@liveblocks/core 3.20.0-perm4 → 3.20.0-perm5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +57 -89
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +17 -28
- package/dist/index.d.ts +17 -28
- package/dist/index.js +57 -89
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -6,7 +6,7 @@ var __export = (target, all) => {
|
|
|
6
6
|
|
|
7
7
|
// src/version.ts
|
|
8
8
|
var PKG_NAME = "@liveblocks/core";
|
|
9
|
-
var PKG_VERSION = "3.20.0-
|
|
9
|
+
var PKG_VERSION = "3.20.0-perm5";
|
|
10
10
|
var PKG_FORMAT = "cjs";
|
|
11
11
|
|
|
12
12
|
// src/dupe-detection.ts
|
|
@@ -5170,40 +5170,37 @@ function createReceivingToolInvocation(invocationId, name, partialArgsText = "")
|
|
|
5170
5170
|
// src/protocol/Permissions.ts
|
|
5171
5171
|
var Permission = {
|
|
5172
5172
|
/**
|
|
5173
|
-
* Default permission for a room
|
|
5173
|
+
* Default permission for a room.
|
|
5174
5174
|
*/
|
|
5175
|
-
|
|
5176
|
-
|
|
5175
|
+
Read: "*:read",
|
|
5176
|
+
Write: "*:write",
|
|
5177
5177
|
/**
|
|
5178
|
-
*
|
|
5178
|
+
* Legacy aliases for default room permissions.
|
|
5179
5179
|
*/
|
|
5180
|
-
|
|
5181
|
-
|
|
5180
|
+
RoomWrite: "room:write",
|
|
5181
|
+
RoomRead: "room:read",
|
|
5182
5182
|
/**
|
|
5183
5183
|
* Storage
|
|
5184
5184
|
*/
|
|
5185
|
-
|
|
5186
|
-
|
|
5187
|
-
|
|
5185
|
+
StorageRead: "storage:read",
|
|
5186
|
+
StorageWrite: "storage:write",
|
|
5187
|
+
StorageNone: "storage:none",
|
|
5188
5188
|
/**
|
|
5189
5189
|
* Comments
|
|
5190
5190
|
*/
|
|
5191
|
-
|
|
5192
|
-
|
|
5193
|
-
|
|
5191
|
+
CommentsWrite: "comments:write",
|
|
5192
|
+
CommentsRead: "comments:read",
|
|
5193
|
+
CommentsNone: "comments:none",
|
|
5194
5194
|
/**
|
|
5195
5195
|
* Feeds
|
|
5196
5196
|
*/
|
|
5197
|
-
|
|
5198
|
-
|
|
5199
|
-
|
|
5197
|
+
FeedsRead: "feeds:read",
|
|
5198
|
+
FeedsWrite: "feeds:write",
|
|
5199
|
+
FeedsNone: "feeds:none",
|
|
5200
5200
|
/**
|
|
5201
5201
|
* Legacy
|
|
5202
5202
|
*/
|
|
5203
|
-
LegacyRoomPresenceWrite: "room:presence:write"
|
|
5204
|
-
LegacyCommentsWrite: "comments:write",
|
|
5205
|
-
LegacyCommentsRead: "comments:read",
|
|
5206
|
-
LegacyFeedsWrite: "feeds:write"
|
|
5203
|
+
LegacyRoomPresenceWrite: "room:presence:write"
|
|
5207
5204
|
};
|
|
5208
5205
|
var ACCESS_LEVELS = [
|
|
5209
5206
|
"none",
|
|
@@ -5217,7 +5214,6 @@ var ACCESS_RANKS = {
|
|
|
5217
5214
|
};
|
|
5218
5215
|
var NO_PERMISSION_MATRIX = {
|
|
5219
5216
|
room: "none",
|
|
5220
|
-
presence: "none",
|
|
5221
5217
|
storage: "none",
|
|
5222
5218
|
comments: "none",
|
|
5223
5219
|
feeds: "none",
|
|
@@ -5225,36 +5221,30 @@ var NO_PERMISSION_MATRIX = {
|
|
|
5225
5221
|
};
|
|
5226
5222
|
var RESOURCE_PERMISSIONS = {
|
|
5227
5223
|
room: {
|
|
5228
|
-
read: [Permission.RoomRead],
|
|
5229
|
-
write: [Permission.RoomWrite]
|
|
5224
|
+
read: [Permission.Read, Permission.RoomRead],
|
|
5225
|
+
write: [Permission.Write, Permission.RoomWrite]
|
|
5230
5226
|
},
|
|
5231
5227
|
personal: {
|
|
5232
5228
|
write: []
|
|
5233
5229
|
},
|
|
5234
|
-
presence: {
|
|
5235
|
-
write: [Permission.LegacyRoomPresenceWrite],
|
|
5236
|
-
read: [Permission.RoomPresenceRead],
|
|
5237
|
-
none: [Permission.RoomPresenceNone]
|
|
5238
|
-
},
|
|
5239
5230
|
storage: {
|
|
5240
|
-
write: [Permission.
