@mathrunet/masamune_cloudflare 3.1.7 → 3.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,4 +1,4 @@
1
- ## 3.1.7 (2026-07-01)
1
+ ## 3.1.9 (2026-07-01)
2
2
 
3
3
 
4
4
  ### chore
package/README.md CHANGED
@@ -60,8 +60,52 @@ export default m.deploy(
60
60
  );
61
61
  ```
62
62
 
63
+ # Rules
64
+
65
+ `WorkersOptions.rules` accepts a `rules.json` configuration. Import the JSON
66
+ file and pass it to `deploy` when multiple Cloudflare packages should share the
67
+ same rules.
68
+
69
+ ```typescript
70
+ import * as m from "@mathrunet/masamune_cloudflare";
71
+ import rulesJson from "../rules.json";
72
+
73
+ export default m.deploy(
74
+ [
75
+ m.TestWorkers.test,
76
+ ],
77
+ {
78
+ rules: rulesJson,
79
+ },
80
+ );
81
+ ```
82
+
83
+ `rules.json` paths use the same normalized format across Turso, TiDB, and KV
84
+ workers.
85
+
86
+ ```json
87
+ {
88
+ "version": "1",
89
+ "rules": {
90
+ "database/main": {
91
+ "read": "allow",
92
+ "write": "server"
93
+ },
94
+ "database/{uid}/users/{uid}": {
95
+ "read": { "type": "path", "param": "uid" },
96
+ "write": { "type": "field", "field": "ownerId", "server": true }
97
+ }
98
+ }
99
+ }
100
+ ```
101
+
102
+ Supported access values are `deny`, `allow`, `authenticated`, `server`,
103
+ `{ "type": "field", "field": "..." }`, and
104
+ `{ "type": "path", "param": "..." }`. `{ "type": "fieldMatch" }` is still
105
+ accepted for compatibility.
106
+
63
107
  # GitHub Sponsors
64
108
 
65
109
  Sponsors are always welcome. Thank you for your support!
66
110
 
67
- [https://github.com/sponsors/mathrunet](https://github.com/sponsors/mathrunet)
111
+ [https://github.com/sponsors/mathrunet](https://github.com/sponsors/mathrunet)
@@ -6,7 +6,9 @@
6
6
  export interface RulePathMatch {
7
7
  matched: boolean;
8
8
  rulePath: string;
9
+ params: Record<string, string>;
9
10
  literalSegments: number;
11
+ namedWildcardSegments: number;
10
12
  wildcardSegments: number;
11
13
  deepWildcardSegments: number;
12
14
  matchedSegments: number;
@@ -13,7 +13,9 @@ function matchRulePath(rulePath, requestPath) {
13
13
  (0, rules_loader_1.validateRulePath)(rulePath);
14
14
  const ruleSegments = splitPath(rulePath);
15
15
  const requestSegments = splitPath(requestPath);
16
+ const params = {};
16
17
  let literalSegments = 0;
18
+ let namedWildcardSegments = 0;
17
19
  let wildcardSegments = 0;
18
20
  let deepWildcardSegments = 0;
19
21
  for (let i = 0; i < ruleSegments.length; i++) {
@@ -23,7 +25,9 @@ function matchRulePath(rulePath, requestPath) {
23
25
  return {
24
26
  matched: true,
25
27
  rulePath,
28
+ params,
26
29
  literalSegments,
30
+ namedWildcardSegments,
27
31
  wildcardSegments,
28
32
  deepWildcardSegments,
29
33
  matchedSegments: requestSegments.length,
@@ -37,21 +41,30 @@ function matchRulePath(rulePath, requestPath) {
37
41
  wildcardSegments++;
38
42
  continue;
39
43
  }
44
+ const paramName = parseNamedPathParam(ruleSegment);
45
+ if (paramName) {
46
+ params[paramName] = requestSegment;
47
+ namedWildcardSegments++;
48
+ wildcardSegments++;
49
+ continue;
50
+ }
40
51
  if (ruleSegment !== requestSegment) {
41
52
  return createUnmatched(rulePath);
42
53
  }
43
54
  literalSegments++;
44
55
  }
45
- if (ruleSegments.length !== requestSegments.length) {
56
+ if (ruleSegments.length > requestSegments.length) {
46
57
  return createUnmatched(rulePath);
47
58
  }
48
59
  return {
49
60
  matched: true,
50
61
  rulePath,
62
+ params,
51
63
  literalSegments,
64
+ namedWildcardSegments,
52
65
  wildcardSegments,
53
66
  deepWildcardSegments,
54
- matchedSegments: requestSegments.length,
67
+ matchedSegments: ruleSegments.length,
55
68
  };
56
69
  }
57
70
  /**
@@ -66,6 +79,9 @@ function compareRulePathMatch(a, b) {
66
79
  if (a.deepWildcardSegments !== b.deepWildcardSegments) {
67
80
  return a.deepWildcardSegments - b.deepWildcardSegments;
68
81
  }
82
+ if (a.namedWildcardSegments !== b.namedWildcardSegments) {
83
+ return b.namedWildcardSegments - a.namedWildcardSegments;
84
+ }
69
85
  if (a.wildcardSegments !== b.wildcardSegments) {
70
86
  return a.wildcardSegments - b.wildcardSegments;
71
87
  }
@@ -96,10 +112,16 @@ function createUnmatched(rulePath) {
96
112
  return {
97
113
  matched: false,
98
114
  rulePath,
115
+ params: {},
99
116
  literalSegments: 0,
117
+ namedWildcardSegments: 0,
100
118
  wildcardSegments: 0,
101
119
  deepWildcardSegments: 0,
102
120
  matchedSegments: 0,
103
121
  };
104
122
  }
123
+ function parseNamedPathParam(segment) {
124
+ const match = /^\{([A-Za-z_][A-Za-z0-9_]*)\}$/.exec(segment);
125
+ return match?.[1];
126
+ }
105
127
  //# sourceMappingURL=path_matcher.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"path_matcher.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/path_matcher.ts"],"names":[],"mappings":";;AAqBA,sCA6CC;AAOD,oDAcC;AAOD,kDAEC;AAhGD,iDAAkD;AAgBlD;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB,EAAE,WAAmB;IAC/D,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC3B,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,eAAe,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,IAAI,oBAAoB,GAAG,CAAC,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACvB,oBAAoB,GAAG,CAAC,CAAC;YACzB,OAAO;gBACH,OAAO,EAAE,IAAI;gBACb,QAAQ;gBACR,eAAe;gBACf,gBAAgB;gBAChB,oBAAoB;gBACpB,eAAe,EAAE,eAAe,CAAC,MAAM;aAC1C,CAAC;QACN,CAAC;QACD,MAAM,cAAc,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1C,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;YACtB,gBAAgB,EAAE,CAAC;YACnB,SAAS;QACb,CAAC;QACD,IAAI,WAAW,KAAK,cAAc,EAAE,CAAC;YACjC,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,eAAe,EAAE,CAAC;IACtB,CAAC;IACD,IAAI,YAAY,CAAC,MAAM,KAAK,eAAe,CAAC,MAAM,EAAE,CAAC;QACjD,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IACD,OAAO;QACH,OAAO,EAAE,IAAI;QACb,QAAQ;QACR,eAAe;QACf,gBAAgB;QAChB,oBAAoB;QACpB,eAAe,EAAE,eAAe,CAAC,MAAM;KAC1C,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAAC,CAAgB,EAAE,CAAgB;IACnE,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,IAAI,CAAC,CAAC,oBAAoB,KAAK,CAAC,CAAC,oBAAoB,EAAE,CAAC;QACpD,OAAO,CAAC,CAAC,oBAAoB,GAAG,CAAC,CAAC,oBAAoB,CAAC;IAC3D,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,gBAAgB,GAAG,CAAC,CAAC,gBAAgB,CAAC;IACnD,CAAC;IACD,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,OAAO,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB,CAAC,OAAwB;IACxD,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,OAAO,EAAE,CAAC;IACd,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACnD,OAAO,EAAE,CAAC;IACd,CAAC;IACD,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACrC,OAAO;QACH,OAAO,EAAE,KAAK;QACd,QAAQ;QACR,eAAe,EAAE,CAAC;QAClB,gBAAgB,EAAE,CAAC;QACnB,oBAAoB,EAAE,CAAC;QACvB,eAAe,EAAE,CAAC;KACrB,CAAC;AACN,CAAC"}
1
+ {"version":3,"file":"path_matcher.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/path_matcher.ts"],"names":[],"mappings":";;AAuBA,sCA0DC;AAOD,oDAiBC;AAOD,kDAEC;AAlHD,iDAAkD;AAkBlD;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB,EAAE,WAAmB;IAC/D,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC3B,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,eAAe,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAC/C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,qBAAqB,GAAG,CAAC,CAAC;IAC9B,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,IAAI,oBAAoB,GAAG,CAAC,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACvB,oBAAoB,GAAG,CAAC,CAAC;YACzB,OAAO;gBACH,OAAO,EAAE,IAAI;gBACb,QAAQ;gBACR,MAAM;gBACN,eAAe;gBACf,qBAAqB;gBACrB,gBAAgB;gBAChB,oBAAoB;gBACpB,eAAe,EAAE,eAAe,CAAC,MAAM;aAC1C,CAAC;QACN,CAAC;QACD,MAAM,cAAc,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1C,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;YACtB,gBAAgB,EAAE,CAAC;YACnB,SAAS;QACb,CAAC;QACD,MAAM,SAAS,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;QACnD,IAAI,SAAS,EAAE,CAAC;YACZ,MAAM,CAAC,SAAS,CAAC,GAAG,cAAc,CAAC;YACnC,qBAAqB,EAAE,CAAC;YACxB,gBAAgB,EAAE,CAAC;YACnB,SAAS;QACb,CAAC;QACD,IAAI,WAAW,KAAK,cAAc,EAAE,CAAC;YACjC,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,eAAe,EAAE,CAAC;IACtB,CAAC;IACD,IAAI,YAAY,CAAC,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,CAAC;QAC/C,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IACD,OAAO;QACH,OAAO,EAAE,IAAI;QACb,QAAQ;QACR,MAAM;QACN,eAAe;QACf,qBAAqB;QACrB,gBAAgB;QAChB,oBAAoB;QACpB,eAAe,EAAE,YAAY,CAAC,MAAM;KACvC,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAAC,CAAgB,EAAE,CAAgB;IACnE,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,IAAI,CAAC,CAAC,oBAAoB,KAAK,CAAC,CAAC,oBAAoB,EAAE,CAAC;QACpD,OAAO,CAAC,CAAC,oBAAoB,GAAG,CAAC,CAAC,oBAAoB,CAAC;IAC3D,CAAC;IACD,IAAI,CAAC,CAAC,qBAAqB,KAAK,CAAC,CAAC,qBAAqB,EAAE,CAAC;QACtD,OAAO,CAAC,CAAC,qBAAqB,GAAG,CAAC,CAAC,qBAAqB,CAAC;IAC7D,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,gBAAgB,GAAG,CAAC,CAAC,gBAAgB,CAAC;IACnD,CAAC;IACD,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,OAAO,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB,CAAC,OAAwB;IACxD,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,OAAO,EAAE,CAAC;IACd,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACnD,OAAO,EAAE,CAAC;IACd,CAAC;IACD,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACrC,OAAO;QACH,OAAO,EAAE,KAAK;QACd,QAAQ;QACR,MAAM,EAAE,EAAE;QACV,eAAe,EAAE,CAAC;QAClB,qBAAqB,EAAE,CAAC;QACxB,gBAAgB,EAAE,CAAC;QACnB,oBAAoB,EAAE,CAAC;QACvB,eAAe,EAAE,CAAC;KACrB,CAAC;AACN,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IACxC,MAAM,KAAK,GAAG,gCAAgC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;AACtB,CAAC"}
@@ -10,6 +10,7 @@ export interface RulesEvaluationInput {
10
10
  operation: RulesOperation | RulesOperationKey;
11
11
  authentication?: WorkersAuthContext | undefined;
12
12
  fetchDocument?: (() => Promise<Record<string, unknown> | null | undefined>) | undefined;
13
+ server?: boolean | undefined;
13
14
  }
14
15
  /**
15
16
  * Result of evaluating rules.
