartyId, secretFKeys) {
156
156
  return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs));
157
157
  }
158
+ /**
159
+ * Decrypts a list of access logs using the current data owner's keys.
160
+ * @param hcpId the id of the healthcare party performing the decryption.
161
+ * @param accessLogs the access logs to decrypt.
162
+ * @return the decrypted access logs.
163
+ */
158
164
  decrypt(hcpId, accessLogs) {
159
165
  return __awaiter(this, void 0, void 0, function* () {
160
166
  return (yield this.crypto.xapi.tryDecryptEntities(accessLogs, utils_1.EntityWithDelegationTypeName.AccessLog, (json) => new models_1.AccessLog(json))).map(({ entity }) => entity);
161
167
  });
162
168
  }
169
+ /**
170
+ * Encrypts the encrypted fields of a list of access logs.
171
+ * @param user the current user, used to determine the data owner for encryption.
172
+ * @param accessLogs the access logs to encrypt.
173
+ * @return the encrypted access logs.
174
+ */
163
175
  encrypt(user, accessLogs) {
164
176
  const owner = this.dataOwnerApi.getDataOwnerIdOf(user);
165
177
  return this.encryptAs(owner, accessLogs);
@@ -169,9 +181,18 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
169
181
  return this.crypto.xapi.tryEncryptEntities(accessLogs, utils_1.EntityWithDelegationTypeName.AccessLog, this.encryptedFields, false, false, (json) => new models_1.AccessLog(json));
170
182
  });
171
183
  }
184
+ /**
185
+ * @throws always. Use {@link createAccessLogWithUser} instead.
186
+ */
172
187
  createAccessLog(body) {
173
188
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
174
189
  }
190
+ /**
191
+ * Creates an access log after encrypting its content.
192
+ * @param user the current user, used for encryption.
193
+ * @param body the access log to create.
194
+ * @return the created and decrypted access log.
195
+ */
175
196
  createAccessLogWithUser(user, body) {
176
197
  return body
177
198
  ? this.encrypt(user, [_.cloneDeep(body)])
@@ -180,34 +201,75 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
180
201
  .then((als) => als[0])
181
202
  : Promise.resolve();
182
203
  }
204
+ /**
205
+ * @throws always. Use {@link getAccessLogWithUser} instead.
206
+ */
183
207
  getAccessLog(accessLogId) {
184
208
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
185
209
  }
210
+ /**
211
+ * Retrieves an access log by id and decrypts it.
212
+ * @param user the current user, used for decryption.
213
+ * @param accessLogId the id of the access log to retrieve.
214
+ * @return the decrypted access log.
215
+ */
186
216
  getAccessLogWithUser(user, accessLogId) {
187
217
  return super
188
218
  .getAccessLog(accessLogId)
189
219
  .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), [accessLog]))
190
220
  .then((als) => als[0]);
191
221
  }
222
+ /**
223
+ * @throws always. Use {@link getAccessLogsWithUser} instead.
224
+ */
192
225
  getAccessLogs(ids) {
193
226
  return __awaiter(this, void 0, void 0, function* () {
194
227
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
195
228
  });
196
229
  }
230
+ /**
231
+ * Retrieves multiple access logs by their ids and decrypts them.
232
+ * @param user the current user, used for decryption.
233
+ * @param ids the list of access log ids to retrieve.
234
+ * @return the decrypted access logs.
235
+ */
197
236
  getAccessLogsWithUser(user, ids) {
198
237
  return super.getAccessLogs(ids).then((accessLogs) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), accessLogs));
199
238
  }
239
+ /**
240
+ * @throws always. Use {@link listAccessLogsWithUser} instead.
241
+ */
200
242
  listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit) {
201
243
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
202
244
  }
245
+ /**
246
+ * Lists access logs within a date range and decrypts them.
247
+ * @param user the current user, used for decryption.
248
+ * @param fromEpoch the start of the date range (epoch in ms).
249
+ * @param toEpoch the end of the date range (epoch in ms).
250
+ * @param startKey the pagination start key.
251
+ * @param startDocumentId the pagination start document id.
252
+ * @param limit the maximum number of results to return.
253
+ * @param descending if true, results are returned in descending order.
254
+ * @return a paginated list of decrypted access logs.
255
+ */
203
256
  listAccessLogsWithUser(user, fromEpoch, toEpoch, startKey, startDocumentId, limit, descending) {
204
257
  return super
205
258
  .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)
206
259
  .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user), accessLog.rows).then((dr) => Object.assign(accessLog, { rows: dr })));
207
260
  }
261
+ /**
262
+ * @throws always. Use {@link modifyAccessLogWithUser} instead.