|
|
5241
|
-
read: [Permission.
|
|
5242
|
-
none: [Permission.
|
|
5231
|
+
write: [Permission.StorageWrite],
|
|
5232
|
+
read: [Permission.StorageRead],
|
|
5233
|
+
none: [Permission.StorageNone]
|
|
5243
5234
|
},
|
|
5244
5235
|
comments: {
|
|
5245
|
-
write: [Permission.
|
|
5246
|
-
read: [Permission.
|
|
5247
|
-
none: [Permission.
|
|
5236
|
+
write: [Permission.CommentsWrite],
|
|
5237
|
+
read: [Permission.CommentsRead],
|
|
5238
|
+
none: [Permission.CommentsNone]
|
|
5248
5239
|
},
|
|
5249
5240
|
feeds: {
|
|
5250
|
-
write: [Permission.
|
|
5251
|
-
read: [Permission.
|
|
5252
|
-
none: [Permission.
|
|
5241
|
+
write: [Permission.FeedsWrite],
|
|
5242
|
+
read: [Permission.FeedsRead],
|
|
5243
|
+
none: [Permission.FeedsNone]
|
|
5253
5244
|
}
|
|
5254
5245
|
};
|
|
5255
5246
|
var DEFAULT_PERMISSION_RESOURCE = "room";
|
|
5256
5247
|
var ROOM_PERMISSION_RESOURCES = [
|
|
5257
|
-
"presence",
|
|
5258
5248
|
"storage",
|
|
5259
5249
|
"comments",
|
|
5260
5250
|
"feeds"
|
|
@@ -5272,7 +5262,7 @@ function resolveResourceAccess(scopes, resource) {
|
|
|
5272
5262
|
}
|
|
5273
5263
|
function resolveFullPermissionMatrix(resolved) {
|
|
5274
5264
|
if (!resolved.hasDefaultPermission) {
|
|
5275
|
-
return
|
|
5265
|
+
return NO_PERMISSION_MATRIX;
|
|
5276
5266
|
}
|
|
5277
5267
|
const matrix = {
|
|
5278
5268
|
...NO_PERMISSION_MATRIX,
|
|
@@ -5287,8 +5277,8 @@ function permissionMatrixFromScopes(scopes) {
|
|
|
5287
5277
|
return resolveFullPermissionMatrix(resolvePermissionMatrix(scopes));
|
|
5288
5278
|
}
|
|
5289
5279
|
function resolvePermissionMatrix(scopes) {
|
|
5290
|
-
const hasDefaultPermission = scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
|
|
5291
|
-
const baseAccess = scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.RoomRead) ? "read" : "none";
|
|
5280
|
+
const hasDefaultPermission = scopes.includes(Permission.Write) || scopes.includes(Permission.Read) || scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
|
|
5281
|
+
const baseAccess = scopes.includes(Permission.Write) || scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.Read) || scopes.includes(Permission.RoomRead) ? "read" : "none";
|
|
5292
5282
|
const matrix = {};
|
|
5293
5283
|
for (const resource of ROOM_PERMISSION_RESOURCES) {
|
|
5294
5284
|
const access = resolveResourceAccess(scopes, resource);
|
|
@@ -5309,10 +5299,6 @@ function isPermissionScopes(source) {
|
|
|
5309
5299
|
|
|
5310
5300
|
// src/permissions.ts
|
|
5311
5301
|
var VALID_PERMISSIONS = new Set(Object.values(Permission));
|
|
5312
|
-
var ROOM_PERMISSION_OBJECT_KEYS = /* @__PURE__ */ new Set([
|
|
5313
|
-
"default",
|
|
5314
|
-
...ROOM_PERMISSION_RESOURCES