@@ -20,6 +21,7 @@ export interface RulesEvaluationResult {
20
21
  allowed: boolean;
21
22
  rulePath?: string | undefined;
22
23
  access?: RulesAccessRule | undefined;
24
+ params?: Record<string, string> | undefined;
23
25
  }
24
26
  /**
25
27
  * Arguments for building a rules path.
@@ -31,6 +33,47 @@ export interface RulesPathArguments {
31
33
  table: string;
32
34
  indexKey: string;
33
35
  }
36
+ /**
37
+ * Access mode resolved from rules.
38
+ *
39
+ * rulesから解決されたアクセスモード。
40
+ */
41
+ export type RulesAccessMode = "none" | "functions" | "direct";
42
+ /**
43
+ * Database token authorization resolved from rules.
44
+ *
45
+ * rulesから解決されたデータベーストークン権限。
46
+ */
47
+ export type RulesDatabaseTokenAuthorization = "read-only" | "full-access";
48
+ /**
49
+ * Target input for database token rules evaluation.
50
+ *
51
+ * データベーストークンrules評価対象。
52
+ */
53
+ export interface RulesTokenTargetInput {
54
+ table: string;
55
+ operations: RulesOperationKey[];
56
+ }
57
+ /**
58
+ * Target output for database token rules evaluation.
59
+ *
60
+ * データベーストークンrules評価結果。
61
+ */
62
+ export interface RulesTokenTargetOutput extends RulesTokenTargetInput {
63
+ readMode?: RulesAccessMode | undefined;
64
+ writeMode?: RulesAccessMode | undefined;
65
+ }
66
+ /**
67
+ * Database token access resolved from rules.
68
+ *
69
+ * rulesから解決されたデータベーストークンアクセス。
70
+ */
71
+ export interface RulesDatabaseTokenAccess {
72
+ authorization?: RulesDatabaseTokenAuthorization | undefined;
73
+ readMode: RulesAccessMode;
74
+ writeMode: RulesAccessMode;
75
+ scopes: RulesTokenTargetOutput[];
76
+ }
34
77
  /**
35
78
  * Rules engine.
36
79
  *
@@ -45,6 +88,35 @@ export declare class RulesEngine {
45
88
  * 指定したパスと操作に対してrulesを評価します。
46
89
  */
47
90
  evaluate(input: RulesEvaluationInput): Promise<RulesEvaluationResult>;
91
+ /**
92
+ * Returns true when a table scoped rule requires server evaluation.
93
+ *
94
+ * テーブル配下ルールにサーバー評価が必要な制約がある場合はtrueを返します。
95
+ */
96
+ hasScopedRestriction({ database, table, operation, }: {
97
+ database: string;
98
+ table: string;
99
+ operation: RulesOperation | RulesOperationKey;
100
+ }): boolean;
101
+ /**
102
+ * Returns true when a table scoped rule explicitly denies access.
103
+ *
104
+ * テーブル配下ルールに明示的なdenyがある場合はtrueを返します。
105
+ */
106
+ hasScopedDeny({ database, table, operation, }: {
107
+ database: string;
108
+ table: string;
109
+ operation: RulesOperation | RulesOperationKey;
110
+ }): boolean;
111
+ /**
112
+ * Returns true when a database descendant rule requires server evaluation.
113
+ *
114
+ * データベース配下ルールにサーバー評価が必要な制約がある場合はtrueを返します。
115
+ */
116
+ hasDatabaseScopedRestriction({ database, operation, }: {
117
+ database: string;
118
+ operation: RulesOperation | RulesOperationKey;
119
+ }): boolean;
48
120
  }
49
121
  /**
50
122
  * Build a normalized rules path.
@@ -52,6 +124,14 @@ export declare class RulesEngine {
52
124
  * 正規化されたrulesパスを生成します。
53
125
  */
54
126
  export declare function buildRulesPath({ database, table, indexKey }: RulesPathArguments): string;
127
+ /**
128
+ * Build a normalized database rules path.
129
+ *
130
+ * 正規化されたデータベースrulesパスを生成します。
131
+ */
132
+ export declare function buildDatabaseRulesPath({ database }: {
133
+ database: string;
134
+ }): string;
55
135
  /**
56
136
  * Normalize HTTP method to rules operation.
57
137
  *
@@ -64,6 +144,45 @@ export declare function normalizeHttpMethodToRulesOperation(method: string): Rul
64
144
  * rules操作エイリアスを正規化します。
65
145
  */
66
146
  export declare function normalizeRulesOperation(operation: RulesOperation | RulesOperationKey): RulesOperation;
147
+ /**
148
+ * Expand operation aliases to concrete operations.
149
+ *
150
+ * 操作エイリアスを具体的な操作へ展開します。
151
+ */
152
+ export declare function expandRulesOperation(operation: RulesOperationKey): RulesOperation[];
153
+ /**
154
+ * Filter token targets by rules.
155
+ *
156
+ * rulesによりトークン対象をフィルタします。
157
+ */
158
+ export declare function filterAllowedScope({ engine, database, scope, authentication, }: {
159
+ engine: RulesEngine;
160
+ database: string;
161
+ scope: RulesTokenTargetInput[];
162
+ authentication?: WorkersAuthContext | undefined;
163
+ }): Promise<RulesTokenTargetInput[]>;
164
+ /**
165
+ * Resolve database token access from rules.
166
+ *
167
+ * rulesからデータベーストークンアクセスを解決します。
168
+ */
169
+ export declare function resolveDatabaseTokenAccess({ engine, database, operations, scope, authentication, }: {
170
+ engine: RulesEngine;
171
+ database: string;
172
+ operations?: RulesOperationKey[] | undefined;
173
+ scope?: RulesTokenTargetInput[] | undefined;
174
+ authentication?: WorkersAuthContext | undefined;
175
+ }): Promise<RulesDatabaseTokenAccess | undefined>;
176
+ /**
177
+ * Resolve database token authorization from rules.
178
+ *
179
+ * rulesからデータベーストークン権限を解決します。
180
+ */
181
+ export declare function resolveDatabaseTokenAuthorization({ engine, database, authentication, }: {
182
+ engine: RulesEngine;
183
+ database: string;
184
+ authentication?: WorkersAuthContext | undefined;
185
+ }): Promise<RulesDatabaseTokenAuthorization | undefined>;
67
186
  /**
68
187
  * Resolve operation lookup order.
