@intellegens/cornerstone-client 0.0.9999-alpha-6 → 0.0.9999-alpha-8

package/README.md

@@ -7,19 +7,19 @@ This project includes services for easy communication from a Cornerstone client
 1. Install dependencies:
 
 ```bash
-npm install
+pnpm install
 ```
 
 2. Build the project:
 
 ```bash
-npm run build
+pnpm run build
 ```
 
 3. Run Client demo HTTP server:
 
 ```bash
-npm run demo
+pnpm run demo
 ```
 
 4. Open

package/adapters/CollectionViewAdapter/index.js

@@ -214,7 +214,7 @@ export class CollectionViewAdapter {
             abortController = new AbortController();
             this._currentAbortController = abortController;
             const definition = this._parseOptionsToDefinition();
-            const response = await this._readClient.readSelectedAsync(definition, abortController?.signal);
+            const response = await this._readClient.readSelected(definition, abortController?.signal);
             if (!response.ok) {
                 throw response.error;
             }

package/data/auth/index.d.ts

@@ -1 +1,2 @@
 export * from './dto';
+export * from './policy';

package/data/auth/index.js

@@ -1 +1,2 @@
 export * from './dto';
+export * from './policy';

package/data/auth/policy.d.ts

@@ -0,0 +1,52 @@
+/**
+ * Interface for policies that can be checked.
+ *
+ * @interface IPolicy<TParams extends unknown[]>
+ * @template TParams - The type of the parameters that will be passed to the policy check function.
+ */
+export interface IPolicy<TParams extends unknown[]> {
+    /**
+     * Checks if the policy is valid for the given parameters.
+     *
+     * @param params - Parameters to pass to the policy check function.
+     * @return A promise that resolves if the policy is valid, rejects otherwise.
+     */
+    check(...params: TParams): Promise<boolean>;
+}
+/**
+ * Base class for policies. It implements the IPolicy interface.
+ *
+ * @class PolicyBase
+ * @template TParams - The type of the parameters that will be passed to the policy check function.
+ */
+export declare class PolicyBase<TParams extends unknown[]> implements IPolicy<TParams> {
+    /**
+     * Checks if the policy is valid for the given parameters.
+     *
+     * @return A promise that resolves if the policy is valid, rejects otherwise.
+     * @throws {Error} Error if not implemented.
+     */
+    check(): Promise<boolean>;
+}
+/**
+ * Class for policies that can be checked.
+ *
+ * @class Policy
+ * @template TParams - The type of the parameters that will be passed to the policy check function.
+ */
+export declare class Policy<TParams extends unknown[]> extends PolicyBase<TParams> {
+    private readonly _verificationFn;
+    /**
+     * Creates a new policy.
+     *
+     * @param verificationFn - The function that will be used to verify the policy.
+     */
+    constructor(verificationFn: (...params: TParams) => Promise<boolean>);
+    /**
+     * Checks if the policy is valid for the given parameters.
+     *
+     * @param params - Parameters to pass to the policy check function.
+     * @return A promise that resolves if the policy is valid, rejects otherwise.
+     */
+    check(...params: TParams): Promise<boolean>;
+}

package/data/auth/policy.js

@@ -0,0 +1,44 @@
+/**
+ * Base class for policies. It implements the IPolicy interface.
+ *
+ * @class PolicyBase
+ * @template TParams - The type of the parameters that will be passed to the policy check function.
+ */
+export class PolicyBase {
+    /**
+     * Checks if the policy is valid for the given parameters.
+     *
+     * @return A promise that resolves if the policy is valid, rejects otherwise.
+     * @throws {Error} Error if not implemented.
+     */
+    async check() {
+        throw new Error('Not implemented');
+    }
+}
+/**
+ * Class for policies that can be checked.
+ *
+ * @class Policy
+ * @template TParams - The type of the parameters that will be passed to the policy check function.
+ */
+export class Policy extends PolicyBase {
+    _verificationFn;
+    /**
+     * Creates a new policy.
+     *
+     * @param verificationFn - The function that will be used to verify the policy.
+     */
+    constructor(verificationFn) {
+        super();
+        this._verificationFn = verificationFn;
+    }
+    /**
+     * Checks if the policy is valid for the given parameters.
+     *
+     * @param params - Parameters to pass to the policy check function.
+     * @return A promise that resolves if the policy is valid, rejects otherwise.
+     */
+    async check(...params) {
+        return this._verificationFn(...params);
+    }
+}

