npm - @metamask-previews/permission-controller - Versions diffs - 12.3.0-preview-1e2fe74a0 → 12.3.0-preview-7e80c49 - Mend

@metamask-previews/permission-controller 12.3.0-preview-1e2fe74a0 → 12.3.0-preview-7e80c49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/CHANGELOG.md +0 -6
package/dist/Permission.cjs.map +1 -1
package/dist/Permission.d.cts +15 -9
package/dist/Permission.d.cts.map +1 -1
package/dist/Permission.d.mts +15 -9
package/dist/Permission.d.mts.map +1 -1
package/dist/Permission.mjs.map +1 -1
package/dist/index.cjs +1 -3
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +0 -1
package/dist/index.d.cts.map +1 -1
package/dist/index.d.mts +0 -1
package/dist/index.d.mts.map +1 -1
package/dist/index.mjs +0 -1
package/dist/index.mjs.map +1 -1
package/package.json +1 -1
package/dist/createRestrictedMethodMessenger.cjs +0 -20
package/dist/createRestrictedMethodMessenger.cjs.map +0 -1
package/dist/createRestrictedMethodMessenger.d.cts +0 -42
package/dist/createRestrictedMethodMessenger.d.cts.map +0 -1
package/dist/createRestrictedMethodMessenger.d.mts +0 -42
package/dist/createRestrictedMethodMessenger.d.mts.map +0 -1
package/dist/createRestrictedMethodMessenger.mjs +0 -16
package/dist/createRestrictedMethodMessenger.mjs.map +0 -1

package/CHANGELOG.md CHANGED Viewed

@@ -10,8 +10,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Add `createPermissionMiddlewareV2`, a `JsonRpcEngineV2` variant of the standalone permission middleware factory ([#8532](https://github.com/MetaMask/core/pull/8532))
-- Add `messenger` option to permission specification builders, allowing restricted-method specs to receive a scoped messenger in place of `methodHooks` ([#8551](https://github.com/MetaMask/core/pull/8551))
-  - Use the `actionNames` field on the specification builder and `createRestrictedMethodMessenger` to construct the scoped messenger.
 ### Changed
@@ -27,10 +25,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Deprecate `createPermissionMiddleware` in favor of `createPermissionMiddlewareV2`, which targets `JsonRpcEngineV2` ([#8532](https://github.com/MetaMask/core/pull/8532))
-### Removed
-- **BREAKING:** Remove `factoryHooks`, `validatorHooks`, and related fields from permission specification builders ([#8551](https://github.com/MetaMask/core/pull/8551))
 ## [12.3.0]
 ### Added

package/dist/Permission.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Permission.cjs","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":";;;AAGA,mCAAgC;AAkJhC;;;;;;;;GAQG;AACH,SAAgB,mBAAmB,CAEjC,OAA4C;IAC5C,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,IAAA,eAAM,GAAE;QACZ,gBAAgB,EAAE,MAAM;QACxB,OAAO;QACP,OAAO;QACP,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;KACP,CAAC;AACxB,CAAC;AAZD,kDAYC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CACxB,UAAgC,EAChC,UAAkB;IAElB,OAAO,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;AAC1E,CAAC;AALD,gCAKC;AAgKD;;GAEG;AACH,IAAY,cAYX;AAZD,WAAY,cAAc;IACxB;;;OAGG;IACH,uDAAqC,CAAA;IAErC;;;OAGG;IACH,yCAAuB,CAAA;AACzB,CAAC,EAZW,cAAc,8BAAd,cAAc,QAYzB;AAyLD;;;;;;;;GAQG;AACH,SAAgB,oBAAoB,CAIlC,aAA4B,EAC5B,YAAkB;IAIlB,OAAO,aAAa,CAAC,cAAc,KAAK,YAAY,CAAC;AACvD,CAAC;AAVD,oDAUC","sourcesContent":["import type { NonEmptyArray } from '@metamask/controller-utils';\nimport type { ActionConstraint, EventConstraint } from '@metamask/messenger';\nimport type { Json } from '@metamask/utils';\nimport { nanoid } from 'nanoid';\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { CaveatConstraint, Caveat } from './Caveat';\nimport type {\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n PermissionController,\n PermissionsRequest,\n SideEffectMessenger,\n} from './PermissionController';\nimport type { SubjectType } from './SubjectMetadataController';\n\n/*\n The origin of a subject.\n * Effectively the GUID of an entity that can have permissions.\n /\nexport type OriginString = string;\n\n/\n The name of a permission target.\n /\ntype TargetName = string;\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n /\nexport type PermissionConstraint = {\n /\n The context(s) in which this capability is meaningful.\n \n It is required by the standard, but we make it optional since there is only\n * one context in our usage (i.e. the user's MetaMask instance).\n /\n readonly '@context'?: NonEmptyArray<string>;\n\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: null \| NonEmptyArray<CaveatConstraint>;\n\n /\n The creation date of the permission, in UNIX epoch time.\n /\n readonly date: number;\n\n /\n The GUID of the permission object.\n /\n readonly id: string;\n\n /\n The origin string of the subject that has the permission.\n /\n readonly invoker: OriginString;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: string;\n};\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n \n @template Name - The name of the permission that the target corresponds to.\n * @template AllowedCaveat - A union of the allowed {@link Caveat} types\n * for the permission.\n /\nexport type ValidPermission<\n Name extends TargetName,\n AllowedCaveat extends CaveatConstraint,\n> = PermissionConstraint & {\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: AllowedCaveat extends never\n ? null\n : NonEmptyArray<AllowedCaveat> \| null;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: Name;\n};\n\n/\n Internal utility for extracting the members types of an array. The type\n * evalutes to `never` if the specified type is the empty tuple or neither\n * an array nor a tuple.\n \n @template ArrayType - The array type whose members to extract.\n /\ntype ExtractArrayMembers<ArrayType> = ArrayType extends []\n ? never\n : ArrayType extends unknown[] \| readonly unknown[]\n ? ArrayType[number]\n : never;\n\n/\n A utility type for extracting the allowed caveat types for a particular\n * permission from a permission specification type.\n \n @template PermissionSpecification - The permission specification type to\n * extract valid caveat types from.\n /\nexport type ExtractAllowedCaveatTypes<\n PermissionSpecification extends PermissionSpecificationConstraint,\n> = ExtractArrayMembers<PermissionSpecification['allowedCaveats']>;\n\n/\n The options object of {@link constructPermission}.\n \n @template TargetPermission - The {@link Permission} that will be constructed.\n /\nexport type PermissionOptions<TargetPermission extends PermissionConstraint> = {\n target: TargetPermission['parentCapability'];\n /\n The origin string of the subject that has the permission.\n /\n invoker: OriginString;\n\n /\n The caveats of the permission.\n * See {@link Caveat}.\n /\n caveats?: NonEmptyArray<CaveatConstraint>;\n};\n\n/\n The default permission factory function. Naively constructs a permission from\n * the inputs. Sets a default, random `id` if none is provided.\n \n @see {@link Permission} For more details.\n * @template TargetPermission- - The {@link Permission} that will be constructed.\n * @param options - The options for the permission.\n * @returns The new permission object.\n /\nexport function constructPermission<\n TargetPermission extends PermissionConstraint,\n>(options: PermissionOptions<TargetPermission>): TargetPermission {\n const { caveats = null, invoker, target } = options;\n\n return {\n id: nanoid(),\n parentCapability: target,\n invoker,\n caveats,\n date: new Date().getTime(),\n } as TargetPermission;\n}\n\n/\n Gets the caveat of the specified type belonging to the specified permission.\n \n @param permission - The permission whose caveat to retrieve.\n * @param caveatType - The type of the caveat to retrieve.\n * @returns The caveat, or undefined if no such caveat exists.\n /\nexport function findCaveat(\n permission: PermissionConstraint,\n caveatType: string,\n): CaveatConstraint \| undefined {\n return permission.caveats?.find((caveat) => caveat.type === caveatType);\n}\n\n/\n A requested permission object. Just an object with any of the properties\n * of a {@link PermissionConstraint} object.