263
+ */
208
264
  modifyAccessLog(body) {
209
265
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
210
266
  }
267
+ /**
268
+ * Modifies an access log after encrypting its content.
269
+ * @param user the current user, used for encryption/decryption.
270
+ * @param body the access log with updated fields.
271
+ * @return the modified and decrypted access log, or null if body was not provided.
272
+ */
211
273
  modifyAccessLogWithUser(user, body) {
212
274
  return __awaiter(this, void 0, void 0, function* () {
213
275
  return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user), _.cloneDeep(body)) : null;
@@ -224,9 +286,24 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
224
286
  .then((als) => als[0]);
225
287
  });
226
288
  }
289
+ /**
290
+ * @throws always. Use {@link findByUserAfterDateWithUser} instead.
291
+ */
227
292
  findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending) {
228
293
  throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption');
229
294
  }
295
+ /**
296
+ * Finds access logs by user id after a given date and decrypts them.
297
+ * @param user the current user, used for decryption.
298
+ * @param userId the id of the user whose access logs to find.
299
+ * @param accessType optional access type filter.
300
+ * @param startDate optional start date filter (epoch in ms).
301
+ * @param startKey the pagination start key.
302
+ * @param startDocumentId the pagination start document id.
303
+ * @param limit the maximum number of results to return.
304
+ * @param descending if true, results are returned in descending order.
305
+ * @return a paginated list of decrypted access logs.
306
+ */
230
307
  findByUserAfterDateWithUser(user, userId, accessType, startDate, startKey, startDocumentId, limit, descending) {
231
308
  return super
232
309
  .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)
@@ -326,12 +403,28 @@ class IccAccesslogXApi extends icc_api_1.IccAccesslogApi {
326
403
  .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])));
327
404
  });
328
405
  }
406
+ /**
407
+ * Retrieves the data owners that have access to the given access log, along with their access levels.
408
+ * @param entity the access log.
409
+ * @return an object containing a map of data owner ids to their access levels, and a flag indicating if there are unknown anonymous data owners.
410
+ */
329
411
  getDataOwnersWithAccessTo(entity) {
330
412
  return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog });
331
413
  }
414
+ /**
415
+ * Retrieves the encryption keys of the given access log.
416
+ * @param entity the access log.
417
+ * @return the encryption key ids.
418
+ */
332
419
  getEncryptionKeysOf(entity) {
333
420
  return this.crypto.xapi.encryptionKeysOf({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog }, undefined);
334
421
  }
422
+ /**
423
+ * Creates or updates de-anonymization metadata for the given access log, allowing the specified delegates to
424
+ * identify the data owners that have access to it.
425
+ * @param entity the access log.
426
+ * @param delegates the data owner ids for which to create de-anonymization metadata.
427
+ */
335
428
  createDelegationDeAnonymizationMetadata(entity, delegates) {
336
429
  return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo({ entity, type: utils_1.EntityWithDelegationTypeName.AccessLog }, delegates);
337
430
  }
@@ -1 +1 @@
1
- {"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAAsF;AACtF,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AAKpE,mCAAqG;AAErG,kEAA8D;AAC9D,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAGzD,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAKI,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,oBAAoB;6DACxB,IAAiB,EACjB,CAAM,EACN,UAII,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,YAAY,GAC1C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IACG,MAAM;6DAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;OAGG;IACG,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC/G,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;OAEG;IACG,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED;;OAEG;IACH,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,OAAO,CAAC,KAAa,EAAE,UAAmC;;YAC9D,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CACvI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAED,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEa,SAAS,CAAC,SAAiB,EAAE,UAAmC;;YAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,UAAU,EACV,oCAA4B,CAAC,SAAS,EACtC,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAC9B,CAAA;QACH,CAAC;KAAA;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAEK,aAAa,CAAC,GAAc;;YAChC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED,qBAAqB,CAAC,IAAiB,EAAE,GAAc;QACrD,OAAO,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,UAAU,CAAC,CAAC,CAAA;IAC3H,CAAC;IAED,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAEK,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAC3H,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,SAAoB,EACpB,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,SAAoB,EACpB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAOC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA7dD,4CA6dC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, ListOfIds, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.AccessLog))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - sfkOption: specifies which sfk of the owning entity to use.