69
188
  *
@@ -2,8 +2,13 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.RulesEngine = void 0;
4
4
  exports.buildRulesPath = buildRulesPath;
5
+ exports.buildDatabaseRulesPath = buildDatabaseRulesPath;
5
6
  exports.normalizeHttpMethodToRulesOperation = normalizeHttpMethodToRulesOperation;
6
7
  exports.normalizeRulesOperation = normalizeRulesOperation;
8
+ exports.expandRulesOperation = expandRulesOperation;
9
+ exports.filterAllowedScope = filterAllowedScope;
10
+ exports.resolveDatabaseTokenAccess = resolveDatabaseTokenAccess;
11
+ exports.resolveDatabaseTokenAuthorization = resolveDatabaseTokenAuthorization;
7
12
  exports.resolveRulesOperation = resolveRulesOperation;
8
13
  const rules_loader_1 = require("./rules_loader");
9
14
  const path_matcher_1 = require("./path_matcher");
@@ -35,21 +40,79 @@ class RulesEngine {
35
40
  return {
36
41
  rulePath: match.rulePath,
37
42
  entry: this.config.rules[match.rulePath],
43
+ params: match.params,
38
44
  };
39
45
  }));
40
- const access = resolveAccessRule(resolved.entry, operation);
41
- if (!access) {
46
+ const resolvedAccess = resolveAccessRule(resolved.entry, resolved.params, operation);
47
+ if (!resolvedAccess) {
42
48
  return {
43
49
  allowed: false,
44
50
  rulePath: resolved.rulePath,
45
51
  };
46
52
  }
47
53
  return {
48
- allowed: await evaluateAccessRule(access, input.authentication, input.fetchDocument),
54
+ allowed: await evaluateAccessRule(resolvedAccess.access, input.authentication, input.fetchDocument, resolvedAccess.params, input.server === true),
49
55
  rulePath: resolved.rulePath,
50
- access,
56
+ access: resolvedAccess.access,
57
+ params: resolvedAccess.params,
51
58
  };
52
59
  }
60
+ /**
61
+ * Returns true when a table scoped rule requires server evaluation.
62
+ *
63
+ * テーブル配下ルールにサーバー評価が必要な制約がある場合はtrueを返します。
64
+ */
65
+ hasScopedRestriction({ database, table, operation, }) {
66
+ const normalized = normalizeRulesOperation(operation);
67
+ for (const [rulePath, entry] of Object.entries(this.config.rules)) {
68
+ if (!isRulePathInTableScope(rulePath, database, table)) {
69
+ continue;
70
+ }
71
+ const access = resolveAccessRule(entry, {}, normalized)?.access;
72
+ if (!access || isDirectSafeScopeAccess(access)) {
73
+ continue;
74
+ }
75
+ return true;
76
+ }
77
+ return false;
78
+ }
79
+ /**
80
+ * Returns true when a table scoped rule explicitly denies access.
81
+ *
82
+ * テーブル配下ルールに明示的なdenyがある場合はtrueを返します。
83
+ */
84
+ hasScopedDeny({ database, table, operation, }) {
85
+ const normalized = normalizeRulesOperation(operation);
86
+ for (const [rulePath, entry] of Object.entries(this.config.rules)) {
87
+ if (!isRulePathInTableScope(rulePath, database, table)) {
88
+ continue;
89
+ }
90
+ const access = resolveAccessRule(entry, {}, normalized)?.access;
91
+ if (access === "deny") {
92
+ return true;
93
+ }
94
+ }
95
+ return false;
96
+ }
97
+ /**
98
+ * Returns true when a database descendant rule requires server evaluation.
99
+ *
100
+ * データベース配下ルールにサーバー評価が必要な制約がある場合はtrueを返します。
101
+ */
102
+ hasDatabaseScopedRestriction({ database, operation, }) {
103
+ const normalized = normalizeRulesOperation(operation);
104
+ for (const [rulePath, entry] of Object.entries(this.config.rules)) {
105
+ if (!isRulePathInDatabaseScope(rulePath, database)) {
106
+ continue;
107
+ }
108
+ const access = resolveAccessRule(entry, {}, normalized)?.access;
109
+ if (!access || isDirectSafeScopeAccess(access)) {
110
+ continue;
111
+ }
112
+ return true;
113
+ }
114
+ return false;
115
+ }
53
116
  }
54
117
  exports.RulesEngine = RulesEngine;
55
118
  /**
@@ -61,11 +124,21 @@ function buildRulesPath({ database, table, indexKey }) {
61
124
  return [
62
125
  "database",
63
126
  encodeRulesPathSegment(database),
64
- "table",
65
127
  encodeRulesPathSegment(table),
66
128
  encodeRulesPathSegment(indexKey),
67
129
  ].join("/");
68
130
  }
131
+ /**
132
+ * Build a normalized database rules path.
133
+ *
134
+ * 正規化されたデータベースrulesパスを生成します。
135
+ */
136
+ function buildDatabaseRulesPath({ database }) {
137
+ return [
138
+ "database",
139
+ encodeRulesPathSegment(database),
140
+ ].join("/");
141
+ }
69
142
  /**
70
143
  * Normalize HTTP method to rules operation.
71
144
  *
@@ -103,6 +176,157 @@ function normalizeRulesOperation(operation) {
103
176
  return operation;
104
177
  }
105
178
  }
179
+ /**
180
+ * Expand operation aliases to concrete operations.
181
+ *
182
+ * 操作エイリアスを具体的な操作へ展開します。
183
+ */
184
+ function expandRulesOperation(operation) {
185
+ switch (operation) {
186
+ case "read":
187
+ return ["get"];
188
+ case "write":
189
+ return ["create", "update", "delete"];
190
+ case "get":
191
+ case "create":
192
+ case "update":
193
+ case "delete":
194
+ return [operation];
195
+ }
196
+ }
197
+ /**
198
+ * Filter token targets by rules.
199
+ *
200
+ * rulesによりトークン対象をフィルタします。
201
+ */
202
+ async function filterAllowedScope({ engine, database, scope, authentication, }) {
203
+ const allowed = [];
204
+ for (const item of scope) {
205
+ const operations = [];
206
+ for (const operationKey of item.operations) {
207
+ const expanded = expandRulesOperation(operationKey);
208
+ const results = await Promise.all(expanded.map((operation) => {
209
+ return engine.evaluate({
210
+ path: buildRulesPath({
211
+ database,
212
+ table: item.table,
213
+ indexKey: "*",
214
+ }),
215
+ operation,
216
+ authentication,
217
+ });
218
+ }));
219
+ if (results.every((result) => result.allowed)) {
220
+ operations.push(operationKey);
221
+ }
222
+ }
223
+ if (operations.length > 0) {
224
+ allowed.push({
225
+ table: item.table,
226
+ operations,
227
+ });
228
+ }
229
+ }
230
+ return allowed;
231
+ }
232
+ /**
233
+ * Resolve database token access from rules.
234
+ *
235
+ * rulesからデータベーストークンアクセスを解決します。
236
+ */
237
+ async function resolveDatabaseTokenAccess({ engine, database, operations, scope = [], authentication, }) {
238
+ const path = buildDatabaseRulesPath({ database });
239
+ const directRead = await engine.evaluate({
240
+ path,
241
+ operation: "read",
242
+ authentication,
243
+ server: false,
244
+ });
245
+ const serverRead = directRead.allowed
246
+ ? directRead
247
+ : await engine.evaluate({
248
+ path,
249
+ operation: "read",
250
+ authentication,
251
+ server: true,
252
+ });
253
+ if (!serverRead.allowed) {
254
+ return undefined;
255
+ }
256
+ const directDatabaseWrite = await evaluateDatabaseWrite({
257
+ engine,
258
+ path,
259
+ authentication,
260
+ server: false,
261
+ });
262
+ const serverDatabaseWrite = directDatabaseWrite
263
+ ? true
264
+ : await evaluateDatabaseWrite({
265
+ engine,
266
+ path,
267
+ authentication,
268
+ server: true,
269
+ });
270
+ const scopes = await resolveScopeModes({
271
+ engine,
272
+ database,
273
+ scope,
274
+ authentication,
275
+ });
276
+ const readScopes = scopes.filter((item) => requiresRead(item.operations));
277
+ const writeScopes = scopes.filter((item) => requiresWrite(item.operations));
278
+ const requestedOperations = operations ?? [];
279
+ const requestsDatabaseRead = requiresRead(requestedOperations);
280
+ const requestsDatabaseWrite = requiresWrite(requestedOperations);
281
+ const hasTargets = scope.length > 0;
282
+ const restrictedDatabaseRead = !hasTargets && expandRulesOperation("read").some((operation) => {
283
+ return engine.hasDatabaseScopedRestriction({
284
+ database,
285
+ operation,
286
+ });
287
+ });
288
+ const restrictedDatabaseWrite = !hasTargets && expandRulesOperation("write").some((operation) => {
289
+ return engine.hasDatabaseScopedRestriction({
290
+ database,
291
+ operation,
292
+ });
293
+ });
294
+ const databaseReadMode = restrictedDatabaseRead
295
+ ? serverRead.allowed ? "functions" : "none"
296
+ : directRead.allowed ? "direct" : "functions";
297
+ const databaseWriteMode = restrictedDatabaseWrite
298
+ ? serverDatabaseWrite ? "functions" : "none"
299
+ : directDatabaseWrite ? "direct" : serverDatabaseWrite ? "functions" : "none";
300
+ const readMode = resolveOverallMode(readScopes.map((item) => item.readMode ?? "none"), !hasTargets && (requestedOperations.length === 0 || requestsDatabaseRead)
301
+ ? databaseReadMode
302
+ : "none");
303
+ let writeMode = resolveOverallMode(writeScopes.map((item) => item.writeMode ?? "none"), !hasTargets && (requestedOperations.length === 0 || requestsDatabaseWrite)
304
+ ? databaseWriteMode
305
+ : "none");
306
+ if (readMode === "functions" && writeMode === "direct") {
307
+ writeMode = serverDatabaseWrite ? "functions" : "none";
308
+ }
309
+ const authorization = resolveTokenAuthorization(readMode, writeMode);
310
+ return {
311
+ authorization,
312
+ readMode,
313
+ writeMode,
314
+ scopes,
315
+ };
316
+ }
317
+ /**
318
+ * Resolve database token authorization from rules.