\n /\ntype RequestedPermission = Partial<PermissionConstraint>;\n\n/\n A record of target names and their {@link RequestedPermission} objects.\n /\nexport type RequestedPermissions = Record<TargetName, RequestedPermission>;\n\n/\n The restricted method context object. Essentially a way to pass internal\n * arguments to restricted methods and caveat functions, most importantly the\n * requesting origin.\n /\ntype RestrictedMethodContext = Readonly<{\n origin: OriginString;\n [key: string]: unknown;\n}>;\n\nexport type RestrictedMethodParameters = Json[] \| Record<string, Json>;\n\n/\n The arguments passed to a restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n /\nexport type RestrictedMethodOptions<\n Params extends RestrictedMethodParameters \| null,\n> = {\n method: TargetName;\n params?: Params;\n context: RestrictedMethodContext;\n};\n\n/\n A synchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type SyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Result;\n\n/\n An asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type AsyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Promise<Result>;\n\n/\n A synchronous or asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type RestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> =\n \| SyncRestrictedMethod<Params, Result>\n \| AsyncRestrictedMethod<Params, Result>;\n\nexport type ValidRestrictedMethod<\n MethodImplementation extends RestrictedMethod<\n RestrictedMethodParameters,\n Json\n >,\n> = MethodImplementation extends (args: infer Options) => Json \| Promise<Json>\n ? Options extends RestrictedMethodOptions<RestrictedMethodParameters>\n ? MethodImplementation\n : never\n : never;\n\n/\n {@link EndowmentGetter} parameter object.\n /\nexport type EndowmentGetterParams = {\n /\n The origin of the requesting subject.\n /\n origin: string;\n\n /\n Any additional data associated with the request.\n /\n requestData?: unknown;\n\n [key: string]: unknown;\n};\n\n/\n A synchronous or asynchronous function that gets the endowments for a\n * particular endowment permission. The getter receives the origin of the\n * requesting subject and, optionally, additional request metadata.\n /\nexport type EndowmentGetter<Endowments extends Json> = (\n options: EndowmentGetterParams,\n) => Endowments \| Promise<Endowments>;\n\nexport type PermissionFactory<\n TargetPermission extends PermissionConstraint,\n RequestData extends Record<string, unknown>,\n> = (\n options: PermissionOptions<TargetPermission>,\n requestData?: RequestData,\n) => TargetPermission;\n\nexport type PermissionValidatorConstraint = (\n permission: PermissionConstraint,\n origin?: OriginString,\n target?: string,\n) => void;\n\n/\n The parameters passed to the side-effect function.\n /\nexport type SideEffectParams<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n requestData: PermissionsRequest;\n messenger: SideEffectMessenger<Actions, Events>;\n};\n\n/\n A function that will execute actions as a permission side-effect.\n /\nexport type SideEffectHandler<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = (params: SideEffectParams<Actions, Events>) => Promise<unknown>;\n\n/\n The permissions side effects.\n /\nexport type PermissionSideEffect<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n /\n A method triggered when the permission is accepted by the user\n /\n onPermitted: SideEffectHandler<Actions, Events>;\n /\n A method triggered if a `onPermitted` method rejected.\n /\n onFailure?: SideEffectHandler<Actions, Events>;\n};\n\n/\n The different possible types of permissions.\n /\nexport enum PermissionType {\n /\n A restricted JSON-RPC method. A subject must have the requisite permission\n * to call a restricted JSON-RPC method.\n /\n RestrictedMethod = 'RestrictedMethod',\n\n /\n An \"endowment\" granted to subjects that possess the requisite permission,\n * such as a global environment variable exposing a restricted API, etc.\n /\n Endowment = 'Endowment',\n}\n\n/\n The base constraint for permission specification objects. Every\n * {@link Permission} supported by a {@link PermissionController} must have an\n * associated specification, which is the source of truth for all permission-\n * related types. A permission specification includes the list of permitted\n * caveats, and any factory and validation functions specified by the consumer.\n * A concrete permission specification may specify further fields as necessary.\n \n See the README for more details.\n /\ntype PermissionSpecificationBase<Type extends PermissionType> = {\n /\n The type of the specified permission.\n /\n permissionType: Type;\n\n /\n The name of the target resource of the permission.\n /\n targetName: string;\n\n /\n An array of the caveat types that may be added to instances of this\n * permission.\n /\n allowedCaveats: Readonly<NonEmptyArray<string>> \| null;\n\n /\n The factory function used to get permission objects. Permissions returned\n * by this function are presumed to valid, and they will not be passed to the\n * validator function associated with this specification (if any). In other\n * words, the factory function should validate the permissions it creates.\n \n If no factory is specified, the {@link Permission} constructor will be\n * used, and the validator function (if specified) will be called on newly\n * constructed permissions.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n factory?: PermissionFactory<any, Record<string, unknown>>;\n\n /\n The validator function used to validate permissions of the associated type\n * whenever they are granted or their caveat arrays are mutated.\n \n Permission validators are not invoked when a caveat is mutated, provided\n * the caveat array has not changed. For this reason, permission validators\n * must not be used to validate caveats. To validate caveats, use the\n * corresponding caveat specification property.\n \n The validator should throw an appropriate JSON-RPC error if validation fails.\n /\n validator?: PermissionValidatorConstraint;\n\n /\n The side-effect triggered by the {@link PermissionController} once the user approved it.\n * The side-effect can only be an action allowed to be called inside the {@link PermissionController}.\n \n If the side-effect action fails, the permission that triggered it is revoked.\n /\n sideEffect?: PermissionSideEffect<ActionConstraint, EventConstraint>;\n\n /\n The Permission may be available to only a subset of the subject types. If so, specify the subject types as an array.\n * If a subject with a type not in this array tries to request the permission, the call will fail.\n \n Leaving this as undefined uses default behaviour where the permission is available to request for all subject types.\n /\n subjectTypes?: readonly SubjectType[];\n};\n\n/\n The constraint for restricted method permission specification objects.\n * Permissions that correspond to JSON-RPC methods are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type RestrictedMethodSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.RestrictedMethod> & {\n /\n The implementation of the restricted method that the permission\n * corresponds to.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n methodImplementation: RestrictedMethod<any, Json>;\n };\n\n/\n The constraint for endowment permission specification objects. Permissions\n * that endow callers with some restricted resource are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type EndowmentSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.Endowment> & {\n /\n The {@link EndowmentGetter} function for the permission. This function\n * will be called by the {@link PermissionController} whenever the\n * permission is invoked, after which the host can apply the endowments to\n * the requesting subject in the intended manner.