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n patient.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstanceNoPatient(\n user: models.User,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_LOGIN',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all access logs with (allSecretForeignKeysDelimitedByComma, hcpartyId)\n *\n * After these painful steps, you have the access logs of the patient.\n *\n * @deprecated use {@link findIdsBy} instead\n * @param hcpartyId\n * @param patient (Promise)\n * @param usingPost\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n /**\n * Same as `findBy` but it will only return the ids of the access logs. It can also filter the access logs where AccessLog.date is between\n * startDate and endDate in ascending or descending order by that field. (default: ascending).\n */\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean): Promise<string[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n return extractedKeys && extractedKeys.length > 0\n ? this.findAccessLogIdsByDataOwnerPatientDate(hcpartyId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n async decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return (await this.crypto.xapi.tryDecryptEntities(accessLogs, EntityWithDelegationTypeName.AccessLog, (json) => new AccessLog(json))).map(\n ({ entity }) => entity\n )\n }\n\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private async encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return this.crypto.xapi.tryEncryptEntities(\n accessLogs,\n EntityWithDelegationTypeName.AccessLog,\n this.encryptedFields,\n false,\n false,\n (json) => new AccessLog(json)\n )\n }\n\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n async getAccessLogs(ids: ListOfIds): Promise<AccessLog[]> {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n getAccessLogsWithUser(user: models.User, ids: ListOfIds): Promise<AccessLog[]> {\n return super.getAccessLogs(ids).then((accessLogs) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLogs))\n }\n\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretId?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, EntityWithDelegationTypeName.AccessLog)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.AccessLog,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.AccessLog },\n delegates\n )\n }\n}\n"]}
1
+ {"version":3,"file":"icc-accesslog-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-accesslog-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA4C;AAG5C,oDAAsF;AACtF,4BAA2B;AAE3B,0EAAgG;AAChG,wEAAoE;AAKpE,mCAAqG;AAErG,kEAA8D;AAC9D,IAAO,eAAe,GAAG,mCAAgB,CAAC,eAAe,CAAA;AAGzD,MAAa,gBAAiB,SAAQ,yBAAe;IAKnD,IAAI,OAAO;QACT,OAAO,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,CAAC,2BAA2B,CAAC,CAAC,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAC,CAAA;IAC/I,CAAC;IAED,YACE,IAAY,EACZ,OAAkC,EAClC,MAAqB,EACrB,YAA8B,EACb,cAAuB,EACxC,WAAW,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EACpC,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QATtC,mBAAc,GAAd,cAAc,CAAS;QAUxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,eAAe,GAAG,IAAA,4BAAoB,EAAC,WAAW,EAAE,YAAY,CAAC,CAAA;IACxE,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACG,WAAW;6DACf,IAAiB,EACjB,OAAuB,EACvB,CAAM,EACN,UAKI,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,aAAa,GAC3C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAC1D,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAC/D,MAAA,OAAO,CAAC,SAAS,mCAAI,qCAAiB,CAAC,sBAAsB,CAC9D,CAAA;YACD,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,OAAO,CAAC,EAAE,EACV,GAAG,EACH,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,oBAAoB;6DACxB,IAAiB,EACjB,CAAM,EACN,UAII,EAAE;;YAEN,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5D,MAAM,SAAS,mCACV,CAAC,CAAC,aAAD,CAAC,cAAD,CAAC,GAAI,EAAE,CAAC,KACZ,KAAK,EAAE,qCAAqC,EAC5C,EAAE,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,EAAE,mCAAI,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,EAChD,OAAO,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC3C,QAAQ,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,QAAQ,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EAC7C,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,EACrC,WAAW,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,WAAW,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,EAC9E,MAAM,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,MAAM,mCAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAChE,KAAK,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,KAAK,mCAAI,EAAE,EACrB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,EAAE,EACnB,IAAI,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,IAAI,CAAC,EAAE,EACxB,UAAU,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,mCAAI,YAAY,GAC1C,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,gBAAgB,mCACjB,CAAC,OAAO,CAAC,qBAAqB,IAAI,IAAI;gBACvC,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,MAAM,CAAC,WAAW,CAChB,CAAC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC,EAAE,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,CACnI,CAAC,GACH,CAAC,MAAA,OAAO,CAAC,mBAAmB,mCAAI,EAAE,CAAC,CACvC,CAAA;YACD,OAAO,IAAI,kBAAS,CAClB,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI;iBACnB,sCAAsC,CACrC,SAAS,EACT,oCAA4B,CAAC,SAAS,EACtC,SAAS,EACT,SAAS,EACT,IAAI,EACJ,gBAAgB,EAChB,OAAO,CAAC,uBAAuB,CAChC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;QACH,CAAC;KAAA;IAED,qCAAqC;IACrC;;;;;;;;;;;;;;;;OAgBG;IACG,MAAM;6DAAC,SAAiB,EAAE,OAAuB,EAAE,YAAqB,KAAK;YACjF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,+BAA+B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YACtF,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,SAAS;oBACT,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;oBAC9E,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAU,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;;OAGG;IACG,SAAS,CAAC,SAAiB,EAAE,OAAuB,EAAE,SAAkB,EAAE,OAAgB,EAAE,UAAoB;;YACpH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,oCAA4B,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAA;YACpI,OAAO,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,CAAC;gBAC/G,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACzB,CAAC;KAAA;IAED;;OAEG;IACG,+BAA+B,CAAC,SAAiB,EAAE,WAAmB;;;;;YAC1E,MAAM,UAAU,GAAG,MAAM,OAAM,yCAAyC,YAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAChG,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClD,CAAC;KAAA;IAED;;OAEG;IACH,oCAAoC,CAAC,SAAiB,EAAE,WAAqB;QAC3E,OAAO,KAAK,CAAC,kDAAkD,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC,CAAA;IACnJ,CAAC;IAED;;;;;OAKG;IACG,OAAO,CAAC,KAAa,EAAE,UAAmC;;YAC9D,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CACvI,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,MAAM,CACvB,CAAA;QACH,CAAC;KAAA;IAED;;;;;OAKG;IACH,OAAO,CAAC,IAAiB,EAAE,UAAmC;QAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;QACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAC1C,CAAC;IAEa,SAAS,CAAC,SAAiB,EAAE,UAAmC;;YAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CACxC,UAAU,EACV,oCAA4B,CAAC,SAAS,EACtC,IAAI,CAAC,eAAe,EACpB,KAAK,EACL,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,kBAAS,CAAC,IAAI,CAAC,CAC9B,CAAA;QACH,CAAC;KAAA;IAED;;OAEG;IACH,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED;;;;;OAKG;IACH,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;QAChE,OAAO,IAAI;YACT,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBACpC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1B,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAA;IACvB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,WAAmB;QAC9B,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED;;;;;OAKG;IACH,oBAAoB,CAAC,IAAiB,EAAE,WAAmB;QACzD,OAAO,KAAK;aACT,YAAY,CAAC,WAAW,CAAC;aACzB,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;aACzF,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;IAC1B,CAAC;IAED;;OAEG;IACG,aAAa,CAAC,GAAc;;YAChC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;OAKG;IACH,qBAAqB,CAAC,IAAiB,EAAE,GAAc;QACrD,OAAO,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,UAAU,CAAC,CAAC,CAAA;IAC3H,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,SAAkB,EAAE,OAAgB,EAAE,QAAiB,EAAE,eAAwB,EAAE,KAAc;QAC9G,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAiB,EACjB,SAAkB,EAClB,OAAgB,EAChB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,cAAc,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChF,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAuB;QACrC,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED;;;;;OAKG;IACG,uBAAuB,CAAC,IAAiB,EAAE,IAAuB;;YACtE,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;QAClG,CAAC;KAAA;IAEa,QAAQ,CAAC,KAAa,EAAE,IAAsB;;;;;YAC1D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;iBAC9C,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAM,eAAe,YAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC5C,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;iBACrD,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1B,CAAC;KAAA;IAED;;OAEG;IACH,mBAAmB,CACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,MAAM,IAAI,KAAK,CAAC,0FAA0F,CAAC,CAAA;IAC7G,CAAC;IAED;;;;;;;;;;;OAWG;IACH,2BAA2B,CACzB,IAAiB,EACjB,MAAc,EACd,UAAmB,EACnB,SAAkB,EAClB,QAAiB,EACjB,eAAwB,EACxB,KAAc,EACd,UAAoB;QAEpB,OAAO,KAAK;aACT,mBAAmB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,EAAE,UAAU,CAAC;aAChG,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAClB,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAE,EAAE,SAAS,CAAC,IAAK,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAC9H,CAAA;IACL,CAAC;IAED;;;;OAIG;IACG,kBAAkB,CAAC,SAAoB;;YAC3C,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;QAC3H,CAAC;KAAA;IAED;;OAEG;IACG,cAAc,CAAC,SAAoB;;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;QAC7G,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS;6DACb,UAAkB,EAClB,SAAoB,EACpB,UAKI,EAAE;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAA;QACjE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,SAAoB,EACpB,SAOC;;YAED,OAAO,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