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@intellegens/cornerstone-client",
-  "version": "0.0.9999-alpha-6",
+  "version": "0.0.9999-alpha-8",
   "private": false,
   "publishable": true,
-  "main": "./index.js",
-  "types": "./index.d.ts",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "type": "module",
   "author": "Intellegens",
   "license": "MIT",
@@ -14,32 +14,32 @@
     "cornerstone"
   ],
   "scripts": {
-    "clean": "npx --yes rimraf '{dist}'",
+    "clean": "pnpx rimraf '{dist}'",
     "test": "jest",
     "coverage": "jest --coverage",
-    "build": "npm run clean && tsc && tsc-alias",
-    "start": "npm run build && npx vite build && npx tsx ./demo"
+    "build": "pnpm run clean && tsc && tsc-alias",
+    "start": "pnpm run build && pnpx vite build && pnpx tsx ./demo"
   },
   "devDependencies": {
-    "@eslint/js": "^9.21.0",
-    "@types/express": "^5.0.0",
-    "@types/jest": "^29.5.12",
-    "@types/node": "^22.13.9",
-    "eslint": "^9.21.0",
-    "eslint-config-prettier": "^10.0.1",
-    "express": "^4.21.2",
-    "globals": "^16.0.0",
-    "jest": "^29.7.0",
-    "jest-environment-jsdom": "^29.7.0",
-    "prettier": "^3.5.2",
-    "ts-jest": "^29.1.2",
-    "tsc-alias": "^1.8.11",
-    "typescript-eslint": "^8.26.0",
-    "vite": "6.3.4",
-    "zod": "^3.24.2"
+    "@eslint/js": "catalog:",
+    "@types/express": "catalog:",
+    "@types/jest": "catalog:",
+    "@types/node": "catalog:",
+    "eslint": "catalog:",
+    "eslint-config-prettier": "catalog:",
+    "express": "catalog:",
+    "globals": "catalog:",
+    "jest": "catalog:",
+    "jest-environment-jsdom": "catalog:",
+    "prettier": "catalog:",
+    "ts-jest": "catalog:",
+    "tsc-alias": "catalog:",
+    "typescript-eslint": "catalog:",
+    "vite": "catalog:",
+    "zod": "catalog:"
   },
   "dependencies": {
     "http-proxy-middleware": "^3.0.3",
-    "typescript": "^5.4.5"
+    "typescript": "catalog:"
   }
 }

package/services/api/ApiCrudControllerClient/index.d.ts

@@ -23,7 +23,7 @@ export declare class ApiCrudControllerClient<TKey, TDto extends IIdentifiable<TK
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns The created entity DTO
      */
-    createAsync(dto: TDto, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
+    create(dto: TDto, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
     /**
      * Updates an existing entity.
      * @param id - The ID of the entity to update
@@ -31,11 +31,11 @@ export declare class ApiCrudControllerClient<TKey, TDto extends IIdentifiable<TK
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns The updated entity DTO
      */
-    updateAsync(id: TKey, dto: TDto, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
+    update(id: TKey, dto: TDto, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
     /**
      * Deletes an entity by ID.
      * @param id - The ID of the entity to delete
      * @param {AbortSignal} [signal] - Optional cancellation signal
      */
-    deleteAsync(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<null, EmptyMetadataDto>>;
+    delete(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
 }

package/services/api/ApiCrudControllerClient/index.js

@@ -1,7 +1,7 @@
 import { apiInitializationService } from '../ApiInitializationService';
 import { ApiReadControllerClient } from '../ApiReadControllerClient';
 import { ErrorCode } from '../../../data';
-import { fail } from '../../../utils/result';
+import { fail, ok } from '../../../utils/result';
 /**
  * Generic API client for consuming any Cornerstone CrudController
  *
@@ -25,10 +25,10 @@ export class ApiCrudControllerClient extends ApiReadControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns The created entity DTO
      */
-    async createAsync(dto, signal) {
+    async create(dto, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/Create`);
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/Create`);
+            const res = await this.httpService.request(url, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify(dto),
@@ -36,9 +36,9 @@ export class ApiCrudControllerClient extends ApiReadControllerClient {
                 signal,
             });
             if (!res.ok) {
-                return (await res.json());
+                return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);
@@ -58,10 +58,10 @@ export class ApiCrudControllerClient extends ApiReadControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns The updated entity DTO
      */
-    async updateAsync(id, dto, signal) {
+    async update(id, dto, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/Update?id=${encodeURIComponent(String(id))}`);
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/Update?id=${encodeURIComponent(String(id))}`);
+            const res = await this.httpService.request(url, {
                 method: 'PUT',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify(dto),
@@ -69,9 +69,9 @@ export class ApiCrudControllerClient extends ApiReadControllerClient {
                 signal,
             });
             if (!res.ok) {
-                return (await res.json());
+                return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);
@@ -89,18 +89,18 @@ export class ApiCrudControllerClient extends ApiReadControllerClient {
      * @param id - The ID of the entity to delete
      * @param {AbortSignal} [signal] - Optional cancellation signal
      */
-    async deleteAsync(id, signal) {
+    async delete(id, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/Delete?id=${encodeURIComponent(String(id))}`);
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/Delete?id=${encodeURIComponent(String(id))}`);
+            const res = await this.httpService.request(url, {
                 method: 'DELETE',
                 credentials: 'include',
                 signal,
             });
             if (!res.ok) {
-                return { ok: false, ...(await res.json()) };
+                return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);