\n /\n endowmentGetter: EndowmentGetter<Json>;\n };\n\n/\n The constraint for permission specification objects. Every {@link Permission}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all permission-related types.\n * All specifications must adhere to the {@link PermissionSpecificationBase}\n * interface, but specifications may have different fields depending on the\n * {@link PermissionType}.\n \n See the README for more details.\n /\nexport type PermissionSpecificationConstraint =\n \| EndowmentSpecificationConstraint\n \| RestrictedMethodSpecificationConstraint;\n\n/\n Options for {@link PermissionSpecificationBuilder} functions.\n /\ntype PermissionSpecificationBuilderOptions<\n MethodHooks extends Record<string, unknown>,\n SpecMessenger = unknown,\n> = {\n targetName?: string;\n allowedCaveats?: Readonly<NonEmptyArray<string>> \| null;\n methodHooks?: MethodHooks;\n /\n A messenger scoped to this permission specification. The messenger is\n * expected to have exactly the actions declared by the spec's `actionNames`\n * delegated to it; {@link createRestrictedMethodMessenger} is the canonical\n * way to construct it.\n /\n messenger?: SpecMessenger;\n};\n\n/\n A function that builds a permission specification. Modules that specify\n * permissions for external consumption should make this their primary /\n * default export so that host applications can use them to generate concrete\n * specifications tailored to their requirements.\n /\nexport type PermissionSpecificationBuilder<\n Type extends PermissionType,\n Options extends PermissionSpecificationBuilderOptions<\n Record<string, unknown>\n >,\n Specification extends PermissionSpecificationConstraint & {\n permissionType: Type;\n },\n> = (options: Options) => Specification;\n\ntype ValidRestrictedMethodSpecification<\n Specification extends RestrictedMethodSpecificationConstraint,\n> =\n Specification['methodImplementation'] extends ValidRestrictedMethod<\n Specification['methodImplementation']\n >\n ? Specification\n : never;\n\n/\n Constraint for {@link PermissionSpecificationConstraint} objects that\n * evaluates to `never` if the specification contains any invalid fields.\n \n @template Specification - The permission specification to validate.\n /\nexport type ValidPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n> = Specification['targetName'] extends TargetName\n ? Specification['permissionType'] extends PermissionType.Endowment\n ? Specification\n : Specification['permissionType'] extends PermissionType.RestrictedMethod\n ? ValidRestrictedMethodSpecification<\n Extract<Specification, RestrictedMethodSpecificationConstraint>\n >\n : never\n : never;\n\n/\n Checks that the specification has the expected permission type.\n \n @param specification - The specification to check.\n * @param expectedType - The expected permission type.\n * @template Specification - The specification to check.\n * @template Type - The expected permission type.\n * @returns Whether or not the specification is of the expected type.\n /\nexport function hasSpecificationType<\n Specification extends PermissionSpecificationConstraint,\n Type extends PermissionType,\n>(\n specification: Specification,\n expectedType: Type,\n): specification is Specification & {\n permissionType: Type;\n} {\n return specification.permissionType === expectedType;\n}\n\n/\n The specifications for all permissions supported by a particular\n * {@link PermissionController}.\n \n @template Specifications - The union of all {@link PermissionSpecificationConstraint} types.\n /\nexport type PermissionSpecificationMap<\n Specification extends PermissionSpecificationConstraint,\n> = {\n [Name in Specification['targetName']]: Specification extends {\n targetName: Name;\n }\n ? Specification\n : never;\n};\n\n/\n Extracts a specific {@link PermissionSpecificationConstraint} from a union of\n * permission specifications.\n \n @template Specification - The specification union type to extract from.\n * @template Name - The `targetName` of the specification to extract.\n */\nexport type ExtractPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n Name extends Specification['targetName'],\n> = Specification extends {\n targetName: Name;\n}\n ? Specification\n : never;\n"]}
1	+ {"version":3,"file":"Permission.cjs","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":";;;AAGA,mCAAgC;AAkJhC;;;;;;;;GAQG;AACH,SAAgB,mBAAmB,CAEjC,OAA4C;IAC5C,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,IAAA,eAAM,GAAE;QACZ,gBAAgB,EAAE,MAAM;QACxB,OAAO;QACP,OAAO;QACP,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;KACP,CAAC;AACxB,CAAC;AAZD,kDAYC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CACxB,UAAgC,EAChC,UAAkB;IAElB,OAAO,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;AAC1E,CAAC;AALD,gCAKC;AAgKD;;GAEG;AACH,IAAY,cAYX;AAZD,WAAY,cAAc;IACxB;;;OAGG;IACH,uDAAqC,CAAA;IAErC;;;OAGG;IACH,yCAAuB,CAAA;AACzB,CAAC,EAZW,cAAc,8BAAd,cAAc,QAYzB;AA2MD;;;;;;;;GAQG;AACH,SAAgB,oBAAoB,CAIlC,aAA4B,EAC5B,YAAkB;IAIlB,OAAO,aAAa,CAAC,cAAc,KAAK,YAAY,CAAC;AACvD,CAAC;AAVD,oDAUC","sourcesContent":["import type { NonEmptyArray } from '@metamask/controller-utils';\nimport type { ActionConstraint, EventConstraint } from '@metamask/messenger';\nimport type { Json } from '@metamask/utils';\nimport { nanoid } from 'nanoid';\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { CaveatConstraint, Caveat } from './Caveat';\nimport type {\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n PermissionController,\n PermissionsRequest,\n SideEffectMessenger,\n} from './PermissionController';\nimport type { SubjectType } from './SubjectMetadataController';\n\n/*\n The origin of a subject.\n * Effectively the GUID of an entity that can have permissions.\n /\nexport type OriginString = string;\n\n/\n The name of a permission target.\n /\ntype TargetName = string;\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n /\nexport type PermissionConstraint = {\n /\n The context(s) in which this capability is meaningful.\n \n It is required by the standard, but we make it optional since there is only\n * one context in our usage (i.e. the user's MetaMask instance).\n /\n readonly '@context'?: NonEmptyArray<string>;\n\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: null \| NonEmptyArray<CaveatConstraint>;\n\n /\n The creation date of the permission, in UNIX epoch time.\n /\n readonly date: number;\n\n /\n The GUID of the permission object.\n /\n readonly id: string;\n\n /\n The origin string of the subject that has the permission.\n /\n readonly invoker: OriginString;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: string;\n};\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n \n @template Name - The name of the permission that the target corresponds to.\n * @template AllowedCaveat - A union of the allowed {@link Caveat} types\n * for the permission.\n /\nexport type ValidPermission<\n Name extends TargetName,\n AllowedCaveat extends CaveatConstraint,\n> = PermissionConstraint & {\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: AllowedCaveat extends never\n ? null\n : NonEmptyArray<AllowedCaveat> \| null;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: Name;\n};\n\n/\n Internal utility for extracting the members types of an array. The type\n * evalutes to `never` if the specified type is the empty tuple or neither\n * an array nor a tuple.\n \n @template ArrayType - The array type whose members to extract.\n /\ntype ExtractArrayMembers<ArrayType> = ArrayType extends []\n ? never\n : ArrayType extends unknown[] \| readonly unknown[]\n ? ArrayType[number]\n : never;\n\n/\n A utility type for extracting the allowed caveat types for a particular\n * permission from a permission specification type.\n \n @template PermissionSpecification - The permission specification type to\n * extract valid caveat types from.