|
|
5315
|
-
]);
|
|
5316
5302
|
function permissionForAccessLevel(resource, access, field = resource) {
|
|
5317
5303
|
const levels = RESOURCE_PERMISSIONS[resource];
|
|
5318
5304
|
const permissions = levels[access];
|
|
@@ -5333,8 +5319,10 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
|
5333
5319
|
let hasDefaultPermission = false;
|
|
5334
5320
|
let baseAccess = "none";
|
|
5335
5321
|
const explicitMatrix = {};
|
|
5322
|
+
const explicitSpecificity = {};
|
|
5336
5323
|
for (const permission of matchedPermissions) {
|
|
5337
5324
|
const resolved = resolvePermissionMatrix(permission.scopes);
|
|
5325
|
+
const specificity = getResourceSpecificity(permission.resource);
|
|
5338
5326
|
if (resolved.hasDefaultPermission) {
|
|
5339
5327
|
hasDefaultPermission = true;
|
|
5340
5328
|
baseAccess = strongestAccess(baseAccess, resolved.baseAccess);
|
|
@@ -5342,10 +5330,16 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
|
5342
5330
|
for (const resource of ROOM_PERMISSION_RESOURCES) {
|
|
5343
5331
|
const access = resolved.matrix[resource];
|
|
5344
5332
|
if (access !== void 0) {
|
|
5345
|
-
|
|
5346
|
-
|
|
5347
|
-
access
|
|
5348
|
-
|
|
5333
|
+
const currentSpecificity = _nullishCoalesce(explicitSpecificity[resource], () => ( -1));
|
|
5334
|
+
if (specificity > currentSpecificity) {
|
|
5335
|
+
explicitMatrix[resource] = access;
|
|
5336
|
+
explicitSpecificity[resource] = specificity;
|
|
5337
|
+
} else if (specificity === currentSpecificity) {
|
|
5338
|
+
explicitMatrix[resource] = strongestAccess(
|
|
5339
|
+
_nullishCoalesce(explicitMatrix[resource], () => ( "none")),
|
|
5340
|
+
access
|
|
5341
|
+
);
|
|
5342
|
+
}
|
|
5349
5343
|
}
|
|
5350
5344
|
}
|
|
5351
5345
|
}
|
|
@@ -5355,46 +5349,16 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
|
5355
5349
|
matrix: explicitMatrix
|
|
5356
5350
|
});
|
|
5357
5351
|
}
|
|
5358
|
-
function isRoomPermissionArray(input) {
|
|
5359
|
-
return Array.isArray(input);
|
|
5360
|
-
}
|
|
5361
5352
|
function normalizeRoomPermissionInput(input) {
|
|
5362
|
-
if (
|
|
5363
|
-
|
|
5364
|
-
if (!VALID_PERMISSIONS.has(permission)) {
|
|
5365
|
-
throw new Error(`Not a valid permission: ${permission}`);
|
|
5366
|
-
}
|
|
5367
|
-
return permission;
|
|
5368
|
-
});
|
|
5353
|
+
if (!Array.isArray(input)) {
|
|
5354
|
+
throw new Error("Permission list must be an array");
|
|
5369
5355
|
}
|
|
5370
|
-
return
|
|
5371
|
-
|
|
5372
|
-
|
|
5373
|
-
for (const key of Object.keys(objectInput)) {
|
|
5374
|
-
if (!ROOM_PERMISSION_OBJECT_KEYS.has(key)) {
|
|
5375
|
-
throw new Error(`Unknown permission field: ${key}`);
|
|
5356
|
+
return input.map((permission) => {
|