package/services/api/ApiInitializationService/index.d.ts

@@ -3,7 +3,7 @@
  * The actual properties depend on what users configure in their appsettings.json or environment variables
  */
 type ISharedSettings = {
-    [key: string]: any;
+    [key: string]: unknown;
 };
 import { IHttpService } from '../HttpService';
 /**
@@ -48,7 +48,7 @@ export declare class ApiInitializationService {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @return {Promise<void>} Resolves when initialization is complete.
      */
-    initializeAsync({ httpService, signal, }?: {
+    initialize({ httpService, signal, }?: {
         httpService?: IHttpService;
         signal?: AbortSignal;
     }): Promise<void>;
@@ -71,7 +71,7 @@ export declare class ApiInitializationService {
      * @return {Promise<string | undefined>} Returns detected API base URL
      * @throws {Error} Throws error if either of the detection methods fails
      */
-    _getApiBaseUrlAsync(signal?: AbortSignal): Promise<string | undefined>;
+    _getApiBaseUrl(signal?: AbortSignal): Promise<string | undefined>;
     /**
      * Composes a full API URL for a provided endpoint path.
      *
@@ -80,7 +80,7 @@ export declare class ApiInitializationService {
      * @return {Promise<string | undefined>} Returns the API endpoint's URL
      * @throws {Error} Throws error if API base URL detection fails
      */
-    getApiUrlAsync(...relativeEndpointPathSections: string[]): Promise<string>;
+    getApiUrl(...relativeEndpointPathSections: string[]): Promise<string>;
     /**
      * Removes starting '/' character
      * @param str String to remove the starting '/' character from
@@ -97,7 +97,7 @@ export declare class ApiInitializationService {
      * Fetches initialization info (shared settings) from the server
      * @returns Promise that resolves to shared settings or undefined if the request fails
      */
-    private _getAppConfigAsync;
+    private _getAppConfig;
 }
 /**
  * Singleton instance of ApiInitializationService

package/services/api/ApiInitializationService/index.js

@@ -1,3 +1,5 @@
+// websettings.json configuration file contents type
+import { fail, ok } from '../../../utils';
 import { defaultHttpService } from '../HttpService';
 /**
  * Central API configuration service, fetches and exposes Cornerstone API configuration
@@ -45,14 +47,14 @@ export class ApiInitializationService {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @return {Promise<void>} Resolves when initialization is complete.
      */
-    async initializeAsync({ httpService, signal, } = {}) {
+    async initialize({ httpService, signal, } = {}) {
         // Store configuration
         if (httpService !== undefined)
             this._httpService = httpService;
         // (Pre)detect API base URL
-        await this._getApiBaseUrlAsync(signal);
+        await this._getApiBaseUrl(signal);
         // Initialize app config
-        await this._getAppConfigAsync();
+        await this._getAppConfig();
     }
     /**
      * Gets configured HTTP service
@@ -75,7 +77,7 @@ export class ApiInitializationService {
      * @return {Promise<string | undefined>} Returns detected API base URL
      * @throws {Error} Throws error if either of the detection methods fails
      */
-    async _getApiBaseUrlAsync(signal) {
+    async _getApiBaseUrl(signal) {
         // Check if API already detected; don't reattempt detection
         if (this._apiBaseUrlDetected)
             return this._apiBaseUrl;
@@ -91,7 +93,7 @@ export class ApiInitializationService {
             this._apiBaseError = undefined;
             // Check CORNERSTONE-API-BASEURL header for API base URL
             try {
-                const currentUrlResponse = await this._httpService.requestAsync(window.location.href, {
+                const currentUrlResponse = await this._httpService.request(window.location.href, {
                     method: 'GET',
                     signal,
                 });
@@ -110,7 +112,7 @@ export class ApiInitializationService {
             }
             // Check ./websettings.json header for API base URL
             try {
-                const webSettingsResponse = await this._httpService.requestAsync('./websettings.json', {
+                const webSettingsResponse = await this._httpService.request('./websettings.json', {
                     method: 'GET',
                     signal,
                 });
@@ -154,8 +156,8 @@ export class ApiInitializationService {
      * @return {Promise<string | undefined>} Returns the API endpoint's URL
      * @throws {Error} Throws error if API base URL detection fails
      */
-    async getApiUrlAsync(...relativeEndpointPathSections) {
-        const apiBaseUrl = await this._getApiBaseUrlAsync();
+    async getApiUrl(...relativeEndpointPathSections) {
+        const apiBaseUrl = await this._getApiBaseUrl();
         const domain = !apiBaseUrl ? '/' : `${this.removeEndsWithSlashChar(apiBaseUrl)}/`;
         const path = relativeEndpointPathSections.map(section => this.removeStartsWithSlashChar(this.removeEndsWithSlashChar(section))).join('/');
         return `${domain}${path}`;
@@ -181,13 +183,16 @@ export class ApiInitializationService {
      * Fetches initialization info (shared settings) from the server
      * @returns Promise that resolves to shared settings or undefined if the request fails
      */
-    async _getAppConfigAsync() {
+    async _getAppConfig() {
         try {
             const response = await fetch(`${this._apiBaseUrl}/system/init`, { credentials: 'include' });
             if (!response.ok) {
-                throw (await response.json());
+                throw fail(await response.json());
+            }
+            const apiResponse = ok(await response.json());
+            if (!apiResponse.ok) {
+                throw apiResponse.error;
             }
-            const apiResponse = await response.json();
             // Return the settings from the nested structure
             this.appConfig = apiResponse.result.settings;
         }