\n /\nexport type ExtractAllowedCaveatTypes<\n PermissionSpecification extends PermissionSpecificationConstraint,\n> = ExtractArrayMembers<PermissionSpecification['allowedCaveats']>;\n\n/\n The options object of {@link constructPermission}.\n \n @template TargetPermission - The {@link Permission} that will be constructed.\n /\nexport type PermissionOptions<TargetPermission extends PermissionConstraint> = {\n target: TargetPermission['parentCapability'];\n /\n The origin string of the subject that has the permission.\n /\n invoker: OriginString;\n\n /\n The caveats of the permission.\n * See {@link Caveat}.\n /\n caveats?: NonEmptyArray<CaveatConstraint>;\n};\n\n/\n The default permission factory function. Naively constructs a permission from\n * the inputs. Sets a default, random `id` if none is provided.\n \n @see {@link Permission} For more details.\n * @template TargetPermission- - The {@link Permission} that will be constructed.\n * @param options - The options for the permission.\n * @returns The new permission object.\n /\nexport function constructPermission<\n TargetPermission extends PermissionConstraint,\n>(options: PermissionOptions<TargetPermission>): TargetPermission {\n const { caveats = null, invoker, target } = options;\n\n return {\n id: nanoid(),\n parentCapability: target,\n invoker,\n caveats,\n date: new Date().getTime(),\n } as TargetPermission;\n}\n\n/\n Gets the caveat of the specified type belonging to the specified permission.\n \n @param permission - The permission whose caveat to retrieve.\n * @param caveatType - The type of the caveat to retrieve.\n * @returns The caveat, or undefined if no such caveat exists.\n /\nexport function findCaveat(\n permission: PermissionConstraint,\n caveatType: string,\n): CaveatConstraint \| undefined {\n return permission.caveats?.find((caveat) => caveat.type === caveatType);\n}\n\n/\n A requested permission object. Just an object with any of the properties\n * of a {@link PermissionConstraint} object.\n /\ntype RequestedPermission = Partial<PermissionConstraint>;\n\n/\n A record of target names and their {@link RequestedPermission} objects.\n /\nexport type RequestedPermissions = Record<TargetName, RequestedPermission>;\n\n/\n The restricted method context object. Essentially a way to pass internal\n * arguments to restricted methods and caveat functions, most importantly the\n * requesting origin.\n /\ntype RestrictedMethodContext = Readonly<{\n origin: OriginString;\n [key: string]: unknown;\n}>;\n\nexport type RestrictedMethodParameters = Json[] \| Record<string, Json>;\n\n/\n The arguments passed to a restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n /\nexport type RestrictedMethodOptions<\n Params extends RestrictedMethodParameters \| null,\n> = {\n method: TargetName;\n params?: Params;\n context: RestrictedMethodContext;\n};\n\n/\n A synchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type SyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Result;\n\n/\n An asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type AsyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Promise<Result>;\n\n/\n A synchronous or asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type RestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> =\n \| SyncRestrictedMethod<Params, Result>\n \| AsyncRestrictedMethod<Params, Result>;\n\nexport type ValidRestrictedMethod<\n MethodImplementation extends RestrictedMethod<\n RestrictedMethodParameters,\n Json\n >,\n> = MethodImplementation extends (args: infer Options) => Json \| Promise<Json>\n ? Options extends RestrictedMethodOptions<RestrictedMethodParameters>\n ? MethodImplementation\n : never\n : never;\n\n/\n {@link EndowmentGetter} parameter object.\n /\nexport type EndowmentGetterParams = {\n /\n The origin of the requesting subject.\n /\n origin: string;\n\n /\n Any additional data associated with the request.\n /\n requestData?: unknown;\n\n [key: string]: unknown;\n};\n\n/\n A synchronous or asynchronous function that gets the endowments for a\n * particular endowment permission. The getter receives the origin of the\n * requesting subject and, optionally, additional request metadata.\n /\nexport type EndowmentGetter<Endowments extends Json> = (\n options: EndowmentGetterParams,\n) => Endowments \| Promise<Endowments>;\n\nexport type PermissionFactory<\n TargetPermission extends PermissionConstraint,\n RequestData extends Record<string, unknown>,\n> = (\n options: PermissionOptions<TargetPermission>,\n requestData?: RequestData,\n) => TargetPermission;\n\nexport type PermissionValidatorConstraint = (\n permission: PermissionConstraint,\n origin?: OriginString,\n target?: string,\n) => void;\n\n/\n The parameters passed to the side-effect function.\n /\nexport type SideEffectParams<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n requestData: PermissionsRequest;\n messenger: SideEffectMessenger<Actions, Events>;\n};\n\n/\n A function that will execute actions as a permission side-effect.\n /\nexport type SideEffectHandler<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = (params: SideEffectParams<Actions, Events>) => Promise<unknown>;\n\n/\n The permissions side effects.\n /\nexport type PermissionSideEffect<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n /\n A method triggered when the permission is accepted by the user\n /\n onPermitted: SideEffectHandler<Actions, Events>;\n /\n A method triggered if a `onPermitted` method rejected.\n /\n onFailure?: SideEffectHandler<Actions, Events>;\n};\n\n/\n The different possible types of permissions.\n /\nexport enum PermissionType {\n /\n A restricted JSON-RPC method. A subject must have the requisite permission\n * to call a restricted JSON-RPC method.\n /\n RestrictedMethod = 'RestrictedMethod',\n\n /\n An \"endowment\" granted to subjects that possess the requisite permission,\n * such as a global environment variable exposing a restricted API, etc.\n /\n Endowment = 'Endowment',\n}\n\n/\n The base constraint for permission specification objects. Every\n * {@link Permission} supported by a {@link PermissionController} must have an\n * associated specification, which is the source of truth for all permission-\n * related types. A permission specification includes the list of permitted\n * caveats, and any factory and validation functions specified by the consumer.\n * A concrete permission specification may specify further fields as necessary.\n \n See the README for more details.\n /\ntype PermissionSpecificationBase<Type extends PermissionType> = {\n /\n The type of the specified permission.\n /\n permissionType: Type;\n\n /\n The name of the target resource of the permission.\n /\n targetName: string;\n\n /\n An array of the caveat types that may be added to instances of this\n * permission.\n /\n allowedCaveats: Readonly<NonEmptyArray<string>> \| null;\n\n /\n The factory function used to get permission objects. Permissions returned\n * by this function are presumed to valid, and they will not be passed to the\n * validator function associated with this specification (if any). In other\n * words, the factory function should validate the permissions it creates.\n \n If no factory is specified, the {@link Permission} constructor will be\n * used, and the validator function (if specified) will be called on newly\n * constructed permissions.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n factory?: PermissionFactory<any, Record<string, unknown>>;\n\n /\n The validator function used to validate permissions of the associated type\n * whenever they are granted or their caveat arrays are mutated.\n \n Permission validators are not invoked when a caveat is mutated, provided\n * the caveat array has not changed. For this reason, permission validators\n * must not be used to validate caveats. To validate caveats, use the\n * corresponding caveat specification property.\n \n The validator should throw an appropriate JSON-RPC error if validation fails.