,oBAAoB,CAAA;QACjF,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,gBAAgB,CACpB,SAAoB,EACpB,SAOC;;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAA;YAC5D,8CAA8C;YAC9C,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,oCAA4B,CAAC,SAAS,CAAC,CAAA;YACzI,MAAM,aAAa,GAAG,uBAAuB,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAC9G,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI;iBACpB,0CAA0C,CACzC;gBACE,MAAM,EAAE,aAAa;gBACrB,IAAI,EAAE,oCAA4B,CAAC,SAAS;aAC7C,EACD,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;oBAClD,mBAAmB,EAAE,OAAO,CAAC,kBAAkB;oBAC/C,oBAAoB,EAAE,OAAO,CAAC,cAAc;oBAC5C,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC;aACF,CAAC,CACH,EACD,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CACnC;iBACA,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACvF,CAAC;KAAA;IAED;;;;OAIG;IACH,yBAAyB,CACvB,MAAiB;QAEjB,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,yBAAyB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,CAAC,CAAA;IACnI,CAAC;IAED;;;;OAIG;IACH,mBAAmB,CAAC,MAAiB;QACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EAAE,SAAS,CAAC,CAAA;IAC/G,CAAC;IAED;;;;;OAKG;IACH,uCAAuC,CAAC,MAAiB,EAAE,SAAmB;QAC5E,OAAO,IAAI,CAAC,MAAM,CAAC,0BAA0B,CAAC,iCAAiC,CAC7E,EAAE,MAAM,EAAE,IAAI,EAAE,oCAA4B,CAAC,SAAS,EAAE,EACxD,SAAS,CACV,CAAA;IACH,CAAC;CACF;AA1jBD,4CA0jBC","sourcesContent":["import { IccAccesslogApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\nimport * as models from '../icc-api/model/models'\nimport { AccessLog, ListOfIds, PaginatedListAccessLog } from '../icc-api/model/models'\nimport * as _ from 'lodash'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport { SecureDelegation } from '../icc-api/model/SecureDelegation'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EntityShareRequest } from '../icc-api/model/requests/EntityShareRequest'\nimport { ShareResult } from './utils/ShareResult'\nimport { XHR } from '../icc-api/api/XHR'\nimport { EncryptedFieldsManifest, EntityWithDelegationTypeName, parseEncryptedFields } from './utils'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\nimport { SecretIdUseOption } from './crypto/SecretIdUseOption'\nimport AccessLevelEnum = SecureDelegation.AccessLevelEnum\nimport RequestedPermissionEnum = EntityShareRequest.RequestedPermissionEnum\n\nexport class IccAccesslogXApi extends IccAccesslogApi implements EncryptedEntityXApi<models.AccessLog> {\n private readonly encryptedFields: EncryptedFieldsManifest\n crypto: IccCryptoXApi\n dataOwnerApi: IccDataOwnerXApi\n\n get headers(): Promise<Array<XHR.Header>> {\n return super.headers.then((h) => this.crypto.accessControlKeysHeaders.addAccessControlKeysHeaders(h, EntityWithDelegationTypeName.AccessLog))\n }\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n private readonly autofillAuthor: boolean,\n cryptedKeys = ['detail', 'objectId'],\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n this.encryptedFields = parseEncryptedFields(cryptedKeys, 'AccessLog.')\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this access log refers to.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - sfkOption: specifies which sfk of the owning entity to use.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstance(\n user: models.User,\n patient: models.Patient,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n sfkOption?: SecretIdUseOption\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_ACCESS',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = await this.crypto.xapi.resolveSecretIdUseOptions(\n { entity: patient, type: EntityWithDelegationTypeName.Patient },\n options.sfkOption ?? SecretIdUseOption.UseAnySharedWithParent\n )\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n patient.id,\n sfk,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * Creates a new instance of access log with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param h initialised data for the access log. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used.\n * - ignoreAutoDelegations: if true the data won't be shared with the autodelegations of the user, but only with additional delegates\n * - alternateRootDelegation: by default a new entity is created with a root delegation from self to self. In keyless mode this is not possible,\n * and instead the root delegation will be from self to another. You have to specify which delegate will be part of the root delegation.\n * @return a new instance of access log.\n */\n async newInstanceNoPatient(\n user: models.User,\n h: any,\n options: {\n additionalDelegates?: { [dataOwnerId: string]: AccessLevelEnum }\n ignoreAutoDelegations?: boolean\n alternateRootDelegation?: string\n } = {}\n ) {\n const dataOwnerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n const accessLog = {\n ...(h ?? {}),\n _type: 'org.taktik.icure.entities.AccessLog',\n id: h?.id ?? this.crypto.primitives.randomUuid(),\n created: h?.created ?? new Date().getTime(),\n modified: h?.modified ?? new Date().getTime(),\n date: h?.date ?? new Date().getTime(),\n responsible: h?.responsible ?? (this.autofillAuthor ? dataOwnerId : undefined),\n author: h?.author ?? (this.autofillAuthor ? user.id : undefined),\n codes: h?.codes ?? [],\n tags: h?.tags ?? [],\n user: h?.user ?? user.id,\n accessType: h?.accessType ?? 