package/services/api/ApiReadControllerClient/index.d.ts

@@ -12,7 +12,7 @@ export declare class ApiReadControllerClient<TKey, TDto extends IIdentifiable<TK
      * @param httpService HTTP service implementation to use for requests
      */
     constructor(baseControllerPath: string, httpService?: IHttpService);
-    private _httpService?;
+    private readonly _httpService?;
     /**
      * Gets globally selected HTTP service
      */
@@ -22,19 +22,19 @@ export declare class ApiReadControllerClient<TKey, TDto extends IIdentifiable<TK
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto>[], ReadMetadataDto>>} List of all entities with metadata
      */
-    readAllAsync(signal?: AbortSignal): Promise<ApiResponseDto<TDto[], ReadMetadataDto>>;
+    readAll(signal?: AbortSignal): Promise<ApiResponseDto<TDto[], ReadMetadataDto>>;
     /**
      * Fetches selected entities based on a filter definition.
      * @param {any} definition - The filter definition object
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto>[], ReadMetadataDto>>} The result of the read operation with metadata
      */
-    readSelectedAsync(definition: ReadSelectedDefinitionDto<TDto>, signal?: AbortSignal): Promise<ApiResponseDto<TDto[], ReadMetadataDto>>;
+    readSelected(definition: ReadSelectedDefinitionDto<TDto>, signal?: AbortSignal): Promise<ApiResponseDto<TDto[], ReadMetadataDto>>;
     /**
      * Fetches a single entity by its ID.
      * @param {TKey} id - The ID of the entity
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto, EmptyMetadataDto>>} The requested entity
      */
-    readSingleAsync(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
+    readSingle(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<TDto, EmptyMetadataDto>>;
 }

package/services/api/ApiReadControllerClient/index.js

@@ -1,5 +1,5 @@
 import { apiInitializationService } from '../ApiInitializationService';
-import { fail } from '../../../utils/result';
+import { fail, ok } from '../../../utils/result';
 import { ErrorCode } from '../../../data';
 /**
  * Base client for read-only API controllers
@@ -30,14 +30,14 @@ export class ApiReadControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto>[], ReadMetadataDto>>} List of all entities with metadata
      */
-    async readAllAsync(signal) {
+    async readAll(signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/ReadAll`);
-            const res = await this.httpService.requestAsync(url, { method: 'GET', credentials: 'include', signal });
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/ReadAll`);
+            const res = await this.httpService.request(url, { method: 'GET', credentials: 'include', signal });
             if (!res.ok) {
                 return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);
@@ -56,10 +56,10 @@ export class ApiReadControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto>[], ReadMetadataDto>>} The result of the read operation with metadata
      */
-    async readSelectedAsync(definition, signal) {
+    async readSelected(definition, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/ReadSelected`);
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/ReadSelected`);
+            const res = await this.httpService.request(url, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify(definition),
@@ -67,9 +67,9 @@ export class ApiReadControllerClient {
                 signal,
             });
             if (!res.ok) {
-                return (await res.json());
+                return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);
@@ -88,14 +88,14 @@ export class ApiReadControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns {Promise<ApiSuccessResponseDto<TDto, EmptyMetadataDto>>} The requested entity
      */
-    async readSingleAsync(id, signal) {
+    async readSingle(id, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/ReadSingle?id=${encodeURIComponent(String(id))}`);
-            const res = await this.httpService.requestAsync(url, { method: 'GET', credentials: 'include', signal });
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/ReadSingle?id=${encodeURIComponent(String(id))}`);
+            const res = await this.httpService.request(url, { method: 'GET', credentials: 'include', signal });
             if (!res.ok) {
-                return (await res.json());
+                return fail(await res.json());
             }
-            return (await res.json());
+            return ok(await res.json());
         }
         catch (err) {
             console.error(err);