\n /\n validator?: PermissionValidatorConstraint;\n\n /\n The side-effect triggered by the {@link PermissionController} once the user approved it.\n * The side-effect can only be an action allowed to be called inside the {@link PermissionController}.\n \n If the side-effect action fails, the permission that triggered it is revoked.\n /\n sideEffect?: PermissionSideEffect<ActionConstraint, EventConstraint>;\n\n /\n The Permission may be available to only a subset of the subject types. If so, specify the subject types as an array.\n * If a subject with a type not in this array tries to request the permission, the call will fail.\n \n Leaving this as undefined uses default behaviour where the permission is available to request for all subject types.\n /\n subjectTypes?: readonly SubjectType[];\n};\n\n/\n The constraint for restricted method permission specification objects.\n * Permissions that correspond to JSON-RPC methods are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type RestrictedMethodSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.RestrictedMethod> & {\n /\n The implementation of the restricted method that the permission\n * corresponds to.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n methodImplementation: RestrictedMethod<any, Json>;\n };\n\n/\n The constraint for endowment permission specification objects. Permissions\n * that endow callers with some restricted resource are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type EndowmentSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.Endowment> & {\n /\n The {@link EndowmentGetter} function for the permission. This function\n * will be called by the {@link PermissionController} whenever the\n * permission is invoked, after which the host can apply the endowments to\n * the requesting subject in the intended manner.\n /\n endowmentGetter: EndowmentGetter<Json>;\n };\n\n/\n The constraint for permission specification objects. Every {@link Permission}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all permission-related types.\n * All specifications must adhere to the {@link PermissionSpecificationBase}\n * interface, but specifications may have different fields depending on the\n * {@link PermissionType}.\n \n See the README for more details.\n /\nexport type PermissionSpecificationConstraint =\n \| EndowmentSpecificationConstraint\n \| RestrictedMethodSpecificationConstraint;\n\n/\n Options for {@link PermissionSpecificationBuilder} functions.\n /\ntype PermissionSpecificationBuilderOptions<\n FactoryHooks extends Record<string, unknown>,\n MethodHooks extends Record<string, unknown>,\n ValidatorHooks extends Record<string, unknown>,\n> = {\n targetName?: string;\n allowedCaveats?: Readonly<NonEmptyArray<string>> \| null;\n factoryHooks?: FactoryHooks;\n methodHooks?: MethodHooks;\n validatorHooks?: ValidatorHooks;\n};\n\n/\n A function that builds a permission specification. Modules that specify\n * permissions for external consumption should make this their primary /\n * default export so that host applications can use them to generate concrete\n * specifications tailored to their requirements.\n /\nexport type PermissionSpecificationBuilder<\n Type extends PermissionType,\n Options extends PermissionSpecificationBuilderOptions<\n Record<string, unknown>,\n Record<string, unknown>,\n Record<string, unknown>\n >,\n Specification extends PermissionSpecificationConstraint & {\n permissionType: Type;\n },\n> = (options: Options) => Specification;\n\n/\n A restricted method permission export object, containing the\n * {@link PermissionSpecificationBuilder} function and \"hook name\" objects.\n /\nexport type PermissionSpecificationBuilderExportConstraint = {\n targetName: string;\n specificationBuilder: PermissionSpecificationBuilder<\n PermissionType,\n PermissionSpecificationBuilderOptions<\n Record<string, unknown>,\n Record<string, unknown>,\n Record<string, unknown>\n >,\n PermissionSpecificationConstraint\n >;\n factoryHookNames?: Record<string, true>;\n methodHookNames?: Record<string, true>;\n validatorHookNames?: Record<string, true>;\n};\n\ntype ValidRestrictedMethodSpecification<\n Specification extends RestrictedMethodSpecificationConstraint,\n> =\n Specification['methodImplementation'] extends ValidRestrictedMethod<\n Specification['methodImplementation']\n >\n ? Specification\n : never;\n\n/\n Constraint for {@link PermissionSpecificationConstraint} objects that\n * evaluates to `never` if the specification contains any invalid fields.\n \n @template Specification - The permission specification to validate.\n /\nexport type ValidPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n> = Specification['targetName'] extends TargetName\n ? Specification['permissionType'] extends PermissionType.Endowment\n ? Specification\n : Specification['permissionType'] extends PermissionType.RestrictedMethod\n ? ValidRestrictedMethodSpecification<\n Extract<Specification, RestrictedMethodSpecificationConstraint>\n >\n : never\n : never;\n\n/\n Checks that the specification has the expected permission type.\n \n @param specification - The specification to check.\n * @param expectedType - The expected permission type.\n * @template Specification - The specification to check.\n * @template Type - The expected permission type.\n * @returns Whether or not the specification is of the expected type.\n /\nexport function hasSpecificationType<\n Specification extends PermissionSpecificationConstraint,\n Type extends PermissionType,\n>(\n specification: Specification,\n expectedType: Type,\n): specification is Specification & {\n permissionType: Type;\n} {\n return specification.permissionType === expectedType;\n}\n\n/\n The specifications for all permissions supported by a particular\n * {@link PermissionController}.\n \n @template Specifications - The union of all {@link PermissionSpecificationConstraint} types.\n /\nexport type PermissionSpecificationMap<\n Specification extends PermissionSpecificationConstraint,\n> = {\n [Name in Specification['targetName']]: Specification extends {\n targetName: Name;\n }\n ? Specification\n : never;\n};\n\n/\n Extracts a specific {@link PermissionSpecificationConstraint} from a union of\n * permission specifications.\n \n @template Specification - The specification union type to extract from.\n * @template Name - The `targetName` of the specification to extract.\n */\nexport type ExtractPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n Name extends Specification['targetName'],\n> = Specification extends {\n targetName: Name;\n}\n ? Specification\n : never;\n"]}

package/dist/Permission.d.cts CHANGED Viewed

@@ -349,17 +349,12 @@ export type PermissionSpecificationConstraint = EndowmentSpecificationConstraint
 /**
  * Options for {@link PermissionSpecificationBuilder} functions.
  */
-type PermissionSpecificationBuilderOptions<MethodHooks extends Record<string, unknown>, SpecMessenger = unknown> = {
+type PermissionSpecificationBuilderOptions<FactoryHooks extends Record<string, unknown>, MethodHooks extends Record<string, unknown>, ValidatorHooks extends Record<string, unknown>> = {
     targetName?: string;
     allowedCaveats?: Readonly<NonEmptyArray<string>> | null;
+    factoryHooks?: FactoryHooks;
     methodHooks?: MethodHooks;
-    /**
-     * A messenger scoped to this permission specification. The messenger is
-     * expected to have exactly the actions declared by the spec's `actionNames`
-     * delegated to it; {@link createRestrictedMethodMessenger} is the canonical
-     * way to construct it.
-     */
-    messenger?: SpecMessenger;
+    validatorHooks?: ValidatorHooks;
 };
 /**
  * A function that builds a permission specification. Modules that specify
@@ -367,9 +362,20 @@ type PermissionSpecificationBuilderOptions<MethodHooks extends Record<string, un
  * default export so that host applications can use them to generate concrete
  * specifications tailored to their requirements.