319
+ *
320
+ * rulesからデータベーストークン権限を解決します。
321
+ */
322
+ async function resolveDatabaseTokenAuthorization({ engine, database, authentication, }) {
323
+ const access = await resolveDatabaseTokenAccess({
324
+ engine,
325
+ database,
326
+ authentication,
327
+ });
328
+ return access?.authorization;
329
+ }
106
330
  /**
107
331
  * Resolve operation lookup order.
108
332
  *
@@ -123,6 +347,7 @@ function resolveRulesOperation(operation) {
123
347
  }
124
348
  function resolveInheritedRule(matches) {
125
349
  const inherited = {};
350
+ const inheritedParams = {};
126
351
  let rulePath = matches[0]?.rulePath ?? "";
127
352
  for (const match of [...matches].reverse()) {
128
353
  if (!match.entry) {
@@ -131,23 +356,28 @@ function resolveInheritedRule(matches) {
131
356
  rulePath = match.rulePath;
132
357
  for (const [operation, access] of Object.entries(match.entry)) {
133
358
  inherited[operation] = access;
359
+ inheritedParams[operation] = match.params;
134
360
  }
135
361
  }
136
362
  return {
137
363
  rulePath,
138
364
  entry: inherited,
365
+ params: inheritedParams,
139
366
  };
140
367
  }
141
- function resolveAccessRule(entry, operation) {
368
+ function resolveAccessRule(entry, params, operation) {
142
369
  for (const operationKey of resolveRulesOperation(operation)) {
143
370
  const access = entry[operationKey];
144
371
  if (access) {
145
- return access;
372
+ return {
373
+ access,
374
+ params: params[operationKey] ?? {},
375
+ };
146
376
  }
147
377
  }
148
378
  return undefined;
149
379
  }
150
- async function evaluateAccessRule(access, authentication, fetchDocument) {
380
+ async function evaluateAccessRule(access, authentication, fetchDocument, params = {}, server = false) {
151
381
  switch (access) {
152
382
  case "deny":
153
383
  return false;
@@ -155,7 +385,17 @@ async function evaluateAccessRule(access, authentication, fetchDocument) {
155
385
  return true;
156
386
  case "authenticated":
157
387
  return !!authentication?.uid;
158
- default: {
388
+ case "server":
389
+ return server;
390
+ default:
391
+ break;
392
+ }
393
+ if ("server" in access && access.server === true && !server) {
394
+ return false;
395
+ }
396
+ switch (access.type) {
397
+ case "field":
398
+ case "fieldMatch": {
159
399
  const uid = authentication?.uid;
160
400
  if (!uid || !fetchDocument) {
161
401
  return false;
@@ -163,7 +403,159 @@ async function evaluateAccessRule(access, authentication, fetchDocument) {
163
403
  const document = await fetchDocument();
164
404
  return document?.[access.field] === uid;
165
405
  }
406
+ case "path": {
407
+ const uid = authentication?.uid;
408
+ return !!uid && params[access.param] === uid;
409
+ }
410
+ }
411
+ }
412
+ async function resolveScopeModes({ engine, database, scope, authentication, }) {
413
+ const resolved = [];
414
+ for (const item of scope) {
415
+ const readMode = requiresRead(item.operations)
416
+ ? await resolveScopedOperationMode({
417
+ engine,
418
+ database,
419
+ table: item.table,
420
+ operation: "read",
421
+ authentication,
422
+ })
423
+ : undefined;
424
+ const writeMode = requiresWrite(item.operations)
425
+ ? await resolveScopedOperationMode({
426
+ engine,
427
+ database,
428
+ table: item.table,
429
+ operation: "write",
430
+ authentication,
431
+ })
432
+ : undefined;
433
+ resolved.push({
434
+ table: item.table,
435
+ operations: item.operations,
436
+ ...(readMode ? { readMode } : {}),
437
+ ...(writeMode ? { writeMode } : {}),
438
+ });
439
+ }
440
+ return resolved;
441
+ }
442
+ async function resolveScopedOperationMode({ engine, database, table, operation, authentication, }) {
443
+ const path = buildRulesPath({
444
+ database,
445
+ table,
446
+ indexKey: "*",
447
+ });
448
+ const expanded = expandRulesOperation(operation);
449
+ const direct = await Promise.all(expanded.map((item) => engine.evaluate({
450
+ path,
451
+ operation: item,
452
+ authentication,
453
+ server: false,
454
+ })));
455
+ const directAllowed = direct.every((result) => result.allowed);
456
+ const restricted = expanded.some((item) => engine.hasScopedRestriction({
457
+ database,
458
+ table,
459
+ operation: item,
460
+ }));
461
+ if (directAllowed && !restricted) {
462
+ return "direct";
463
+ }
464
+ const denied = expanded.some((item) => engine.hasScopedDeny({
465
+ database,
466
+ table,
467
+ operation: item,
468
+ }));
469
+ if (restricted && !denied) {
470
+ return "functions";
471
+ }
472
+ const server = await Promise.all(expanded.map((item) => engine.evaluate({
473
+ path,
474
+ operation: item,
475
+ authentication,
476
+ server: true,
477
+ })));
478
+ return server.every((result) => result.allowed) ? "functions" : "none";
479
+ }
480
+ function resolveOverallMode(scopedModes, fallback) {
481
+ if (scopedModes.length === 0) {
482
+ return fallback;
483
+ }
484
+ if (scopedModes.every((mode) => mode === "direct")) {
485
+ return "direct";
486
+ }
487
+ if (scopedModes.some((mode) => mode === "none")) {
488
+ return "none";
489
+ }
490
+ return "functions";
491
+ }
492
+ function resolveTokenAuthorization(readMode, writeMode) {
493
+ if (writeMode === "direct") {
494
+ return "full-access";
495
+ }
496
+ if (readMode === "direct") {
497
+ return "read-only";
498
+ }
499
+ return undefined;
500
+ }
501
+ function requiresRead(operations) {
502
+ return operations.some((operation) => expandRulesOperation(operation).includes("get"));
503
+ }
504
+ function requiresWrite(operations) {
505
+ return operations.some((operation) => {
506
+ const expanded = expandRulesOperation(operation);
507
+ return expanded.includes("create") || expanded.includes("update") || expanded.includes("delete");
508
+ });
509
+ }
510
+ async function evaluateDatabaseWrite({ engine, path, authentication, server, }) {
511
+ const results = await Promise.all(expandRulesOperation("write").map((operation) => {
512
+ return engine.evaluate({
513
+ path,
514
+ operation,
515
+ authentication,
516
+ server,
517
+ });
518
+ }));
519
+ return results.every((result) => result.allowed);
520
+ }
521
+ function isRulePathInTableScope(rulePath, database, table) {
522
+ const segments = splitRulesPath(rulePath);
523
+ if (segments.length <= 2) {
524
+ return false;
525
+ }
526
+ return segmentMatches(segments[0], "database") &&
527
+ segmentMatches(segments[1], database) &&
528
+ segmentMatches(segments[2], table);
529
+ }
530
+ function isRulePathInDatabaseScope(rulePath, database) {
531
+ const segments = splitRulesPath(rulePath);
532
+ if (segments.length <= 2) {
533
+ return false;
534
+ }
535
+ return segmentMatches(segments[0], "database") &&
536
+ segmentMatches(segments[1], database);
537
+ }
538
+ function segmentMatches(ruleSegment, value) {
539
+ if (!ruleSegment) {
540
+ return false;
541
+ }
542
+ if (ruleSegment === "**") {
543
+ return true;
544
+ }
545
+ return ruleSegment === "*" || !!parseNamedPathParam(ruleSegment) || ruleSegment === value;
546
+ }
547
+ function isDirectSafeScopeAccess(access) {
548
+ return access === "allow";
549
+ }
550
+ function splitRulesPath(path) {
551
+ if (path.length === 0 || path.startsWith("/") || path.endsWith("/")) {
552
+ return [];
166
553
  }
554
+ return path.split("/");
555
+ }
556
+ function parseNamedPathParam(segment) {
557
+ const match = /^\{([A-Za-z_][A-Za-z0-9_]*)\}$/.exec(segment);
558
+ return match?.[1];
167
559
  }
168
560
  function encodeRulesPathSegment(segment) {
169
561
  if (segment.length === 0 || segment.includes("/")) {
@@ -1 +1 @@
1