package/services/api/HttpService/FetchHttpService.d.ts

@@ -3,5 +3,5 @@ import { HttpRequestConfig, HttpResponse, IHttpService } from '../../../services
  * Default HTTP service implementation using the Fetch API
  */
 export declare class FetchHttpService implements IHttpService {
-    requestAsync<T = any>(url: string, config?: HttpRequestConfig): Promise<HttpResponse<T>>;
+    request<T = any>(url: string, config?: HttpRequestConfig): Promise<HttpResponse<T>>;
 }

package/services/api/HttpService/FetchHttpService.js

@@ -4,7 +4,7 @@
  * Default HTTP service implementation using the Fetch API
  */
 export class FetchHttpService {
-    async requestAsync(url, config) {
+    async request(url, config) {
         const response = await fetch(url, {
             method: config?.method || 'GET',
             headers: config?.headers,

package/services/api/HttpService/IHttpService.d.ts

@@ -9,5 +9,5 @@ export interface IHttpService {
      * @param config - Request configuration
      * @returns Promise that resolves to the HTTP response
      */
-    requestAsync<T = any>(url: string, config?: HttpRequestConfig): Promise<HttpResponse<T>>;
+    request<T = any>(url: string, config?: HttpRequestConfig): Promise<HttpResponse<T>>;
 }

package/services/api/UserManagementControllerClient/index.d.ts

@@ -22,20 +22,20 @@ export declare class UserManagementControllerClient<TKey, TUser extends UserDto<
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of role names assigned to the user
      */
-    getUserRolesAsync(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<string[], ReadMetadataDto>>;
+    getUserRoles(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<string[], ReadMetadataDto>>;
     /**
      * Gets the claims assigned to a user
      * @param id - The ID of the user
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of claims assigned to the user
      */
-    getUserClaimsAsync(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<ClaimDto[], ReadMetadataDto>>;
+    getUserClaims(id: TKey, signal?: AbortSignal): Promise<ApiResponseDto<ClaimDto[], ReadMetadataDto>>;
     /**
      * Gets all available roles in the system
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of all role names
      */
-    getAllRolesAsync(signal?: AbortSignal): Promise<ApiResponseDto<string[], ReadMetadataDto>>;
+    getAllRoles(signal?: AbortSignal): Promise<ApiResponseDto<string[], ReadMetadataDto>>;
     /**
      * Changes the password for a user
      * @param id - The ID of the user
@@ -43,5 +43,5 @@ export declare class UserManagementControllerClient<TKey, TUser extends UserDto<
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns Promise that resolves when the password is changed successfully
      */
-    changePasswordAsync(id: TKey, newPassword: string, signal?: AbortSignal): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
+    changePassword(id: TKey, newPassword: string, signal?: AbortSignal): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
 }

package/services/api/UserManagementControllerClient/index.js

@@ -25,10 +25,10 @@ export class UserManagementControllerClient extends ApiCrudControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of role names assigned to the user
      */
-    async getUserRolesAsync(id, signal) {
+    async getUserRoles(id, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, 'GetUserRoles', encodeURIComponent(String(id)));
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, 'GetUserRoles', encodeURIComponent(String(id)));
+            const res = await this.httpService.request(url, {
                 method: 'GET',
                 credentials: 'include',
                 signal,
@@ -55,10 +55,10 @@ export class UserManagementControllerClient extends ApiCrudControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of claims assigned to the user
      */
-    async getUserClaimsAsync(id, signal) {
+    async getUserClaims(id, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, 'GetUserClaims', encodeURIComponent(String(id)));
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, 'GetUserClaims', encodeURIComponent(String(id)));
+            const res = await this.httpService.request(url, {
                 method: 'GET',
                 credentials: 'include',
                 signal,
@@ -84,10 +84,10 @@ export class UserManagementControllerClient extends ApiCrudControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns List of all role names
      */
-    async getAllRolesAsync(signal) {
+    async getAllRoles(signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, 'GetAllRoles');
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, 'GetAllRoles');
+            const res = await this.httpService.request(url, {
                 method: 'GET',
                 credentials: 'include',
                 signal,
@@ -115,10 +115,10 @@ export class UserManagementControllerClient extends ApiCrudControllerClient {
      * @param {AbortSignal} [signal] - Optional cancellation signal
      * @returns Promise that resolves when the password is changed successfully
      */
-    async changePasswordAsync(id, newPassword, signal) {
+    async changePassword(id, newPassword, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, 'ChangePassword', encodeURIComponent(String(id)));
-            const res = await this.httpService.requestAsync(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, 'ChangePassword', encodeURIComponent(String(id)));
+            const res = await this.httpService.request(url, {
                 method: 'POST',
                 headers: {
                     'Content-Type': 'application/json',

