@interop/did-cli 0.6.0 → 0.8.0

package/dist/commands/was/policy.js

@@ -0,0 +1,133 @@
+/**
+ * `was policy` run functions: show, set (from `--type` or a JSON file), and
+ * clear the access-control policy of a space, collection, or resource.
+ */
+import { readFile } from 'node:fs/promises';
+import { resolveWasTarget } from '../../was/client.js';
+import { handleForTarget, reportError } from './shared.js';
+/**
+ * Shows the access-control policy of a space, collection, or resource.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runPolicyShow(options) {
+    try {
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const { handle, url } = handleForTarget(target);
+        const policy = await handle.getPolicy();
+        if (policy === null) {
+            console.error(`No policy set (or not visible to you): ${url}`);
+            return 1;
+        }
+        console.log(JSON.stringify(policy, null, 2));
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'show the policy', err });
+    }
+}
+/**
+ * Parses the `policy set` arguments -- `--type <type>` for a simple
+ * type-only policy, or a JSON file for richer ones -- into a policy
+ * document.
+ *
+ * @param options {object}
+ * @param [options.type] {string}
+ * @param [options.file] {string}
+ * @returns {Promise<PolicyDocument>}
+ */
+async function resolvePolicyInput({ type, file }) {
+    if (type && file) {
+        throw new Error('Provide either --type or a policy file, not both.');
+    }
+    if (type) {
+        return { type };
+    }
+    if (!file) {
+        throw new Error('Provide --type <type> or a policy JSON file.');
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(await readFile(file, 'utf8'));
+    }
+    catch (err) {
+        throw new Error(`${file} does not contain policy JSON: ` +
+            `${err instanceof Error ? err.message : String(err)}`, { cause: err });
+    }
+    if (parsed === null ||
+        typeof parsed !== 'object' ||
+        Array.isArray(parsed) ||
+        typeof parsed.type !== 'string') {
+        throw new Error(`${file} must hold a policy object with a "type" field.`);
+    }
+    return parsed;
+}
+/**
+ * Sets (creates or replaces) the access-control policy of a space,
+ * collection, or resource, and prints the policy document that was set.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.file] {string}   A policy JSON file.
+ * @param [options.type] {string}   A simple type-only policy (e.g.
+ *   PublicCanRead).
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runPolicySet(options) {
+    try {
+        const policy = await resolvePolicyInput({
+            type: options.type,
+            file: options.file
+        });
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const { handle, url } = handleForTarget(target);
+        await handle.setPolicy(policy);
+        console.error(`Policy set on ${url}`);
+        console.log(JSON.stringify(policy, null, 2));
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'set the policy', err });
+    }
+}
+/**
+ * Removes the access-control policy of a space, collection, or resource,
+ * reverting it to capability-only access. Idempotent.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runPolicyClear(options) {
+    try {
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const { handle, url } = handleForTarget(target);
+        await handle.clearPolicy();
+        console.error(`Cleared the policy on ${url} (capability-only access).`);
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'clear the policy', err });
+    }
+}
+//# sourceMappingURL=policy.js.map

package/dist/commands/was/policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/commands/was/policy.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAA;AAE3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE1D;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAInC;IACC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/C,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAA;QACvC,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,0CAA0C,GAAG,EAAE,CAAC,CAAA;YAC9D,OAAO,CAAC,CAAA;QACV,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC5C,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,iBAAiB,EAAE,GAAG,EAAE,CAAC,CAAA;IACxD,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,KAAK,UAAU,kBAAkB,CAAC,EAChC,IAAI,EACJ,IAAI,EAIL;IACC,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;IACtE,CAAC;IACD,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,EAAE,IAAI,EAAE,CAAA;IACjB,CAAC;IACD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;IACjE,CAAC;IACD,IAAI,MAAe,CAAA;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAA;IACnD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CACb,GAAG,IAAI,iCAAiC;YACtC,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACvD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAA;IACH,CAAC;IACD,IACE,MAAM,KAAK,IAAI;QACf,OAAO,MAAM,KAAK,QAAQ;QAC1B,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;QACrB,OAAQ,MAA6B,CAAC,IAAI,KAAK,QAAQ,EACvD,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,iDAAiD,CAAC,CAAA;IAC3E,CAAC;IACD,OAAO,MAAwB,CAAA;AACjC,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAMlC;IACC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC;YACtC,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/C,MAAM,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QAC9B,OAAO,CAAC,KAAK,CAAC,iBAAiB,GAAG,EAAE,CAAC,CAAA;QACrC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC5C,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,gBAAgB,EAAE,GAAG,EAAE,CAAC,CAAA;IACvD,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,OAIpC;IACC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/C,MAAM,MAAM,CAAC,WAAW,EAAE,CAAA;QAC1B,OAAO,CAAC,KAAK,CAAC,yBAAyB,GAAG,4BAA4B,CAAC,CAAA;QACvE,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAA;IACzD,CAAC;AACH,CAAC"}