- {"version":3,"file":"rules_engine.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/rules_engine.ts"],"names":[],"mappings":";;;AAkGA,wCAQC;AAOD,kFAaC;AAOD,0DAYC;AAOD,sDAYC;AAnKD,iDAOwB;AACxB,iDAAoE;AAoCpE;;;;GAIG;AACH,MAAa,WAAW;IACpB,YAAY,MAA6B;QACrC,IAAI,CAAC,MAAM,GAAG,IAAA,8BAAe,EAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAEgB,MAAM,CAAc;IAErC;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CAAC,KAA2B;QACtC,MAAM,SAAS,GAAG,uBAAuB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC3D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;aACzC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAA,4BAAa,EAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;aACtD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,MAAM,aAAa,GAAG,IAAA,kCAAmB,EAAC,OAAO,CAAC,CAAC;QACnD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YAC9D,OAAO;gBACH,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC;aAC3C,CAAC;QACN,CAAC,CAAC,CAAC,CAAC;QACJ,MAAM,MAAM,GAAG,iBAAiB,CAAC,QAAQ,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QAC5D,IAAI,CAAC,MAAM,EAAE,CAAC;YACV,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC9B,CAAC;QACN,CAAC;QACD,OAAO;YACH,OAAO,EAAE,MAAM,kBAAkB,CAAC,MAAM,EAAE,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,aAAa,CAAC;YACpF,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,MAAM;SACT,CAAC;IACN,CAAC;CACJ;AAzCD,kCAyCC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAsB;IAC5E,OAAO;QACH,UAAU;QACV,sBAAsB,CAAC,QAAQ,CAAC;QAChC,OAAO;QACP,sBAAsB,CAAC,KAAK,CAAC;QAC7B,sBAAsB,CAAC,QAAQ,CAAC;KACnC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,SAAgB,mCAAmC,CAAC,MAAc;IAC9D,QAAQ,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC;QAC3B,KAAK,KAAK;YACN,OAAO,KAAK,CAAC;QACjB,KAAK,MAAM;YACP,OAAO,QAAQ,CAAC;QACpB,KAAK,KAAK;YACN,OAAO,QAAQ,CAAC;QACpB,KAAK,QAAQ;YACT,OAAO,QAAQ,CAAC;QACpB;YACI,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,EAAE,CAAC,CAAC;IACxE,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB,CAAC,SAA6C;IACjF,QAAQ,SAAS,EAAE,CAAC;QAChB,KAAK,MAAM;YACP,OAAO,KAAK,CAAC;QACjB,KAAK,OAAO;YACR,OAAO,QAAQ,CAAC;QACpB,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ;YACT,OAAO,SAAS,CAAC;IACzB,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAgB,qBAAqB,CAAC,SAA6C;IAC/E,MAAM,UAAU,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACtD,QAAQ,UAAU,EAAE,CAAC;QACjB,KAAK,KAAK;YACN,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnC,CAAC;AACL,CAAC;AAED,SAAS,oBAAoB,CACzB,OAA8D;IAE9D,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,IAAI,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,QAAQ,IAAI,EAAE,CAAC;IAC1C,KAAK,MAAM,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACf,SAAS;QACb,CAAC;QACD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;QAC1B,KAAK,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5D,SAAS,CAAC,SAA8B,CAAC,GAAG,MAAM,CAAC;QACvD,CAAC;IACL,CAAC;IACD,OAAO;QACH,QAAQ;QACR,KAAK,EAAE,SAAS;KACnB,CAAC;AACN,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAiB,EAAE,SAAyB;IACnE,KAAK,MAAM,YAAY,IAAI,qBAAqB,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1D,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACT,OAAO,MAAM,CAAC;QAClB,CAAC;IACL,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC7B,MAAuB,EACvB,cAA+C,EAC/C,aAAuF;IAEvF,QAAQ,MAAM,EAAE,CAAC;QACb,KAAK,MAAM;YACP,OAAO,KAAK,CAAC;QACjB,KAAK,OAAO;YACR,OAAO,IAAI,CAAC;QAChB,KAAK,eAAe;YAChB,OAAO,CAAC,CAAC,cAAc,EAAE,GAAG,CAAC;QACjC,OAAO,CAAC,CAAC,CAAC;YACN,MAAM,GAAG,GAAG,cAAc,EAAE,GAAG,CAAC;YAChC,IAAI,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;gBACzB,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,aAAa,EAAE,CAAC;YACvC,OAAO,QAAQ,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC;QAC5C,CAAC;IACL,CAAC;AACL,CAAC;AAED,SAAS,sBAAsB,CAAC,OAAe;IAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,+BAA+B,OAAO,EAAE,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC"}
1
+ {"version":3,"file":"rules_engine.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/rules_engine.ts"],"names":[],"mappings":";;;AA2OA,wCAOC;AAOD,wDAKC;AAOD,kFAaC;AAOD,0DAYC;AAOD,oDAYC;AAOD,gDAuCC;AAOD,gEAiGC;AAOD,8EAeC;AAOD,sDAYC;AAtfD,iDAOwB;AACxB,iDAAoE;AAoFpE;;;;GAIG;AACH,MAAa,WAAW;IACpB,YAAY,MAA6B;QACrC,IAAI,CAAC,MAAM,GAAG,IAAA,8BAAe,EAAC,MAAM,CAAC,CAAC;IAC1C,CAAC;IAEgB,MAAM,CAAc;IAErC;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CAAC,KAA2B;QACtC,MAAM,SAAS,GAAG,uBAAuB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC3D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;aACzC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAA,4BAAa,EAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;aACtD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,MAAM,aAAa,GAAG,IAAA,kCAAmB,EAAC,OAAO,CAAC,CAAC;QACnD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YAC9D,OAAO;gBACH,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC;gBACxC,MAAM,EAAE,KAAK,CAAC,MAAM;aACvB,CAAC;QACN,CAAC,CAAC,CAAC,CAAC;QACJ,MAAM,cAAc,GAAG,iBAAiB,CAAC,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACrF,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC9B,CAAC;QACN,CAAC;QACD,OAAO;YACH,OAAO,EAAE,MAAM,kBAAkB,CAC7B,cAAc,CAAC,MAAM,EACrB,KAAK,CAAC,cAAc,EACpB,KAAK,CAAC,aAAa,EACnB,cAAc,CAAC,MAAM,EACrB,KAAK,CAAC,MAAM,KAAK,IAAI,CACxB;YACD,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,MAAM,EAAE,cAAc,CAAC,MAAM;YAC7B,MAAM,EAAE,cAAc,CAAC,MAAM;SAChC,CAAC;IACN,CAAC;IAED;;;;OAIG;IACH,oBAAoB,CAAC,EACjB,QAAQ,EACR,KAAK,EACL,SAAS,GAKZ;QACG,MAAM,UAAU,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACtD,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE,CAAC;gBACrD,SAAS;YACb,CAAC;YACD,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC;YAChE,IAAI,CAAC,MAAM,IAAI,uBAAuB,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC7C,SAAS;YACb,CAAC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAC,EACV,QAAQ,EACR,KAAK,EACL,SAAS,GAKZ;QACG,MAAM,UAAU,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACtD,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE,CAAC;gBACrD,SAAS;YACb,CAAC;YACD,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC;YAChE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;;;OAIG;IACH,4BAA4B,CAAC,EACzB,QAAQ,EACR,SAAS,GAIZ;QACG,MAAM,UAAU,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACtD,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YAChE,IAAI,CAAC,yBAAyB,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;gBACjD,SAAS;YACb,CAAC;YACD,MAAM,MAAM,GAAG,iBAAiB,CAAC,KAAK,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC;YAChE,IAAI,CAAC,MAAM,IAAI,uBAAuB,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC7C,SAAS;YACb,CAAC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;CACJ;AAlID,kCAkIC;AAED;;;;GAIG;AACH,SAAgB,cAAc,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAsB;IAC5E,OAAO;QACH,UAAU;QACV,sBAAsB,CAAC,QAAQ,CAAC;QAChC,sBAAsB,CAAC,KAAK,CAAC;QAC7B,sBAAsB,CAAC,QAAQ,CAAC;KACnC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CAAC,EAAE,QAAQ,EAAwB;IACrE,OAAO;QACH,UAAU;QACV,sBAAsB,CAAC,QAAQ,CAAC;KACnC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,SAAgB,mCAAmC,CAAC,MAAc;IAC9D,QAAQ,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC;QAC3B,KAAK,KAAK;YACN,OAAO,KAAK,CAAC;QACjB,KAAK,MAAM;YACP,OAAO,QAAQ,CAAC;QACpB,KAAK,KAAK;YACN,OAAO,QAAQ,CAAC;QACpB,KAAK,QAAQ;YACT,OAAO,QAAQ,CAAC;QACpB;YACI,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,EAAE,CAAC,CAAC;IACxE,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB,CAAC,SAA6C;IACjF,QAAQ,SAAS,EAAE,CAAC;QAChB,KAAK,MAAM;YACP,OAAO,KAAK,CAAC;QACjB,KAAK,OAAO;YACR,OAAO,QAAQ,CAAC;QACpB,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ;YACT,OAAO,SAAS,CAAC;IACzB,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAAC,SAA4B;IAC7D,QAAQ,SAAS,EAAE,CAAC;QAChB,KAAK,MAAM;YACP,OAAO,CAAC,KAAK,CAAC,CAAC;QACnB,KAAK,OAAO;YACR,OAAO,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC1C,KAAK,KAAK,CAAC;QACX,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ;YACT,OAAO,CAAC,SAAS,CAAC,CAAC;IAC3B,CAAC;AACL,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,kBAAkB,CAAC,EACrC,MAAM,EACN,QAAQ,EACR,KAAK,EACL,cAAc,GAMjB;IACG,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,MAAM,UAAU,GAAwB,EAAE,CAAC;QAC3C,KAAK,MAAM,YAAY,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;YACpD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;gBACzD,OAAO,MAAM,CAAC,QAAQ,CAAC;oBACnB,IAAI,EAAE,cAAc,CAAC;wBACjB,QAAQ;wBACR,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,QAAQ,EAAE,GAAG;qBAChB,CAAC;oBACF,SAAS;oBACT,cAAc;iBACjB,CAAC,CAAC;YACP,CAAC,CAAC,CAAC,CAAC;YACJ,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAClC,CAAC;QACL,CAAC;QACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC;gBACT,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,UAAU;aACb,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,0BAA0B,CAAC,EAC7C,MAAM,EACN,QAAQ,EACR,UAAU,EACV,KAAK,GAAG,EAAE,EACV,cAAc,GAOjB;IACG,MAAM,IAAI,GAAG,sBAAsB,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC;QACrC,IAAI;QACJ,SAAS,EAAE,MAAM;QACjB,cAAc;QACd,MAAM,EAAE,KAAK;KAChB,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO;QACjC,CAAC,CAAC,UAAU;QACZ,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC;YACpB,IAAI;YACJ,SAAS,EAAE,MAAM;YACjB,cAAc;YACd,MAAM,EAAE,IAAI;SACf,CAAC,CAAC;IACP,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;QACtB,OAAO,SAAS,CAAC;IACrB,CAAC;IACD,MAAM,mBAAmB,GAAG,MAAM,qBAAqB,CAAC;QACpD,MAAM;QACN,IAAI;QACJ,cAAc;QACd,MAAM,EAAE,KAAK;KAChB,CAAC,CAAC;IACH,MAAM,mBAAmB,GAAG,mBAAmB;QAC3C,CAAC,CAAC,IAAI;QACN,CAAC,CAAC,MAAM,qBAAqB,CAAC;YAC1B,MAAM;YACN,IAAI;YACJ,cAAc;YACd,MAAM,EAAE,IAAI;SACf,CAAC,CAAC;IACP,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC;QACnC,MAAM;QACN,QAAQ;QACR,KAAK;QACL,cAAc;KACjB,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAC1E,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5E,MAAM,mBAAmB,GAAG,UAAU,IAAI,EAAE,CAAC;IAC7C,MAAM,oBAAoB,GAAG,YAAY,CAAC,mBAAmB,CAAC,CAAC;IAC/D,MAAM,qBAAqB,GAAG,aAAa,CAAC,mBAAmB,CAAC,CAAC;IACjE,