package/services/auth/client/AuthService/index.d.ts

@@ -1,3 +1,4 @@
+import { IHttpService } from '../../..';
 import { ApiResponseDto, EmptyMetadataDto, UserDto, UserInfoDto } from '../../../../data';
 export { UserDto, UserInfoDto };
 /**
@@ -8,6 +9,18 @@ export { UserDto, UserInfoDto };
  * @class AuthService
  */
 export declare class AuthService<TKey, TUser extends UserDto<TKey> = UserDto<TKey>> {
+    protected readonly baseControllerPath: string;
+    /**
+     * Constructor
+     * @param baseControllerPath Base path to Auth API controller
+     * @param httpService HTTP service implementation to use for requests
+     */
+    constructor(baseControllerPath?: string, httpService?: IHttpService);
+    private readonly _httpService?;
+    /**
+     * Gets globally selected HTTP service
+     */
+    protected get httpService(): IHttpService;
     /**
      * Holds currently authenticated user's details
      */
@@ -18,14 +31,14 @@ export declare class AuthService<TKey, TUser extends UserDto<TKey> = UserDto<TKe
      * @async
      * @return {Promise<void>} Resolves when initialization is complete.
      */
-    initializeAsync(): Promise<void>;
+    initialize(): Promise<void>;
     /**
      * Checks if user is authenticated and retrieves the current user's details if they are
      *
      * @return {Promise<UserInfoDto<TKey, TUser>>} Currently logged in user's details
      * @throws {Error} Error if fetch fails
      */
-    whoAmIAsync(): Promise<ApiResponseDto<UserInfoDto<TKey, TUser>, EmptyMetadataDto>>;
+    whoAmI(): Promise<ApiResponseDto<UserInfoDto<TKey, TUser>, EmptyMetadataDto>>;
     /**
      * Authenticates a user using their username and password, and retrieves user's details
      *
@@ -34,17 +47,21 @@ export declare class AuthService<TKey, TUser extends UserDto<TKey> = UserDto<TKe
      * @return {Promise<TUser>} Currently logged in user's details
      * @throws {Error} Error if fetch fails
      */
-    signinAsync(username: string, password: string): Promise<ApiResponseDto<TUser, EmptyMetadataDto>>;
+    signIn(username: string, password: string): Promise<ApiResponseDto<TUser, EmptyMetadataDto>>;
     /**
      * Deauthenticates current user
      *
      * @return {Promise<void>}
      * @throws {Error} Error if fetch fails
      */
-    signoutAsync(): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
+    signOut(): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
     /**
      * If any API response returns an "Unauthenticated" response, call this method
      * to update local authentication state to unauthenticated
      */
-    _handleNoAuthApiResponse(): void;
+    handleNoAuthApiResponse(): void;
+    /**
+     * True if a user is currently loaded (post whoAmI/signIn)
+     */
+    isAuthenticated(): boolean;
 }

package/services/auth/client/AuthService/index.js

@@ -9,6 +9,25 @@ import { fail, ok } from '../../../../utils';
  * @class AuthService
  */
 export class AuthService {
+    baseControllerPath;
+    /**
+     * Constructor
+     * @param baseControllerPath Base path to Auth API controller
+     * @param httpService HTTP service implementation to use for requests
+     */
+    constructor(baseControllerPath = 'Auth', httpService) {
+        this.baseControllerPath = baseControllerPath;
+        this._httpService = httpService;
+    }
+    // #region HTTP service
+    _httpService = undefined;
+    /**
+     * Gets globally selected HTTP service
+     */
+    get httpService() {
+        return this._httpService || apiInitializationService._getHttpService();
+    }
+    // #endregion
     /**
      * Holds currently authenticated user's details
      */
@@ -19,9 +38,9 @@ export class AuthService {
      * @async
      * @return {Promise<void>} Resolves when initialization is complete.
      */
-    async initializeAsync() {
+    async initialize() {
         // Check user's authentication status
-        await this.whoAmIAsync();
+        await this.whoAmI();
     }
     /**
      * Checks if user is authenticated and retrieves the current user's details if they are
@@ -29,21 +48,20 @@ export class AuthService {
      * @return {Promise<UserInfoDto<TKey, TUser>>} Currently logged in user's details
      * @throws {Error} Error if fetch fails
      */
-    async whoAmIAsync() {
+    async whoAmI() {
         try {
-            const url = await apiInitializationService.getApiUrlAsync('/auth/whoami');
-            const res = await fetch(url, { credentials: 'include' });
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, '/whoami');
+            const res = await this.httpService.request(url, { credentials: 'include' });
             if (!res.ok) {
                 this.user = undefined;
                 return fail(await res.json());
             }
-            const response = (await res.json());
-            if (response.ok) {
-                this.user = response.result.user;
-            }
-            else {
+            const response = ok(await res.json());
+            if (!response.ok) {
                 this.user = undefined;
+                return response;
             }
+            this.user = response.result.user;
             return response;
         }
         catch (err) {
@@ -65,10 +83,10 @@ export class AuthService {
      * @return {Promise<TUser>} Currently logged in user's details
      * @throws {Error} Error if fetch fails
      */
-    async signinAsync(username, password) {
+    async signIn(username, password) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync('/auth/signin');
-            const res = await fetch(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, '/signin');
+            const res = await this.httpService.request(url, {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify({ username, password }),
@@ -78,13 +96,13 @@ export class AuthService {
                 return fail(await res.json());
             }
             // TODO: Handle tokens if not using cookies
-            const whoamIRes = await this.whoAmIAsync();
-            if (!whoamIRes.ok) {
-                return whoamIRes;
+            const whoAmIRes = await this.whoAmI();
+            if (!whoAmIRes.ok) {
+                return whoAmIRes;
             }
             return ok({
-                result: whoamIRes.result.user,
-                metadata: whoamIRes.metadata,
+                result: whoAmIRes.result.user,
+                metadata: whoAmIRes.metadata,
             });
         }
         catch (err) {
@@ -104,10 +122,10 @@ export class AuthService {
      * @return {Promise<void>}
      * @throws {Error} Error if fetch fails
      */
-    async signoutAsync() {
+    async signOut() {
         try {
-            const url = await apiInitializationService.getApiUrlAsync('/auth/signout');
-            const res = await fetch(url, { credentials: 'include' });
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, '/signout');
+            const res = await this.httpService.request(url, { credentials: 'include' });
             if (!res.ok) {
                 return fail(await res.json());
             }
@@ -129,7 +147,14 @@ export class AuthService {
      * If any API response returns an "Unauthenticated" response, call this method
      * to update local authentication state to unauthenticated
      */
-    _handleNoAuthApiResponse() {
+    handleNoAuthApiResponse() {
         this.user = undefined;
     }
+    // #region Client-side authorization helpers
+    /**
+     * True if a user is currently loaded (post whoAmI/signIn)
+     */
+    isAuthenticated() {
+        return !!this.user;
+    }
 }