package/dist/commands/was/publish.d.ts

@@ -0,0 +1,67 @@
+/**
+ * Makes a space, collection, or resource world-readable (the
+ * `PublicCanRead` policy) and prints its public URL -- the "share via
+ * public link" case.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runPublish(options: {
+    address: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Reverts a published space, collection, or resource to capability-only
+ * access (clears its policy). Idempotent.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runUnpublish(options: {
+    address: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Delegates access to a space, collection, or resource: signs a capability
+ * for the `--to` DID with the given actions and expiration, and prints
+ * `{ delegatedCapability, encoded }` (the same shape as `zcap delegate`).
+ * `--save` stores the capability in the local zcap store
+ * (`~/.config/did-cli-wallet/zcaps/`).
+ *
+ * @param options {object}
+ * @param options.address {string}   The space/collection/resource address.
+ * @param options.to {string}   The delegatee DID (or stored-DID handle).
+ * @param options.action {string[]}   Allowed actions (HTTP verbs; lowercase
+ *   accepted).
+ * @param [options.ttl] {string}   Time-to-live for expiration (default 1y).
+ * @param [options.expires] {string}   Explicit ISO 8601 expiration
+ *   (overrides --ttl).
+ * @param [options.save] {boolean}   Save the capability to the zcap store.
+ * @param [options.handle] {string}   Short tag for the saved zcap.
+ * @param [options.description] {string}   Longer description for the saved
+ *   zcap.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runGrant(options: {
+    address: string;
+    to: string;
+    action: string[];
+    ttl?: string;
+    expires?: string;
+    save?: boolean;
+    handle?: string;
+    description?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+//# sourceMappingURL=publish.d.ts.map

package/dist/commands/was/publish.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"publish.d.ts","sourceRoot":"","sources":["../../../src/commands/was/publish.ts"],"names":[],"mappings":"AAmCA;;;;;;;;;;GAUG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE;IACxC,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAelB;AAED;;;;;;;;;GASG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE;IAC1C,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAclB;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAsB,QAAQ,CAAC,OAAO,EAAE;IACtC,OAAO,EAAE,MAAM,CAAA;IACf,EAAE,EAAE,MAAM,CAAA;IACV,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CA+ClB"}

package/dist/commands/was/publish.js

@@ -0,0 +1,151 @@
+/**
+ * `was publish`/`unpublish` (the world-readable `PublicCanRead` toggle) and
+ * `was grant` (delegate a signed capability to another DID) run functions.
+ */
+import { resolveDidRef } from '../../meta.js';
+import { saveToCollection } from '../../storage.js';
+import { encodeCapability } from '../../zcap/encoding.js';
+import { expiresFromTtl } from '../../zcap/ttl.js';
+import { resolveWasTarget } from '../../was/client.js';
+import { storageIdFor, writeCreateMeta } from '../zcap.js';
+import { handleForTarget, reportError, wasUrl } from './shared.js';
+/** The capability actions WAS servers match against (HTTP verbs). */
+const WAS_ACTIONS = ['GET', 'PUT', 'POST', 'DELETE'];
+/**
+ * Normalizes grant action verbs to their canonical uppercase form,
+ * rejecting anything that is not a WAS-supported HTTP verb.
+ *
+ * @param actions {string[]}
+ * @returns {WasAction[]}
+ */
+function normalizeActions(actions) {
+    return actions.map(action => {
+        const verb = action.toUpperCase();
+        if (!WAS_ACTIONS.includes(verb)) {
+            throw new Error(`Unknown action "${action}" (supported: GET, PUT, POST, DELETE).`);
+        }
+        return verb;
+    });
+}
+/**
+ * Makes a space, collection, or resource world-readable (the
+ * `PublicCanRead` policy) and prints its public URL -- the "share via
+ * public link" case.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runPublish(options) {
+    try {
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const { handle, url } = handleForTarget(target);
+        await handle.setPublic();
+        console.error(`Published (world-readable): ${url}`);
+        console.log(url);
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'publish the path', err });
+    }
+}
+/**
+ * Reverts a published space, collection, or resource to capability-only
+ * access (clears its policy). Idempotent.
+ *
+ * @param options {object}
+ * @param options.address {string}   A space/collection/resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runUnpublish(options) {
+    try {
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const { handle, url } = handleForTarget(target);
+        await handle.clearPolicy();
+        console.error(`Unpublished (capability-only access): ${url}`);
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'unpublish the path', err });
+    }
+}
+/**
+ * Delegates access to a space, collection, or resource: signs a capability
+ * for the `--to` DID with the given actions and expiration, and prints
+ * `{ delegatedCapability, encoded }` (the same shape as `zcap delegate`).
+ * `--save` stores the capability in the local zcap store
+ * (`~/.config/did-cli-wallet/zcaps/`).
+ *
+ * @param options {object}
+ * @param options.address {string}   The space/collection/resource address.
+ * @param options.to {string}   The delegatee DID (or stored-DID handle).
+ * @param options.action {string[]}   Allowed actions (HTTP verbs; lowercase
+ *   accepted).
+ * @param [options.ttl] {string}   Time-to-live for expiration (default 1y).
+ * @param [options.expires] {string}   Explicit ISO 8601 expiration
+ *   (overrides --ttl).
+ * @param [options.save] {boolean}   Save the capability to the zcap store.
+ * @param [options.handle] {string}   Short tag for the saved zcap.
+ * @param [options.description] {string}   Longer description for the saved
+ *   zcap.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export async function runGrant(options) {
+    try {
+        const actions = normalizeActions(options.action);
+        const delegatee = await resolveDidRef({ ref: options.to });
+        if (!delegatee) {
+            throw new Error(`No locally stored DID found for "${options.to}".`);
+        }
+        const expires = options.expires ?? expiresFromTtl(options.ttl ?? '1y').toISOString();
+        const target = await resolveWasTarget({
+            address: options.address,
+            server: options.server,
+            did: options.did
+        });
+        const url = wasUrl({
+            server: target.server,
+            spaceId: target.spaceId,
+            collectionId: target.collectionId,
+            resourceId: target.resourceId
+        });
+        const delegatedCapability = await target.client.grant({
+            to: delegatee,
+            actions,
+            expires,
+            target: url
+        });
+        const encoded = encodeCapability(delegatedCapability);
+        if (options.save) {
+            const storageId = storageIdFor(delegatedCapability.id);
+            const filePath = await saveToCollection('zcaps', storageId, delegatedCapability);
+            await writeCreateMeta({
+                storageId,
+                created: new Date().toISOString(),
+                handle: options.handle,
+                description: options.description
+            });
+            console.error(`Capability saved to ${filePath}`);
+        }
+        console.log(JSON.stringify({ delegatedCapability, encoded }, null, 2));
+        return 0;
+    }
+    catch (err) {
+        return reportError({ action: 'grant access', err });
+    }
+}
+//# sourceMappingURL=publish.js.map