  */
-export type PermissionSpecificationBuilder<Type extends PermissionType, Options extends PermissionSpecificationBuilderOptions<Record<string, unknown>>, Specification extends PermissionSpecificationConstraint & {
+export type PermissionSpecificationBuilder<Type extends PermissionType, Options extends PermissionSpecificationBuilderOptions<Record<string, unknown>, Record<string, unknown>, Record<string, unknown>>, Specification extends PermissionSpecificationConstraint & {
     permissionType: Type;
 }> = (options: Options) => Specification;
+/**
+ * A restricted method permission export object, containing the
+ * {@link PermissionSpecificationBuilder} function and "hook name" objects.
+ */
+export type PermissionSpecificationBuilderExportConstraint = {
+    targetName: string;
+    specificationBuilder: PermissionSpecificationBuilder<PermissionType, PermissionSpecificationBuilderOptions<Record<string, unknown>, Record<string, unknown>, Record<string, unknown>>, PermissionSpecificationConstraint>;
+    factoryHookNames?: Record<string, true>;
+    methodHookNames?: Record<string, true>;
+    validatorHookNames?: Record<string, true>;
+};
 type ValidRestrictedMethodSpecification<Specification extends RestrictedMethodSpecificationConstraint> = Specification['methodImplementation'] extends ValidRestrictedMethod<Specification['methodImplementation']> ? Specification : never;
 /**
  * Constraint for {@link PermissionSpecificationConstraint} objects that

package/dist/Permission.d.cts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Permission.d.cts","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mCAAmC;AAChE,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,4BAA4B;AAC7E,OAAO,KAAK,EAAE,IAAI,EAAE,wBAAwB;AAI5C,OAAO,KAAK,EAAE,gBAAgB,EAAU,qBAAiB;AACzD,OAAO,KAAK,EAGV,kBAAkB,EAClB,mBAAmB,EACpB,mCAA+B;AAChC,OAAO,KAAK,EAAE,WAAW,EAAE,wCAAoC;AAE/D;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAElC;;GAEG;AACH,KAAK,UAAU,GAAG,MAAM,CAAC;AAEzB;;;;;;;;GAQG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAE5C;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,IAAI,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAEzD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IAE/B;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,eAAe,CACzB,IAAI,SAAS,UAAU,EACvB,aAAa,SAAS,gBAAgB,IACpC,oBAAoB,GAAG;IACzB;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,aAAa,SAAS,KAAK,GACzC,IAAI,GACJ,aAAa,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IAExC;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;CACjC,CAAC;AAEF;;;;;;GAMG;AACH,KAAK,mBAAmB,CAAC,SAAS,IAAI,SAAS,SAAS,EAAE,GACtD,KAAK,GACL,SAAS,SAAS,OAAO,EAAE,GAAG,SAAS,OAAO,EAAE,GAC9C,SAAS,CAAC,MAAM,CAAC,GACjB,KAAK,CAAC;AAEZ;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,CACnC,uBAAuB,SAAS,iCAAiC,IAC/D,mBAAmB,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAEnE;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,CAAC,gBAAgB,SAAS,oBAAoB,IAAI;IAC7E,MAAM,EAAE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;IAC7C;;OAEG;IACH,OAAO,EAAE,YAAY,CAAC;IAEtB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;CAC3C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,gBAAgB,SAAS,oBAAoB,EAC7C,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAUhE;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CACxB,UAAU,EAAE,oBAAoB,EAChC,UAAU,EAAE,MAAM,GACjB,gBAAgB,GAAG,SAAS,CAE9B;AAED;;;GAGG;AACH,KAAK,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;AAE3E;;;;GAIG;AACH,KAAK,uBAAuB,GAAG,QAAQ,CAAC;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC,CAAC;AAEH,MAAM,MAAM,0BAA0B,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAEvE;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,CACjC,MAAM,SAAS,0BAA0B,GAAG,IAAI,IAC9C;IACF,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,uBAAuB,CAAC;CAClC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAC9B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,CAC/B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE/D;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IAEjB,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,GACpC,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE1C,MAAM,MAAM,qBAAqB,CAC/B,oBAAoB,SAAS,gBAAgB,CAC3C,0BAA0B,EAC1B,IAAI,CACL,IACC,oBAAoB,SAAS,CAAC,IAAI,EAAE,MAAM,OAAO,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,GAC1E,OAAO,SAAS,uBAAuB,CAAC,0BAA0B,CAAC,GACjE,oBAAoB,GACpB,KAAK,GACP,KAAK,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,eAAe,CAAC,UAAU,SAAS,IAAI,IAAI,CACrD,OAAO,EAAE,qBAAqB,KAC3B,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,MAAM,iBAAiB,CAC3B,gBAAgB,SAAS,oBAAoB,EAC7C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACzC,CACF,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,EAC5C,WAAW,CAAC,EAAE,WAAW,KACtB,gBAAgB,CAAC;AAEtB,MAAM,MAAM,6BAA6B,GAAG,CAC1C,UAAU,EAAE,oBAAoB,EAChC,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,gBAAgB,CAC1B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF,WAAW,EAAE,kBAAkB,CAAC;IAChC,SAAS,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CACjD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAC3B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpE;;GAEG;AACH,MAAM,MAAM,oBAAoB,CAC9B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF;;OAEG;IACH,WAAW,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,CAAC,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CAChD,CAAC;AAEF;;GAEG;AACH,oBAAY,cAAc;IACxB;;;OAGG;IACH,gBAAgB,qBAAqB;IAErC;;;OAGG;IACH,SAAS,cAAc;CACxB;AAED;;;;;;;;;GASG;AACH,KAAK,2BAA2B,CAAC,IAAI,SAAS,cAAc,IAAI;IAC9D;;OAEG;IACH,cAAc,EAAE,IAAI,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,cAAc,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IAEvD;;;;;;;;;OASG;IAGH,OAAO,CAAC,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1D;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,6BAA6B,CAAC;IAE1C;;;;;OAKG;IACH,UAAU,CAAC,EAAE,oBAAoB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;IAErE;;;;;OAKG;IACH,YAAY,CAAC,EAAE,SAAS,WAAW,EAAE,CAAC;CACvC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,uCAAuC,GACjD,2BAA2B,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;IAC7D;;;OAGG;IAGH,oBAAoB,EAAE,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;CACnD,CAAC;AAEJ;;;;;;GAMG;AACH,MAAM,MAAM,gCAAgC,GAC1C,2BAA2B,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;IACtD;;;;;OAKG;IACH,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,MAAM,iCAAiC,GACzC,gCAAgC,GAChC,uCAAuC,CAAC;AAE5C;;GAEG;AACH,KAAK,qCAAqC,CACxC,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC3C,~~aAAa~~,~~GAAG~~,OAAO,~~IACrB