package/services/auth/client/AuthorizationManagementControllerClient/index.d.ts

@@ -1,3 +1,4 @@
+import { IHttpService } from '../../..';
 import { ApiResponseDto, EmptyMetadataDto, ReadMetadataDto, RoleDto } from '../../../../data';
 /**
  * Client for authorization management operations
@@ -10,32 +11,38 @@ export declare class AuthorizationManagementControllerClient {
     /**
      * Constructor
      * @param baseControllerPath Base path to API controller
+     * @param httpService HTTP service implementation to use for requests
      */
-    constructor(baseControllerPath?: string);
+    constructor(baseControllerPath?: string, httpService?: IHttpService);
+    private readonly _httpService?;
+    /**
+     * Gets globally selected HTTP service
+     */
+    protected get httpService(): IHttpService;
     /**
      * Gets all roles in the system
      * @param includeClaims - Whether to include claims in the response
      * @param signal - Optional cancellation signal
      * @returns List of all roles
      */
-    getAllRolesAsync(includeClaims: boolean, signal?: AbortSignal): Promise<ApiResponseDto<RoleDto[], ReadMetadataDto>>;
+    getAllRoles(includeClaims: boolean, signal?: AbortSignal): Promise<ApiResponseDto<RoleDto[], ReadMetadataDto>>;
     /**
      * Gets a role with its claims
      * @param roleName - The name of the role
      * @param signal
      * @returns The role with its claims
      */
-    getRoleWithClaimsAsync(roleName: string, signal?: AbortSignal): Promise<ApiResponseDto<RoleDto, ReadMetadataDto>>;
+    getRoleWithClaims(roleName: string, signal?: AbortSignal): Promise<ApiResponseDto<RoleDto, ReadMetadataDto>>;
     /**
      * Creates or updates a role
      * @param roleDto - The role to create or update
      * @returns The created or updated role
      */
-    upsertRoleAsync(roleDto: RoleDto): Promise<ApiResponseDto<RoleDto, EmptyMetadataDto>>;
+    upsertRole(roleDto: RoleDto): Promise<ApiResponseDto<RoleDto, EmptyMetadataDto>>;
     /**
      * Deletes a role
      * @param roleName - The name of the role to delete
      * @returns Promise that resolves when the role is deleted successfully
      */
-    deleteRoleAsync(roleName: string): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
+    deleteRole(roleName: string): Promise<ApiResponseDto<undefined, EmptyMetadataDto>>;
 }