package/dist/commands/was/publish.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"publish.js","sourceRoot":"","sources":["../../../src/commands/was/publish.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAA;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACtD,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAC1D,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AAElE,qEAAqE;AACrE,MAAM,WAAW,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAU,CAAA;AAG7D;;;;;;GAMG;AACH,SAAS,gBAAgB,CAAC,OAAiB;IACzC,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE;QAC1B,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,EAAe,CAAA;QAC9C,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CACb,mBAAmB,MAAM,wCAAwC,CAClE,CAAA;QACH,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAIhC;IACC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/C,MAAM,MAAM,CAAC,SAAS,EAAE,CAAA;QACxB,OAAO,CAAC,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAA;QACnD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAChB,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,GAAG,EAAE,CAAC,CAAA;IACzD,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAIlC;IACC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAA;QAC/C,MAAM,MAAM,CAAC,WAAW,EAAE,CAAA;QAC1B,OAAO,CAAC,KAAK,CAAC,yCAAyC,GAAG,EAAE,CAAC,CAAA;QAC7D,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,oBAAoB,EAAE,GAAG,EAAE,CAAC,CAAA;IAC3D,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,OAW9B;IACC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;QAChD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;QAC1D,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,oCAAoC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAA;QACrE,CAAC;QACD,MAAM,OAAO,GACX,OAAO,CAAC,OAAO,IAAI,cAAc,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,WAAW,EAAE,CAAA;QACtE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC;YACpC,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;SACjB,CAAC,CAAA;QACF,MAAM,GAAG,GAAG,MAAM,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAA;QACF,MAAM,mBAAmB,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC;YACpD,EAAE,EAAE,SAAS;YACb,OAAO;YACP,OAAO;YACP,MAAM,EAAE,GAAG;SACZ,CAAC,CAAA;QACF,MAAM,OAAO,GAAG,gBAAgB,CAAC,mBAAmB,CAAC,CAAA;QACrD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,SAAS,GAAG,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAA;YACtD,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CACrC,OAAO,EACP,SAAS,EACT,mBAAmB,CACpB,CAAA;YACD,MAAM,eAAe,CAAC;gBACpB,SAAS;gBACT,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACjC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC,CAAC,CAAA;YACF,OAAO,CAAC,KAAK,CAAC,uBAAuB,QAAQ,EAAE,CAAC,CAAA;QAClD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,mBAAmB,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QACtE,OAAO,CAAC,CAAA;IACV,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,WAAW,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,CAAC,CAAA;IACrD,CAAC;AACH,CAAC"}