'USER_LOGIN',\n }\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const extraDelegations = {\n ...(options.ignoreAutoDelegations == true\n ? {}\n : Object.fromEntries(\n [...(user.autoDelegations?.all ?? []), ...(user.autoDelegations?.administrativeData ?? [])].map((x) => [x, AccessLevelEnum.WRITE])\n )),\n ...(options.additionalDelegates ?? {}),\n }\n return new AccessLog(\n await this.crypto.xapi\n .entityWithInitialisedEncryptedMetadata(\n accessLog,\n EntityWithDelegationTypeName.AccessLog,\n undefined,\n undefined,\n true,\n extraDelegations,\n options.alternateRootDelegation\n )\n .then((x) => x.updatedEntity)\n )\n }\n\n // noinspection JSUnusedGlobalSymbols\n /**\n * 1. Check whether there is a delegation with 'hcpartyId' or not.\n * 2. 'fetchHcParty[hcpartyId][1]': is encrypted AES exchange key by RSA public key of him.\n * 3. Obtain the AES exchange key, by decrypting the previous step value with hcparty private key\n * 3.1. KeyPair should be fetch from cache (in jwk)\n * 3.2. if it doesn't exist in the cache, it has to be loaded from Browser Local store, and then import it to WebCrypto\n * 4. Obtain the array of delegations which are delegated to his ID (hcpartyId) in this patient\n * 5. Decrypt and collect all keys (secretForeignKeys) within delegations of previous step (with obtained AES key of step 4)\n * 6. Do the REST call to get all access logs with (allSecretForeignKeysDelimitedByComma, hcpartyId)\n *\n * After these painful steps, you have the access logs of the patient.\n *\n * @deprecated use {@link findIdsBy} instead\n * @param hcpartyId\n * @param patient (Promise)\n * @param usingPost\n */\n async findBy(hcpartyId: string, patient: models.Patient, usingPost: boolean = false): Promise<models.AccessLog[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n const topmostParentId = (await this.dataOwnerApi.getCurrentDataOwnerHierarchyIds())[0]\n return extractedKeys && extractedKeys.length > 0\n ? usingPost\n ? this.findByHCPartyPatientSecretFKeysArray(hcpartyId!, _.uniq(extractedKeys))\n : this.findByHCPartyPatientSecretFKeys(hcpartyId!, _.uniq(extractedKeys).join(','))\n : Promise.resolve([])\n }\n\n /**\n * Same as `findBy` but it will only return the ids of the access logs. It can also filter the access logs where AccessLog.date is between\n * startDate and endDate in ascending or descending order by that field. (default: ascending).\n */\n async findIdsBy(hcpartyId: string, patient: models.Patient, startDate?: number, endDate?: number, descending?: boolean): Promise<string[]> {\n const extractedKeys = await this.crypto.xapi.secretIdsOf({ entity: patient, type: EntityWithDelegationTypeName.Patient }, hcpartyId)\n return extractedKeys && extractedKeys.length > 0\n ? this.findAccessLogIdsByDataOwnerPatientDate(hcpartyId, _.uniq(extractedKeys), startDate, endDate, descending)\n : Promise.resolve([])\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n async findByHCPartyPatientSecretFKeys(hcPartyId: string, secretFKeys: string): Promise<AccessLog[]> {\n const accessLogs = await super.findAccessLogsByHCPartyPatientForeignKeys(hcPartyId, secretFKeys)\n return await this.decrypt(hcPartyId, accessLogs)\n }\n\n /**\n * @deprecated use {@link findAccessLogIdsByDataOwnerPatientDate} instead\n */\n findByHCPartyPatientSecretFKeysArray(hcPartyId: string, secretFKeys: string[]): Promise<Array<AccessLog> | any> {\n return super.findAccessLogsByHCPartyPatientForeignKeysUsingPost(hcPartyId, secretFKeys).then((accesslogs) => this.decrypt(hcPartyId, accesslogs))\n }\n\n /**\n * Decrypts a list of access logs using the current data owner's keys.\n * @param hcpId the id of the healthcare party performing the decryption.\n * @param accessLogs the access logs to decrypt.\n * @return the decrypted access logs.\n */\n async decrypt(hcpId: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return (await this.crypto.xapi.tryDecryptEntities(accessLogs, EntityWithDelegationTypeName.AccessLog, (json) => new AccessLog(json))).map(\n ({ entity }) => entity\n )\n }\n\n /**\n * Encrypts the encrypted fields of a list of access logs.\n * @param user the current user, used to determine the data owner for encryption.\n * @param accessLogs the access logs to encrypt.\n * @return the encrypted access logs.\n */\n encrypt(user: models.User, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n const owner = this.dataOwnerApi.getDataOwnerIdOf(user)\n return this.encryptAs(owner, accessLogs)\n }\n\n private async encryptAs(dataOwner: string, accessLogs: Array<models.AccessLog>): Promise<Array<models.AccessLog>> {\n return this.crypto.xapi.tryEncryptEntities(\n accessLogs,\n EntityWithDelegationTypeName.AccessLog,\n this.encryptedFields,\n false,\n false,\n (json) => new AccessLog(json)\n )\n }\n\n /**\n * @throws always. Use {@link createAccessLogWithUser} instead.\n */\n createAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Creates an access log after encrypting its content.\n * @param user the current user, used for encryption.