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IACpC,MAAM,sBAAsB,GAAG,CAAC,UAAU,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;QAC1F,OAAO,MAAM,CAAC,4BAA4B,CAAC;YACvC,QAAQ;YACR,SAAS;SACZ,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IACH,MAAM,uBAAuB,GAAG,CAAC,UAAU,IAAI,oBAAoB,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;QAC5F,OAAO,MAAM,CAAC,4BAA4B,CAAC;YACvC,QAAQ;YACR,SAAS;SACZ,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IACH,MAAM,gBAAgB,GAAG,sBAAsB;QAC3C,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM;QAC3C,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC;IAClD,MAAM,iBAAiB,GAAG,uBAAuB;QAC7C,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM;QAC5C,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC;IAClF,MAAM,QAAQ,GAAG,kBAAkB,CAC/B,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,IAAI,MAAM,CAAC,EACjD,CAAC,UAAU,IAAI,CAAC,mBAAmB,CAAC,MAAM,KAAK,CAAC,IAAI,oBAAoB,CAAC;QACrE,CAAC,CAAC,gBAAgB;QAClB,CAAC,CAAC,MAAM,CACf,CAAC;IACF,IAAI,SAAS,GAAG,kBAAkB,CAC9B,WAAW,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC,EACnD,CAAC,UAAU,IAAI,CAAC,mBAAmB,CAAC,MAAM,KAAK,CAAC,IAAI,qBAAqB,CAAC;QACtE,CAAC,CAAC,iBAAiB;QACnB,CAAC,CAAC,MAAM,CACf,CAAC;IACF,IAAI,QAAQ,KAAK,WAAW,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;QACrD,SAAS,GAAG,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC;IAC3D,CAAC;IACD,MAAM,aAAa,GAAG,yBAAyB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACrE,OAAO;QACH,aAAa;QACb,QAAQ;QACR,SAAS;QACT,MAAM;KACT,CAAC;AACN,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,iCAAiC,CAAC,EACpD,MAAM,EACN,QAAQ,EACR,cAAc,GAKjB;IACG,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC;QAC5C,MAAM;QACN,QAAQ;QACR,cAAc;KACjB,CAAC,CAAC;IACH,OAAO,MAAM,EAAE,aAAa,CAAC;AACjC,CAAC;AAED;;;;GAIG;AACH,SAAgB,qBAAqB,CAAC,SAA6C;IAC/E,MAAM,UAAU,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACtD,QAAQ,UAAU,EAAE,CAAC;QACjB,KAAK,KAAK;YACN,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC/B,KAAK,QAAQ;YACT,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnC,CAAC;AACL,CAAC;AAED,SAAS,oBAAoB,CACzB,OAIG;IAMH,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,MAAM,eAAe,GAA+D,EAAE,CAAC;IACvF,IAAI,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,EAAE,QAAQ,IAAI,EAAE,CAAC;IAC1C,KAAK,MAAM,KAAK,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACf,SAAS;QACb,CAAC;QACD,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;QAC1B,KAAK,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5D,SAAS,CAAC,SAA8B,CAAC,GAAG,MAAM,CAAC;YACnD,eAAe,CAAC,SAA8B,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;QACnE,CAAC;IACL,CAAC;IACD,OAAO;QACH,QAAQ;QACR,KAAK,EAAE,SAAS;QAChB,MAAM,EAAE,eAAe;KAC1B,CAAC;AACN,CAAC;AAED,SAAS,iBAAiB,CACtB,KAAiB,EACjB,MAAkE,EAClE,SAAyB;IAKzB,KAAK,MAAM,YAAY,IAAI,qBAAqB,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1D,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;QACnC,IAAI,MAAM,EAAE,CAAC;YACT,OAAO;gBACH,MAAM;gBACN,MAAM,EAAE,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE;aACrC,CAAC;QACN,CAAC;IACL,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC7B,MAAuB,EACvB,cAA+C,EAC/C,aAAuF,EACvF,SAAiC,EAAE,EACnC,MAAM,GAAG,KAAK;IAEd,QAAQ,MAAM,EAAE,CAAC;QACb,KAAK,MAAM;YACP,OAAO,KAAK,CAAC;QACjB,KAAK,OAAO;YACR,OAAO,IAAI,CAAC;QAChB,KAAK,eAAe;YAChB,OAAO,CAAC,CAAC,cAAc,EAAE,GAAG,CAAC;QACjC,KAAK,QAAQ;YACT,OAAO,MAAM,CAAC;QAClB;YACI,MAAM;IACd,CAAC;IACD,IAAI,QAAQ,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAC1D,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;QAClB,KAAK,OAAO,CAAC;QACb,KAAK,YAAY,CAAC,CAAC,CAAC;YAChB,MAAM,GAAG,GAAG,cAAc,EAAE,GAAG,CAAC;YAChC,IAAI,CAAC,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;gBACzB,OAAO,KAAK,CAAC;YACjB,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,aAAa,EAAE,CAAC;YACvC,OAAO,QAAQ,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC;QAC5C,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACV,MAAM,GAAG,GAAG,cAAc,EAAE,GAAG,CAAC;YAChC,OAAO,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC;QACjD,CAAC;IACL,CAAC;AACL,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,EAC7B,MAAM,EACN,QAAQ,EACR,KAAK,EACL,cAAc,GAMjB;IACG,MAAM,QAAQ,GAA6B,EAAE,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;YAC1C,CAAC,CAAC,MAAM,0BAA0B,CAAC;gBAC/B,MAAM;gBACN,QAAQ;gBACR,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,MAAM;gBACjB,cAAc;aACjB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC;QAChB,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC;YAC5C,CAAC,CAAC,MAAM,0BAA0B,CAAC;gBAC/B,MAAM;gBACN,QAAQ;gBACR,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,OAAO;gBAClB,cAAc;aACjB,CAAC;YACF,CAAC,CAAC,SAAS,CAAC;QAChB,QAAQ,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtC,CAAC,CAAC;IACP,CAAC;IACD,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,KAAK,UAAU,0BAA0B,CAAC,EACtC,MAAM,EACN,QAAQ,EACR,KAAK,EACL,SAAS,EACT,cAAc,GAOjB;IACG,MAAM,IAAI,GAAG,cAAc,CAAC;QACxB,QAAQ;QACR,KAAK;QACL,QAAQ,EAAE,GAAG;KAChB,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;QACpE,IAAI;QACJ,SAAS,EAAE,IAAI;QACf,cAAc;QACd,MAAM,EAAE,KAAK;KAChB,CAAC,CAAC,CAAC,CAAC;IACL,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/D,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACnE,QAAQ;QACR,KAAK;QACL,SAAS,EAAE,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,IAAI,aAAa,IAAI,CAAC,UAAU,EAAE,CAAC;QAC/B,OAAO,QAAQ,CAAC;IACpB,CAAC;IACD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC;QACxD,QAAQ;QACR,KAAK;QACL,SAAS,EAAE,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,IAAI,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QACxB,OAAO,WAAW,CAAC;IACvB,CAAC;IACD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;QACpE,IAAI;QACJ,SAAS,EAAE,IAAI;QACf,cAAc;QACd,MAAM,EAAE,IAAI;KACf,CAAC,CAAC,CAAC,CAAC;IACL,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC;AAC3E,CAAC;AAED,SAAS,kBAAkB,CACvB,WAA8B,EAC9B,QAAyB;IAEzB,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,QAAQ,CAAC;IACpB,CAAC;IACD,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QACjD,OAAO,QAAQ,CAAC;IACpB,CAAC;IACD,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,MAAM,CAAC,EAAE,CAAC;QAC9C,OAAO,MAAM,CAAC;IAClB,CAAC;IACD,OAAO,WAAW,CAAC;AACvB,CAAC;AAED,SAAS,yBAAyB,CAC9B,QAAyB,EACzB,SAA0B;IAE1B,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;QACzB,OAAO,aAAa,CAAC;IACzB,CAAC;IACD,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACxB,OAAO,WAAW,CAAC;IACvB,CAAC;IACD,OAAO,SAAS,CAAC;AACrB,CAAC;AAED,SAAS,YAAY,CAAC,UAA+B;IACjD,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED,SAAS,aAAa,CAAC,UAA+B;IAClD,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;QACjC,MAAM,QAAQ,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;QACjD,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrG,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,qBAAqB,CAAC,EACjC,MAAM,EACN,IAAI,EACJ,cAAc,EACd,MAAM,GAMT;IACG,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC7B,oBAAoB,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QAC5C,OAAO,MAAM,CAAC,QAAQ,CAAC;YACnB,IAAI;YACJ,SAAS;YACT,cAAc;YACd,MAAM;SACT,CAAC,CAAC;IACP,CAAC,CAAC,CACL,CAAC;IACF,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,sBAAsB,CAC3B,QAAgB,EAChB,QAAgB,EAChB,KAAa;IAEb,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;QAC1C,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC;QACrC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,SAAS,yBAAyB,CAC9B,QAAgB,EAChB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC1C,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;QAC1C,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,cAAc,CAAC,WAA+B,EAAE,KAAa;IAClE,IAAI,CAAC,WAAW,EAAE,CAAC;QACf,OAAO,KAAK,CAAC;IACjB,CAAC;IACD,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC;IAChB,CAAC;IACD,OAAO,WAAW,KAAK,GAAG,IAAI,CAAC,CAAC,mBAAmB,CAAC,WAAW,CAAC,IAAI,WAAW,KAAK,KAAK,CAAC;AAC9F,CAAC;AAED,SAAS,uBAAuB,CAAC,MAAuB;IACpD,OAAO,MAAM,KAAK,OAAO,CAAC;AAC9B,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,OAAO,EAAE,CAAC;IACd,CAAC;IACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC3B,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IACxC,MAAM,KAAK,GAAG,gCAAgC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,sBAAsB,CAAC,OAAe;IAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,+BAA+B,OAAO,EAAE,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,OAAO,CAAC;AACnB,CAAC"}
@@ -21,7 +21,7 @@ export type RulesOperationKey = RulesOperation | RulesOperationAlias;
21
21
  *
22
22
  * 操作に対するアクセスルール。
23
23
  */
24
- export type RulesAccessRule = "deny" | "allow" | "authenticated" | RulesFieldMatchAccessRule;
24
+ export type RulesAccessRule = "deny" | "allow" | "authenticated" | "server" | RulesFieldMatchAccessRule | RulesFieldAccessRule | RulesPathAccessRule;
25
25
  /**
26
26
  * Field match access rule.