|
5357
|
+
if (!VALID_PERMISSIONS.has(permission)) {
|
|
5358
|
+
throw new Error(`Not a valid permission: ${permission}`);
|
|
5376
5359
|
}
|
|
5377
|
-
|
|
5378
|
-
|
|
5379
|
-
if (objectInput.default !== void 0) {
|
|
5380
|
-
permissions.push(
|
|
5381
|
-
permissionForAccessLevel(
|
|
5382
|
-
DEFAULT_PERMISSION_RESOURCE,
|
|
5383
|
-
objectInput.default,
|
|
5384
|
-
"default"
|
|
5385
|
-
)
|
|
5386
|
-
);
|
|
5387
|
-
}
|
|
5388
|
-
for (const resource of ROOM_PERMISSION_RESOURCES) {
|
|
5389
|
-
const access = objectInput[resource];
|
|
5390
|
-
if (access !== void 0) {
|
|
5391
|
-
permissions.push(permissionForAccessLevel(resource, access));
|
|
5392
|
-
}
|
|
5393
|
-
}
|
|
5394
|
-
if (permissions.length === 0) {
|
|
5395
|
-
throw new Error("Permission object cannot be empty");
|
|
5396
|
-
}
|
|
5397
|
-
return permissions;
|
|
5360
|
+
return permission;
|
|
5361
|
+
});
|
|
5398
5362
|
}
|
|
5399
5363
|
function normalizeRoomAccessesInput(input) {
|
|
5400
5364
|
if (input === void 0) {
|
|
@@ -5421,7 +5385,6 @@ function normalizeRoomAccessesUpdateInput(input) {
|
|
|
5421
5385
|
function mergePermissionMatrices(sources) {
|
|
5422
5386
|
return {
|
|
5423
5387
|
room: strongestMatrixAccess(sources, "room"),
|
|
5424
|
-
presence: strongestMatrixAccess(sources, "presence"),
|
|
5425
5388
|
storage: strongestMatrixAccess(sources, "storage"),
|
|
5426
5389
|
comments: strongestMatrixAccess(sources, "comments"),
|
|
5427
5390
|
feeds: strongestMatrixAccess(sources, "feeds"),
|
|
@@ -5459,6 +5422,9 @@ function resourceMatchesRoomId(resource, roomId) {
|
|
|
5459
5422
|
}
|
|
5460
5423
|
return resource === roomId;
|
|
5461
5424
|
}
|
|
5425
|
+
function getResourceSpecificity(resource) {
|
|
5426
|
+
return resource.replace("*", "").length;
|
|
5427
|
+
}
|
|
5462
5428
|
|
|
5463
5429
|
// src/protocol/AuthToken.ts
|
|
5464
5430
|
function isValidAuthTokenPayload(data) {
|
|
@@ -11482,7 +11448,9 @@ function createRoom(options, config) {
|
|
|
11482
11448
|
_dump: () => {
|
|
11483
11449
|
const n = context.pool.nodes.size;
|
|
11484
11450
|
return `Room "${roomId}" (${n} node${n === 1 ? "" : "s"}):
|
|
11485
|
-
${dumpPool(
|
|
11451
|
+
${dumpPool(
|
|
11452
|
+
context.pool
|
|
11453
|
+
)}`;
|
|
11486
11454
|
},
|
|
11487
11455
|
destroy: () => {
|
|
11488
11456
|
pendingFeedsRequests.forEach(
|
|
@@ -11677,7 +11645,7 @@ function makeAuthDelegateForRoom(roomId, authManager) {
|
|
|
11677
11645
|
return async () => {
|
|
11678
11646
|
return authManager.getAuthValue({
|
|
11679
11647
|
roomId,
|
|
11680
|
-
resource: "
|
|
11648
|
+
resource: "room",
|
|
11681
11649
|
access: "read"
|
|
11682
11650
|
});
|
|
11683
11651
|
};
|