\n * @param body the access log to create.\n * @return the created and decrypted access log.\n */\n createAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | any> {\n return body\n ? this.encrypt(user, [_.cloneDeep(body)])\n .then((als) => super.createAccessLog(als[0]))\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n : Promise.resolve()\n }\n\n /**\n * @throws always. Use {@link getAccessLogWithUser} instead.\n */\n getAccessLog(accessLogId: string): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Retrieves an access log by id and decrypts it.\n * @param user the current user, used for decryption.\n * @param accessLogId the id of the access log to retrieve.\n * @return the decrypted access log.\n */\n getAccessLogWithUser(user: models.User, accessLogId: string): Promise<models.AccessLog | any> {\n return super\n .getAccessLog(accessLogId)\n .then((accessLog) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, [accessLog]))\n .then((als) => als[0])\n }\n\n /**\n * @throws always. Use {@link getAccessLogsWithUser} instead.\n */\n async getAccessLogs(ids: ListOfIds): Promise<AccessLog[]> {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Retrieves multiple access logs by their ids and decrypts them.\n * @param user the current user, used for decryption.\n * @param ids the list of access log ids to retrieve.\n * @return the decrypted access logs.\n */\n getAccessLogsWithUser(user: models.User, ids: ListOfIds): Promise<AccessLog[]> {\n return super.getAccessLogs(ids).then((accessLogs) => this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLogs))\n }\n\n /**\n * @throws always. Use {@link listAccessLogsWithUser} instead.\n */\n listAccessLogs(fromEpoch?: number, toEpoch?: number, startKey?: number, startDocumentId?: string, limit?: number): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Lists access logs within a date range and decrypts them.\n * @param user the current user, used for decryption.\n * @param fromEpoch the start of the date range (epoch in ms).\n * @param toEpoch the end of the date range (epoch in ms).\n * @param startKey the pagination start key.\n * @param startDocumentId the pagination start document id.\n * @param limit the maximum number of results to return.\n * @param descending if true, results are returned in descending order.\n * @return a paginated list of decrypted access logs.\n */\n listAccessLogsWithUser(\n user: models.User,\n fromEpoch?: number,\n toEpoch?: number,\n startKey?: number,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<PaginatedListAccessLog> {\n return super\n .listAccessLogs(fromEpoch, toEpoch, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n /**\n * @throws always. Use {@link modifyAccessLogWithUser} instead.\n */\n modifyAccessLog(body?: models.AccessLog): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Modifies an access log after encrypting its content.\n * @param user the current user, used for encryption/decryption.\n * @param body the access log with updated fields.\n * @return the modified and decrypted access log, or null if body was not provided.\n */\n async modifyAccessLogWithUser(user: models.User, body?: models.AccessLog): Promise<models.AccessLog | null> {\n return body ? this.modifyAs(this.dataOwnerApi.getDataOwnerIdOf(user)!, _.cloneDeep(body)) : null\n }\n\n private async modifyAs(owner: string, body: models.AccessLog): Promise<models.AccessLog> {\n return this.encryptAs(owner, [_.cloneDeep(body)])\n .then((als) => super.modifyAccessLog(als[0]))\n .then((accessLog) => this.decrypt(owner, [accessLog]))\n .then((als) => als[0])\n }\n\n /**\n * @throws always. Use {@link findByUserAfterDateWithUser} instead.\n */\n findByUserAfterDate(\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): never {\n throw new Error('Cannot call a method that returns access logs without providing a user for de/encryption')\n }\n\n /**\n * Finds access logs by user id after a given date and decrypts them.\n * @param user the current user, used for decryption.\n * @param userId the id of the user whose access logs to find.\n * @param accessType optional access type filter.\n * @param startDate optional start date filter (epoch in ms).\n * @param startKey the pagination start key.\n * @param startDocumentId the pagination start document id.\n * @param limit the maximum number of results to return.\n * @param descending if true, results are returned in descending order.\n * @return a paginated list of decrypted access logs.\n */\n findByUserAfterDateWithUser(\n user: models.User,\n userId: string,\n accessType?: string,\n startDate?: number,\n startKey?: string,\n startDocumentId?: string,\n limit?: number,\n descending?: boolean\n ): Promise<models.AccessLog | any> {\n return super\n .findByUserAfterDate(userId, accessType, startDate, startKey, startDocumentId, limit, descending)\n .then((accessLog) =>\n this.decrypt(this.dataOwnerApi.getDataOwnerIdOf(user)!, accessLog.rows!).then((dr) => Object.assign(accessLog, { rows: dr }))\n )\n }\n\n /**\n * @param accessLog an access log\n * @return the id of the patient that the access log refers to, retrieved from the encrypted metadata (not from the decrypted entity body). Normally\n * there should only be one element in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(accessLog: AccessLog): Promise<string[]> {\n return this.crypto.xapi.owningEntityIdsOf({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * @return if the logged data owner has write access to the content of the given access log\n */\n async hasWriteAccess(accessLog: AccessLog): Promise<boolean> {\n return this.crypto.xapi.hasWriteAccess({ entity: accessLog, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param delegateId the id of the data owner which will be granted access to the access log.