27
27
  *
@@ -31,6 +31,26 @@ export interface RulesFieldMatchAccessRule {
31
31
  type: "fieldMatch";
32
32
  field: string;
33
33
  }
34
+ /**
35
+ * Field match access rule.
36
+ *
37
+ * フィールド一致アクセスルール。
38
+ */
39
+ export interface RulesFieldAccessRule {
40
+ type: "field";
41
+ field: string;
42
+ server?: boolean | undefined;
43
+ }
44
+ /**
45
+ * Path parameter access rule.
46
+ *
47
+ * パスパラメーター一致アクセスルール。
48
+ */
49
+ export interface RulesPathAccessRule {
50
+ type: "path";
51
+ param: string;
52
+ server?: boolean | undefined;
53
+ }
34
54
  /**
35
55
  * Rule entry for a matched path.
36
56
  *
@@ -2,7 +2,7 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.loadRulesConfig = loadRulesConfig;
4
4
  exports.validateRulePath = validateRulePath;
5
- const allowedAccessValues = new Set(["deny", "allow", "authenticated"]);
5
+ const allowedAccessValues = new Set(["deny", "allow", "authenticated", "server"]);
6
6
  const allowedOperationKeys = new Set([
7
7
  "get",
8
8
  "create",
@@ -52,6 +52,20 @@ function validateRulePath(path) {
52
52
  if (segments.some((segment) => segment.length === 0)) {
53
53
  throw new Error(`Rule path must not contain empty segments: ${path}`);
54
54
  }
55
+ const paramNames = new Set();
56
+ for (const segment of segments) {
57
+ const paramName = parseNamedPathParam(segment);
58
+ if ((segment.startsWith("{") || segment.endsWith("}")) && !paramName) {
59
+ throw new Error(`Invalid path parameter segment '${segment}' in rule path: ${path}`);
60
+ }
61
+ if (!paramName) {
62
+ continue;
63
+ }
64
+ if (paramNames.has(paramName)) {
65
+ throw new Error(`Duplicate path parameter '${paramName}' in rule path: ${path}`);
66
+ }
67
+ paramNames.add(paramName);
68
+ }
55
69
  const deepWildcardIndex = segments.indexOf("**");
56
70
  if (deepWildcardIndex >= 0 && deepWildcardIndex !== segments.length - 1) {
57
71
  throw new Error(`'**' must be the last segment in rule path: ${path}`);
@@ -84,9 +98,27 @@ function validateAccessRule(path, operation, access) {
84
98
  field: access.field,
85
99
  };
86
100
  }
101
+ if (access.type === "field" && typeof access.field === "string" && access.field.length > 0) {
102
+ return {
103
+ type: "field",
104
+ field: access.field,
105
+ ...(access.server === true ? { server: true } : {}),
106
+ };
107
+ }
108
+ if (access.type === "path" && typeof access.param === "string" && access.param.length > 0) {
109
+ return {
110
+ type: "path",
111
+ param: access.param,
112
+ ...(access.server === true ? { server: true } : {}),
113
+ };
114
+ }
87
115
  }
88
116
  throw new Error(`Invalid access rule for ${operation} in ${path}.`);
89
117
  }
118
+ function parseNamedPathParam(segment) {
119
+ const match = /^\{([A-Za-z_][A-Za-z0-9_]*)\}$/.exec(segment);
120
+ return match?.[1];
121
+ }
90
122
  function isRecord(value) {
91
123
  return typeof value === "object" && value !== null;
92
124
  }
@@ -1 +1 @@
1
- {"version":3,"file":"rules_loader.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/rules_loader.ts"],"names":[],"mappings":";;AAwFA,0CAoBC;AAOD,4CAeC;AAzDD,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC;AACxE,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACjC,KAAK;IACL,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,OAAO;CACV,CAAC,CAAC;AAEH;;;;GAIG;AACH,SAAgB,eAAe,CAAC,KAAc;IAC1C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;IACD,OAAO;QACH,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,KAAK;KACR,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,gBAAgB,CAAC,IAAY;IACzC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,6CAA6C,IAAI,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,IAAI,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM,iBAAiB,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,IAAI,iBAAiB,IAAI,CAAC,IAAI,iBAAiB,KAAK,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtE,MAAM,IAAI,KAAK,CAAC,+CAA+C,IAAI,EAAE,CAAC,CAAC;IAC3E,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,KAAc;IACpD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,MAAM,GAAe,EAAE,CAAC;IAC9B,KAAK,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,+BAA+B,SAAS,QAAQ,IAAI,GAAG,CAAC,CAAC;QAC7E,CAAC;QACD,MAAM,CAAC,SAA8B,CAAC,GAAG,kBAAkB,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,MAAM,CAAC;AAClB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,SAAiB,EAAE,MAAe;IACxE,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC7B,IAAI,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAClC,OAAO,MAAyB,CAAC;QACrC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,SAAS,SAAS,OAAO,IAAI,GAAG,CAAC,CAAC;IACxF,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACnB,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9F,OAAO;gBACH,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,MAAM,CAAC,KAAK;aACtB,CAAC;QACN,CAAC;IACL,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,SAAS,OAAO,IAAI,GAAG,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC5B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AACvD,CAAC"}
1
+ {"version":3,"file":"rules_loader.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/rules_loader.ts"],"names":[],"mappings":";;AAiHA,0CAoBC;AAOD,4CA6BC;AAvED,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,CAAC,CAAC,CAAC;AAClF,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACjC,KAAK;IACL,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,OAAO;CACV,CAAC,CAAC;AAEH;;;;GAIG;AACH,SAAgB,eAAe,CAAC,KAAc;IAC1C,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,gBAAgB,CAAC,IAAI,CAAC,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;IACD,OAAO;QACH,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,KAAK;KACR,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,gBAAgB,CAAC,IAAY;IACzC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC7D,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,6CAA6C,IAAI,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,8CAA8C,IAAI,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;IACrC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAC/C,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,mCAAmC,OAAO,mBAAmB,IAAI,EAAE,CAAC,CAAC;QACzF,CAAC;QACD,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,SAAS;QACb,CAAC;QACD,IAAI,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,SAAS,mBAAmB,IAAI,EAAE,CAAC,CAAC;QACrF,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC9B,CAAC;IACD,MAAM,iBAAiB,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACjD,IAAI,iBAAiB,IAAI,CAAC,IAAI,iBAAiB,KAAK,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtE,MAAM,IAAI,KAAK,CAAC,+CAA+C,IAAI,EAAE,CAAC,CAAC;IAC3E,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,KAAc;IACpD,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,MAAM,GAAe,EAAE,CAAC;IAC9B,KAAK,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,+BAA+B,SAAS,QAAQ,IAAI,GAAG,CAAC,CAAC;QAC7E,CAAC;QACD,MAAM,CAAC,SAA8B,CAAC,GAAG,kBAAkB,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IACzF,CAAC;IACD,OAAO,MAAM,CAAC;AAClB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,SAAiB,EAAE,MAAe;IACxE,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC7B,IAAI,mBAAmB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAClC,OAAO,MAAyB,CAAC;QACrC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,MAAM,SAAS,SAAS,OAAO,IAAI,GAAG,CAAC,CAAC;IACxF,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACnB,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9F,OAAO;gBACH,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,MAAM,CAAC,KAAK;aACtB,CAAC;QACN,CAAC;QACD,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzF,OAAO;gBACH,IAAI,EAAE,OAAO;gBACb,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACtD,CAAC;QACN,CAAC;QACD,IAAI,MAAM,CAAC,IAAI,KAAK,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxF,OAAO;gBACH,IAAI,EAAE,MAAM;gBACZ,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACtD,CAAC;QACN,CAAC;IACL,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,2BAA2B,SAAS,OAAO,IAAI,GAAG,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IACxC,MAAM,KAAK,GAAG,gCAAgC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;AACtB,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC5B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AACvD,CAAC"}
@@ -1,6 +1,7 @@
1
1
  import { Hono } from "hono";
2
2
  import { WorkersAuthAdapterBase } from "./workers_auth_adapter_base";
3
3
  import { WorkersRuleAdapterBase } from "./workers_rule_adapter_base";
4
+ import { RulesConfig } from "./rules/rules_loader";
4
5
  /**
5
6
  * Define Function data for Cloudflare Workers.