package/services/auth/client/AuthorizationManagementControllerClient/index.js

@@ -12,20 +12,31 @@ export class AuthorizationManagementControllerClient {
     /**
      * Constructor
      * @param baseControllerPath Base path to API controller
+     * @param httpService HTTP service implementation to use for requests
      */
-    constructor(baseControllerPath = 'AuthorizationManagement') {
+    constructor(baseControllerPath = 'AuthorizationManagement', httpService) {
         this.baseControllerPath = baseControllerPath;
+        this._httpService = httpService;
     }
+    // #region HTTP service
+    _httpService = undefined;
+    /**
+     * Gets globally selected HTTP service
+     */
+    get httpService() {
+        return this._httpService || apiInitializationService._getHttpService();
+    }
+    // #endregion
     /**
      * Gets all roles in the system
      * @param includeClaims - Whether to include claims in the response
      * @param signal - Optional cancellation signal
      * @returns List of all roles
      */
-    async getAllRolesAsync(includeClaims, signal) {
+    async getAllRoles(includeClaims, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/GetAllRoles?includeClaims=${includeClaims}`);
-            const res = await fetch(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/GetAllRoles?includeClaims=${includeClaims}`);
+            const res = await this.httpService.request(url, {
                 credentials: 'include',
                 signal,
             });
@@ -51,10 +62,10 @@ export class AuthorizationManagementControllerClient {
      * @param signal
      * @returns The role with its claims
      */
-    async getRoleWithClaimsAsync(roleName, signal) {
+    async getRoleWithClaims(roleName, signal) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/GetRoleWithClaims/${encodeURIComponent(roleName)}`);
-            const res = await fetch(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/GetRoleWithClaims/${encodeURIComponent(roleName)}`);
+            const res = await this.httpService.request(url, {
                 credentials: 'include',
                 signal,
             });
@@ -79,10 +90,10 @@ export class AuthorizationManagementControllerClient {
      * @param roleDto - The role to create or update
      * @returns The created or updated role
      */
-    async upsertRoleAsync(roleDto) {
+    async upsertRole(roleDto) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/UpsertRole`);
-            const res = await fetch(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/UpsertRole`);
+            const res = await this.httpService.request(url, {
                 method: 'PUT',
                 headers: {
                     'Content-Type': 'application/json',
@@ -111,10 +122,10 @@ export class AuthorizationManagementControllerClient {
      * @param roleName - The name of the role to delete
      * @returns Promise that resolves when the role is deleted successfully
      */
-    async deleteRoleAsync(roleName) {
+    async deleteRole(roleName) {
         try {
-            const url = await apiInitializationService.getApiUrlAsync(this.baseControllerPath, `/DeleteRole/${encodeURIComponent(roleName)}`);
-            const res = await fetch(url, {
+            const url = await apiInitializationService.getApiUrl(this.baseControllerPath, `/DeleteRole/${encodeURIComponent(roleName)}`);
+            const res = await this.httpService.request(url, {
                 method: 'DELETE',
                 credentials: 'include',
             });

package/utils/authorization/index.d.ts

@@ -0,0 +1,17 @@
+import { IPolicy } from '../../data';
+/**
+ * Checks if a policy is valid for the given parameters.
+ *
+ * @param policy Policy to check, either an instance or a class.
+ * @param params Parameters to pass to the policy check function.
+ * @returns A promise that resolves if the policy is valid, rejects otherwise.
+ */
+export declare function check<TParams extends unknown[]>(policy: IPolicy<TParams> | (new () => IPolicy<TParams>), ...params: TParams): Promise<boolean>;
+/**
+ * Composes multiple policies into a single policy.
+ *
+ * @param composition Composition method, either 'AND' or 'OR'.
+ * @param policies Policies to compose.
+ * @returns A new policy that represents the composition of the policies.
+ */
+export declare function compose<TParams extends unknown[]>(composition: 'AND' | 'OR', ...policies: IPolicy<TParams>[]): IPolicy<TParams>;

package/utils/authorization/index.js

@@ -0,0 +1,45 @@
+import { PolicyBase } from '../../data';
+/**
+ * Checks if a policy is valid for the given parameters.
+ *
+ * @param policy Policy to check, either an instance or a class.
+ * @param params Parameters to pass to the policy check function.
+ * @returns A promise that resolves if the policy is valid, rejects otherwise.
+ */
+export async function check(policy, ...params) {
+    // If passed an instance of a policy
+    if (policy instanceof PolicyBase) {
+        return policy.check(...params);
+    }
+    // If passed a policy class
+    else {
+        return new policy().check(...params);
+    }
+}
+/**
+ * Composes multiple policies into a single policy.
+ *
+ * @param composition Composition method, either 'AND' or 'OR'.
+ * @param policies Policies to compose.
+ * @returns A new policy that represents the composition of the policies.
+ */
+export function compose(composition, ...policies) {
+    return {
+        check: async (...params) => {
+            // Check all policies
+            if (composition === 'AND') {
+                const results = await Promise.allSettled(policies.map(policy => policy.check(...params)));
+                return results.every(result => result);
+            }
+            // Check any policies, exit as soon as any are true
+            else if (composition === 'OR') {
+                const results = await Promise.allSettled(policies.map(policy => policy.check(...params)));
+                return results.some(result => result);
+            }
+            // Invalid composition
+            else {
+                throw new Error('Invalid composition');
+            }
+        },
+    };
+}