\n * @param accessLog the access log to share.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWith(\n delegateId: string,\n accessLog: AccessLog,\n options: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<AccessLog> {\n return this.shareWithMany(accessLog, { [delegateId]: options })\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return the updated entity\n */\n async shareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretId?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<AccessLog> {\n return (await this.tryShareWithMany(accessLog, delegates)).updatedEntityOrThrow\n }\n\n /**\n * Share an existing access log with other data owners, allowing them to access the non-encrypted data of the access log and optionally also the\n * encrypted content, with read-only or read-write permissions.\n * @param accessLog the access log to share.\n * @param delegates associates the id of data owners which will be granted access to the entity, to the following sharing options:\n * - shareSecretIds: specifies which secret ids of the entity should be shared. If not provided all secret ids available to the current user will be shared\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - sharePatientId: specifies if the id of the patient that this access log refers to should be shared with the delegate. Normally this would\n * be the same as objectId, but it is encrypted separately from it allowing you to give access to the patient id without giving access to the other\n * encrypted data of the access log (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - requestedPermissions: the requested permissions for the delegate, defaults to {@link RequestedPermissionEnum.MAX_WRITE}.\n * @return a promise which will contain the result of the operation: the updated entity if the operation was successful or details of the error if\n * the operation failed.\n */\n async tryShareWithMany(\n accessLog: AccessLog,\n delegates: {\n [delegateId: string]: {\n shareSecretIds?: string[]\n requestedPermissions?: RequestedPermissionEnum\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n }\n ): Promise<ShareResult<AccessLog>> {\n const self = await this.dataOwnerApi.getCurrentDataOwnerId()\n // All entities should have an encryption key.\n const entityWithEncryptionKey = await this.crypto.xapi.ensureEncryptionKeysInitialised(accessLog, EntityWithDelegationTypeName.AccessLog)\n const updatedEntity = entityWithEncryptionKey ? await this.modifyAs(self, entityWithEncryptionKey) : accessLog\n return this.crypto.xapi\n .simpleShareOrUpdateEncryptedEntityMetadata(\n {\n entity: updatedEntity,\n type: EntityWithDelegationTypeName.AccessLog,\n },\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n requestedPermissions: options.requestedPermissions,\n shareEncryptionKeys: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n shareSecretIds: options.shareSecretIds,\n },\n ])\n ),\n (x) => this.bulkShareAccessLogs(x)\n )\n .then((r) => r.mapSuccessAsync((e) => this.decrypt(self, [e]).then((es) => es[0])))\n }\n\n /**\n * Retrieves the data owners that have access to the given access log, along with their access levels.\n * @param entity the access log.\n * @return an object containing a map of data owner ids to their access levels, and a flag indicating if there are unknown anonymous data owners.\n */\n getDataOwnersWithAccessTo(\n entity: AccessLog\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: AccessLevelEnum }; hasUnknownAnonymousDataOwners: boolean }> {\n return this.crypto.delegationsDeAnonymization.getDataOwnersWithAccessTo({ entity, type: EntityWithDelegationTypeName.AccessLog })\n }\n\n /**\n * Retrieves the encryption keys of the given access log.\n * @param entity the access log.\n * @return the encryption key ids.\n */\n getEncryptionKeysOf(entity: AccessLog): Promise<string[]> {\n return this.crypto.xapi.encryptionKeysOf({ entity, type: EntityWithDelegationTypeName.AccessLog }, undefined)\n }\n\n /**\n * Creates or updates de-anonymization metadata for the given access log, allowing the specified delegates to\n * identify the data owners that have access to it.\n * @param entity the access log.\n * @param delegates the data owner ids for which to create de-anonymization metadata.\n */\n createDelegationDeAnonymizationMetadata(entity: AccessLog, delegates: string[]): Promise<void> {\n return this.crypto.delegationsDeAnonymization.createOrUpdateDeAnonymizationInfo(\n { entity, type: EntityWithDelegationTypeName.AccessLog },\n delegates\n )\n }\n}\n"]}