~~;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IACxD,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B~~;;;;;OAKG;IACH~~,~~SAAS~~,CAAC,EAAE,~~aAAa~~,CAAC;~~CAC3B~~,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,8BAA8B,CACxC,IAAI,SAAS,cAAc,EAC3B,OAAO,SAAS,qCAAqC,CACnD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,aAAa,SAAS,iCAAiC,GAAG;IACxD,cAAc,EAAE,IAAI,CAAC;CACtB,IACC,CAAC,OAAO,EAAE,OAAO,KAAK,aAAa,CAAC;AAExC,KAAK,kCAAkC,CACrC,aAAa,SAAS,uCAAuC,IAE7D,aAAa,CAAC,sBAAsB,CAAC,SAAS,qBAAqB,CACjE,aAAa,CAAC,sBAAsB,CAAC,CACtC,GACG,aAAa,GACb,KAAK,CAAC;AAEZ;;;;;GAKG;AACH,MAAM,MAAM,4BAA4B,CACtC,aAAa,SAAS,iCAAiC,IACrD,aAAa,CAAC,YAAY,CAAC,SAAS,UAAU,GAC9C,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,SAAS,GAC9D,aAAa,GACb,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,gBAAgB,GACrE,kCAAkC,CAChC,OAAO,CAAC,aAAa,EAAE,uCAAuC,CAAC,CAChE,GACD,KAAK,GACT,KAAK,CAAC;AAEV;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,cAAc,EAE3B,aAAa,EAAE,aAAa,EAC5B,YAAY,EAAE,IAAI,GACjB,aAAa,IAAI,aAAa,GAAG;IAClC,cAAc,EAAE,IAAI,CAAC;CACtB,CAEA;AAED;;;;;GAKG;AACH,MAAM,MAAM,0BAA0B,CACpC,aAAa,SAAS,iCAAiC,IACrD;KACD,IAAI,IAAI,aAAa,CAAC,YAAY,CAAC,GAAG,aAAa,SAAS;QAC3D,UAAU,EAAE,IAAI,CAAC;KAClB,GACG,aAAa,GACb,KAAK;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8BAA8B,CACxC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,aAAa,CAAC,YAAY,CAAC,IACtC,aAAa,SAAS;IACxB,UAAU,EAAE,IAAI,CAAC;CAClB,GACG,aAAa,GACb,KAAK,CAAC"}
1	+ {"version":3,"file":"Permission.d.cts","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mCAAmC;AAChE,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,4BAA4B;AAC7E,OAAO,KAAK,EAAE,IAAI,EAAE,wBAAwB;AAI5C,OAAO,KAAK,EAAE,gBAAgB,EAAU,qBAAiB;AACzD,OAAO,KAAK,EAGV,kBAAkB,EAClB,mBAAmB,EACpB,mCAA+B;AAChC,OAAO,KAAK,EAAE,WAAW,EAAE,wCAAoC;AAE/D;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAElC;;GAEG;AACH,KAAK,UAAU,GAAG,MAAM,CAAC;AAEzB;;;;;;;;GAQG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAE5C;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,IAAI,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAEzD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IAE/B;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,eAAe,CACzB,IAAI,SAAS,UAAU,EACvB,aAAa,SAAS,gBAAgB,IACpC,oBAAoB,GAAG;IACzB;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,aAAa,SAAS,KAAK,GACzC,IAAI,GACJ,aAAa,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IAExC;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;CACjC,CAAC;AAEF;;;;;;GAMG;AACH,KAAK,mBAAmB,CAAC,SAAS,IAAI,SAAS,SAAS,EAAE,GACtD,KAAK,GACL,SAAS,SAAS,OAAO,EAAE,GAAG,SAAS,OAAO,EAAE,GAC9C,SAAS,CAAC,MAAM,CAAC,GACjB,KAAK,CAAC;AAEZ;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,CACnC,uBAAuB,SAAS,iCAAiC,IAC/D,mBAAmB,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAEnE;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,CAAC,gBAAgB,SAAS,oBAAoB,IAAI;IAC7E,MAAM,EAAE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;IAC7C;;OAEG;IACH,OAAO,EAAE,YAAY,CAAC;IAEtB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;CAC3C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,gBAAgB,SAAS,oBAAoB,EAC7C,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAUhE;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CACxB,UAAU,EAAE,oBAAoB,EAChC,UAAU,EAAE,MAAM,GACjB,gBAAgB,GAAG,SAAS,CAE9B;AAED;;;GAGG;AACH,KAAK,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;AAE3E;;;;GAIG;AACH,KAAK,uBAAuB,GAAG,QAAQ,CAAC;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC,CAAC;AAEH,MAAM,MAAM,0BAA0B,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAEvE;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,CACjC,MAAM,SAAS,0BAA0B,GAAG,IAAI,IAC9C;IACF,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,uBAAuB,CAAC;CAClC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAC9B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,CAC/B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE/D;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IAEjB,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,GACpC,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE1C,MAAM,MAAM,qBAAqB,CAC/B,oBAAoB,SAAS,gBAAgB,CAC3C,0BAA0B,EAC1B,IAAI,CACL,IACC,oBAAoB,SAAS,CAAC,IAAI,EAAE,MAAM,OAAO,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,GAC1E,OAAO,SAAS,uBAAuB,CAAC,0BAA0B,CAAC,GACjE,oBAAoB,GACpB,KAAK,GACP,KAAK,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,eAAe,CAAC,UAAU,SAAS,IAAI,IAAI,CACrD,OAAO,EAAE,qBAAqB,KAC3B,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,MAAM,iBAAiB,CAC3B,gBAAgB,SAAS,oBAAoB,EAC7C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACzC,CACF,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,EAC5C,WAAW,CAAC,EAAE,WAAW,KACtB,gBAAgB,CAAC;AAEtB,MAAM,MAAM,6BAA6B,GAAG,CAC1C,UAAU,EAAE,oBAAoB,EAChC,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,gBAAgB,CAC1B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF,WAAW,EAAE,kBAAkB,CAAC;IAChC,SAAS,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CACjD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAC3B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpE;;GAEG;AACH,MAAM,MAAM,oBAAoB,CAC9B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF;;OAEG;IACH,WAAW,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,CAAC,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CAChD,CAAC;AAEF;;GAEG;AACH,oBAAY,cAAc;IACxB;;;OAGG;IACH,gBAAgB,qBAAqB;IAErC;;;OAGG;IACH,SAAS,cAAc;CACxB;AAED;;;;;;;;;GASG;AACH,KAAK,2BAA2B,CAAC,IAAI,SAAS,cAAc,IAAI;IAC9D;;OAEG;IACH,cAAc,EAAE,IAAI,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,cAAc,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IAEvD;;;;;;;;;OASG;IAGH,OAAO,CAAC,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1D;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,6BAA6B,CAAC;IAE1C;;;;;OAKG;IACH,UAAU,CAAC,EAAE,oBAAoB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;IAErE;;;;;OAKG;IACH,YAAY,CAAC,EAAE,SAAS,WAAW,EAAE,CAAC;CACvC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,uCAAuC,GACjD,2BAA2B,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;IAC7D;;;OAGG;IAGH,oBAAoB,EAAE,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;CACnD,CAAC;AAEJ;;;;;;GAMG;AACH,MAAM,MAAM,gCAAgC,GAC1C,2BAA2B,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;IACtD;;;;;OAKG;IACH,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,MAAM,iCAAiC,GACzC,gCAAgC,GAChC,uCAAuC,CAAC;AAE5C;;GAEG;AACH,KAAK,qCAAqC,CACxC,YAAY,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC3C,cAAc,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAC5C;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