package/dist/commands/was/resource.d.ts

@@ -0,0 +1,148 @@
+/**
+ * Adds a resource to a collection (server-generated id) and prints the
+ * `{ id, url, contentType }` add result. The collection comes from a path
+ * or a `--capability` targeting one.
+ *
+ * @param options {object}
+ * @param [options.address] {string}   The collection address.
+ * @param [options.capability] {string}   A capability reference instead of
+ *   a path.
+ * @param [options.file] {string}   The payload file; stdin when omitted.
+ * @param [options.contentType] {string}   Explicit payload content type.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceAdd(options: {
+    address?: string;
+    capability?: string;
+    file?: string;
+    contentType?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Creates or replaces a resource at a known id (upsert) and prints
+ * `{ id, url }`. The resource comes from a path or a `--capability`
+ * targeting one.
+ *
+ * @param options {object}
+ * @param [options.address] {string}   The resource address.
+ * @param [options.capability] {string}   A capability reference instead of
+ *   a path.
+ * @param [options.file] {string}   The payload file; stdin when omitted.
+ * @param [options.contentType] {string}   Explicit payload content type.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourcePut(options: {
+    address?: string;
+    capability?: string;
+    file?: string;
+    contentType?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Reads a resource: JSON pretty-printed to stdout, binary written raw
+ * (`--output` for files). The resource comes from a path or a
+ * `--capability` targeting one.
+ *
+ * @param options {object}
+ * @param [options.address] {string}   The resource address.
+ * @param [options.capability] {string}   A capability reference instead of
+ *   a path.
+ * @param [options.output] {string}   The output file path; stdout when
+ *   omitted.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceGet(options: {
+    address?: string;
+    capability?: string;
+    output?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Reads a resource's metadata object (server-managed `contentType` / `size` /
+ * timestamps plus the user-writable `custom`) and pretty-prints it. The
+ * resource comes from a path or a `--capability` targeting one.
+ *
+ * @param options {object}
+ * @param [options.address] {string}   The resource address.
+ * @param [options.capability] {string}   A capability reference instead of
+ *   a path.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceMetaGet(options: {
+    address?: string;
+    capability?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Updates a resource's user-writable metadata and prints the resulting
+ * metadata. `--name`/`--tag` are read-modify-write sugar that preserve the
+ * other field; giving both, or `--json`, is a full `custom` replacement so
+ * any omitted property is cleared. The resource comes from a path or a
+ * `--capability` targeting one.
+ *
+ * @param options {object}
+ * @param [options.address] {string}   The resource address.
+ * @param [options.capability] {string}   A capability reference instead of
+ *   a path.
+ * @param [options.name] {string}   The resource's display name.
+ * @param options.tag {string[]}   Repeatable `key=value` tag pairs.
+ * @param [options.json] {string}   Full `custom` JSON (inline or a file
+ *   path); mutually exclusive with `--name`/`--tag`.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceMetaPut(options: {
+    address?: string;
+    capability?: string;
+    name?: string;
+    tag: string[];
+    json?: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Lists the resources in a collection.
+ *
+ * @param options {object}
+ * @param options.address {string}   The collection address.
+ * @param [options.json] {boolean}   Output the raw listing JSON.
+ * @param [options.plain] {boolean}   Output one resource id per line.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceList(options: {
+    address: string;
+    json?: boolean;
+    plain?: boolean;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+/**
+ * Deletes a resource on the server. Idempotent.
+ *
+ * @param options {object}
+ * @param options.address {string}   The resource address.
+ * @param [options.server] {string}   The server base URL.
+ * @param [options.did] {string}   The signing DID or stored-DID handle.
+ * @returns {Promise<number>}   The process exit code.
+ */
+export declare function runResourceDelete(options: {
+    address: string;
+    server?: string;
+    did?: string;
+}): Promise<number>;
+//# sourceMappingURL=resource.d.ts.map

package/dist/commands/was/resource.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resource.d.ts","sourceRoot":"","sources":["../../../src/commands/was/resource.ts"],"names":[],"mappings":"AAoFA;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,cAAc,CAAC,OAAO,EAAE;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CA2ClB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,cAAc,CAAC,OAAO,EAAE;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAoBlB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,cAAc,CAAC,OAAO,EAAE;IAC5C,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAgBlB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE;IAChD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAgBlB;AAsDD;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE;IAChD,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,GAAG,EAAE,MAAM,EAAE,CAAA;IACb,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CAgClB;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CAAC,OAAO,EAAE;IAC7C,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,CAAC,EAAE,OAAO,CAAA;IACd,KAAK,CAAC,EAAE,OAAO,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CA8BlB;AAED;;;;;;;;GAQG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,EAAE;IAC/C,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,GAAG,CAAC,EAAE,MAAM,CAAA;CACb,GAAG,OAAO,CAAC,MAAM,CAAC,CA6BlB"}