6
7
  *
@@ -98,15 +99,33 @@ export interface WorkersOptions {
98
99
  */
99
100
  auth?: WorkersAuthAdapterBase | null | undefined;
100
101
  /**
101
- * Rules adapter.
102
+ * Rules adapter or rules.json configuration.
102
103
  *
103
- * rulesアダプター。
104
+ * rulesアダプター、またはrules.json設定。
104
105
  */
105
- rules?: WorkersRuleAdapterBase | null | undefined;
106
+ rules?: WorkersRulesOption | null | undefined;
106
107
  }
108
+ /**
109
+ * Rules option for Workers.
110
+ *
111
+ * Workers用rulesオプション。
112
+ */
113
+ export type WorkersRulesOption = WorkersRuleAdapterBase | RulesConfig;
107
114
  /**
108
115
  * Merge Workers options.
109
116
  *
110
117
  * Workersのオプションをマージします。
111
118
  */
112
119
  export declare function resolveWorkersOptions(defaultOptions?: WorkersOptions, options?: WorkersOptions): WorkersOptions;
120
+ /**
121
+ * Returns true when rules option is a middleware adapter.
122
+ *
123
+ * rulesオプションがミドルウェアアダプターの場合はtrueを返します。
124
+ */
125
+ export declare function isWorkersRuleAdapter(rules: WorkersRulesOption | null | undefined): rules is WorkersRuleAdapterBase;
126
+ /**
127
+ * Returns true when rules option is rules.json configuration.
128
+ *
129
+ * rulesオプションがrules.json設定の場合はtrueを返します。
130
+ */
131
+ export declare function isRulesConfig(rules: WorkersRulesOption | null | undefined): rules is RulesConfig;
@@ -2,6 +2,8 @@
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.WorkersBase = void 0;
4
4
  exports.resolveWorkersOptions = resolveWorkersOptions;
5
+ exports.isWorkersRuleAdapter = isWorkersRuleAdapter;
6
+ exports.isRulesConfig = isRulesConfig;
5
7
  /**
6
8
  * Define Function data for Cloudflare Workers.
7
9
  *
@@ -78,7 +80,7 @@ class WorkersBase {
78
80
  * rulesミドルウェアを適用します。
79
81
  */
80
82
  applyRules(hono, options) {
81
- if (options.rules) {
83
+ if (isWorkersRuleAdapter(options.rules)) {
82
84
  hono.use("*", options.rules.build());
83
85
  }
84
86
  return hono;
@@ -106,4 +108,22 @@ function resolveWorkersOptions(defaultOptions = {}, options = {}) {
106
108
  : rules,
107
109
  };
108
110
  }
111
+ /**
112
+ * Returns true when rules option is a middleware adapter.
113
+ *
114
+ * rulesオプションがミドルウェアアダプターの場合はtrueを返します。
115
+ */
116
+ function isWorkersRuleAdapter(rules) {
117
+ return !!rules && typeof rules.build === "function";
118
+ }
119
+ /**
120
+ * Returns true when rules option is rules.json configuration.
121
+ *
122
+ * rulesオプションがrules.json設定の場合はtrueを返します。
123
+ */
124
+ function isRulesConfig(rules) {
125
+ return !!rules && typeof rules.version === "string" &&
126
+ typeof rules.rules === "object" &&
127
+ rules.rules !== null;
128
+ }
109
129
  //# sourceMappingURL=workers_base.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"workers_base.js","sourceRoot":"","sources":["../../../src/lib/src/workers_base.ts"],"names":[],"mappings":";;;AAiJA,sDAkBC;AA/JD;;;;;;;;GAQG;AACH,MAAsB,WAAW;IAC7B;;;;;;;;OAQG;IACH,YAAY,EACR,IAAI,EACJ,IAAI,EACJ,IAAI,GAAG,EAAE,EACT,OAAO,GAUV;QACG,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IACjC,CAAC;IAED;;;;;OAKG;IACM,IAAI,CAAS;IAEtB;;;;;OAKG;IACM,IAAI,CAIiB;IAE9B;;;;OAIG;IACM,IAAI,CAAyB;IAEtC;;;;OAIG;IACM,OAAO,CAAiB;IASjC;;;;OAIG;IACO,cAAc,CAAC,iBAAiC,EAAE;QACxD,OAAO,qBAAqB,CAAC,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;;;OAIG;IACO,mBAAmB,CAAC,IAAU,EAAE,OAAuB;QAC7D,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACO,UAAU,CAAC,IAAU,EAAE,OAAuB;QACpD,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ;AAxGD,kCAwGC;AAuBD;;;;GAIG;AACH,SAAgB,qBAAqB,CACjC,iBAAiC,EAAE,EACnC,UAA0B,EAAE;IAE5B,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC;IACxC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC;IAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,OAAO;QACH,GAAG,cAAc;QACjB,GAAG,OAAO;QACV,IAAI,EAAE,IAAI,KAAK,SAAS;YACpB,CAAC,CAAC,WAAW;YACb,CAAC,CAAC,IAAI;QACV,KAAK,EAAE,KAAK,KAAK,SAAS;YACtB,CAAC,CAAC,YAAY;YACd,CAAC,CAAC,KAAK;KACd,CAAC;AACN,CAAC"}
1
+ {"version":3,"file":"workers_base.js","sourceRoot":"","sources":["../../../src/lib/src/workers_base.ts"],"names":[],"mappings":";;;AAyJA,sDAkBC;AAOD,oDAIC;AAOD,sCAMC;AA9LD;;;;;;;;GAQG;AACH,MAAsB,WAAW;IAC7B;;;;;;;;OAQG;IACH,YAAY,EACR,IAAI,EACJ,IAAI,EACJ,IAAI,GAAG,EAAE,EACT,OAAO,GAUV;QACG,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IACjC,CAAC;IAED;;;;;OAKG;IACM,IAAI,CAAS;IAEtB;;;;;OAKG;IACM,IAAI,CAIiB;IAE9B;;;;OAIG;IACM,IAAI,CAAyB;IAEtC;;;;OAIG;IACM,OAAO,CAAiB;IASjC;;;;OAIG;IACO,cAAc,CAAC,iBAAiC,EAAE;QACxD,OAAO,qBAAqB,CAAC,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/D,CAAC;IAED;;;;OAIG;IACO,mBAAmB,CAAC,IAAU,EAAE,OAAuB;QAC7D,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACf,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACO,UAAU,CAAC,IAAU,EAAE,OAAuB;QACpD,IAAI,oBAAoB,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACtC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ;AAxGD,kCAwGC;AA8BD;;;;GAIG;AACH,SAAgB,qBAAqB,CACjC,iBAAiC,EAAE,EACnC,UAA0B,EAAE;IAE5B,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC;IACxC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC;IAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IAC5B,OAAO;QACH,GAAG,cAAc;QACjB,GAAG,OAAO;QACV,IAAI,EAAE,IAAI,KAAK,SAAS;YACpB,CAAC,CAAC,WAAW;YACb,CAAC,CAAC,IAAI;QACV,KAAK,EAAE,KAAK,KAAK,SAAS;YACtB,CAAC,CAAC,YAAY;YACd,CAAC,CAAC,KAAK;KACd,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAChC,KAA4C;IAE5C,OAAO,CAAC,CAAC,KAAK,IAAI,OAAQ,KAAgC,CAAC,KAAK,KAAK,UAAU,CAAC;AACpF,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CACzB,KAA4C;IAE5C,OAAO,CAAC,CAAC,KAAK,IAAI,OAAQ,KAAqB,CAAC,OAAO,KAAK,QAAQ;QAChE,OAAQ,KAAqB,CAAC,KAAK,KAAK,QAAQ;QAC/C,KAAqB,CAAC,KAAK,KAAK,IAAI,CAAC;AAC9C,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mathrunet/masamune_cloudflare",
3
- "version": "3.1.7",
3
+ "version": "3.1.9",
4
4
  "description": "Manages packages on Cloudflare Workers for the server portion of the Masamune framework.",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",