IACxD,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,8BAA8B,CACxC,IAAI,SAAS,cAAc,EAC3B,OAAO,SAAS,qCAAqC,CACnD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,aAAa,SAAS,iCAAiC,GAAG;IACxD,cAAc,EAAE,IAAI,CAAC;CACtB,IACC,CAAC,OAAO,EAAE,OAAO,KAAK,aAAa,CAAC;AAExC;;;GAGG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,UAAU,EAAE,MAAM,CAAC;IACnB,oBAAoB,EAAE,8BAA8B,CAClD,cAAc,EACd,qCAAqC,CACnC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,iCAAiC,CAClC,CAAC;IACF,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACvC,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC3C,CAAC;AAEF,KAAK,kCAAkC,CACrC,aAAa,SAAS,uCAAuC,IAE7D,aAAa,CAAC,sBAAsB,CAAC,SAAS,qBAAqB,CACjE,aAAa,CAAC,sBAAsB,CAAC,CACtC,GACG,aAAa,GACb,KAAK,CAAC;AAEZ;;;;;GAKG;AACH,MAAM,MAAM,4BAA4B,CACtC,aAAa,SAAS,iCAAiC,IACrD,aAAa,CAAC,YAAY,CAAC,SAAS,UAAU,GAC9C,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,SAAS,GAC9D,aAAa,GACb,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,gBAAgB,GACrE,kCAAkC,CAChC,OAAO,CAAC,aAAa,EAAE,uCAAuC,CAAC,CAChE,GACD,KAAK,GACT,KAAK,CAAC;AAEV;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,cAAc,EAE3B,aAAa,EAAE,aAAa,EAC5B,YAAY,EAAE,IAAI,GACjB,aAAa,IAAI,aAAa,GAAG;IAClC,cAAc,EAAE,IAAI,CAAC;CACtB,CAEA;AAED;;;;;GAKG;AACH,MAAM,MAAM,0BAA0B,CACpC,aAAa,SAAS,iCAAiC,IACrD;KACD,IAAI,IAAI,aAAa,CAAC,YAAY,CAAC,GAAG,aAAa,SAAS;QAC3D,UAAU,EAAE,IAAI,CAAC;KAClB,GACG,aAAa,GACb,KAAK;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8BAA8B,CACxC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,aAAa,CAAC,YAAY,CAAC,IACtC,aAAa,SAAS;IACxB,UAAU,EAAE,IAAI,CAAC;CAClB,GACG,aAAa,GACb,KAAK,CAAC"}

package/dist/Permission.d.mts CHANGED Viewed

@@ -349,17 +349,12 @@ export type PermissionSpecificationConstraint = EndowmentSpecificationConstraint
 /**
  * Options for {@link PermissionSpecificationBuilder} functions.
  */
-type PermissionSpecificationBuilderOptions<MethodHooks extends Record<string, unknown>, SpecMessenger = unknown> = {
+type PermissionSpecificationBuilderOptions<FactoryHooks extends Record<string, unknown>, MethodHooks extends Record<string, unknown>, ValidatorHooks extends Record<string, unknown>> = {
     targetName?: string;
     allowedCaveats?: Readonly<NonEmptyArray<string>> | null;
+    factoryHooks?: FactoryHooks;
     methodHooks?: MethodHooks;
-    /**
-     * A messenger scoped to this permission specification. The messenger is
-     * expected to have exactly the actions declared by the spec's `actionNames`
-     * delegated to it; {@link createRestrictedMethodMessenger} is the canonical
-     * way to construct it.
-     */
-    messenger?: SpecMessenger;
+    validatorHooks?: ValidatorHooks;
 };
 /**
  * A function that builds a permission specification. Modules that specify
@@ -367,9 +362,20 @@ type PermissionSpecificationBuilderOptions<MethodHooks extends Record<string, un
  * default export so that host applications can use them to generate concrete
  * specifications tailored to their requirements.
  */
-export type PermissionSpecificationBuilder<Type extends PermissionType, Options extends PermissionSpecificationBuilderOptions<Record<string, unknown>>, Specification extends PermissionSpecificationConstraint & {
+export type PermissionSpecificationBuilder<Type extends PermissionType, Options extends PermissionSpecificationBuilderOptions<Record<string, unknown>, Record<string, unknown>, Record<string, unknown>>, Specification extends PermissionSpecificationConstraint & {
     permissionType: Type;
 }> = (options: Options) => Specification;
+/**
+ * A restricted method permission export object, containing the
+ * {@link PermissionSpecificationBuilder} function and "hook name" objects.
+ */
+export type PermissionSpecificationBuilderExportConstraint = {
+    targetName: string;
+    specificationBuilder: PermissionSpecificationBuilder<PermissionType, PermissionSpecificationBuilderOptions<Record<string, unknown>, Record<string, unknown>, Record<string, unknown>>, PermissionSpecificationConstraint>;
+    factoryHookNames?: Record<string, true>;
+    methodHookNames?: Record<string, true>;
+    validatorHookNames?: Record<string, true>;
+};
 type ValidRestrictedMethodSpecification<Specification extends RestrictedMethodSpecificationConstraint> = Specification['methodImplementation'] extends ValidRestrictedMethod<Specification['methodImplementation']> ? Specification : never;
 /**
  * Constraint for {@link PermissionSpecificationConstraint} objects that

package/dist/Permission.d.mts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Permission.d.mts","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mCAAmC;AAChE,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,4BAA4B;AAC7E,OAAO,KAAK,EAAE,IAAI,EAAE,wBAAwB;AAI5C,OAAO,KAAK,EAAE,gBAAgB,EAAU,qBAAiB;AACzD,OAAO,KAAK,EAGV,kBAAkB,EAClB,mBAAmB,EACpB,mCAA+B;AAChC,OAAO,KAAK,EAAE,WAAW,EAAE,wCAAoC;AAE/D;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAElC;;GAEG;AACH,KAAK,UAAU,GAAG,MAAM,CAAC;AAEzB;;;;;;;;GAQG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAE5C;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,IAAI,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAEzD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IAE/B;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,eAAe,CACzB,IAAI,SAAS,UAAU,EACvB,aAAa,SAAS,gBAAgB,IACpC,oBAAoB,GAAG;IACzB;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,aAAa,SAAS,KAAK,GACzC,IAAI,GACJ,aAAa,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IAExC;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;CACjC,CAAC;AAEF;;;;;;GAMG;AACH,KAAK,mBAAmB,CAAC,SAAS,IAAI,SAAS,SAAS,EAAE,GACtD,KAAK,GACL,SAAS,SAAS,OAAO,EAAE,GAAG,SAAS,OAAO,EAAE,GAC9C,SAAS,CAAC,MAAM,CAAC,GACjB,KAAK,CAAC;AAEZ;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,CACnC,uBAAuB,SAAS,iCAAiC,IAC/D,mBAAmB,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAEnE;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,CAAC,gBAAgB,SAAS,oBAAoB,IAAI;IAC7E,MAAM,EAAE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;IAC7C;;OAEG;IACH,OAAO,EAAE,YAAY,CAAC;IAEtB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;CAC3C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,gBAAgB,SAAS,oBAAoB,EAC7C,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAUhE;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CACxB,UAAU,EAAE,oBAAoB,EAChC,UAAU,EAAE,MAAM,GACjB,gBAAgB,GAAG,SAAS,CAE9B;AAED;;;GAGG;AACH,KAAK,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;AAE3E;;;;GAIG;AACH,KAAK,uBAAuB,GAAG,QAAQ,CAAC;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC,CAAC;AAEH,MAAM,MAAM,0BAA0B,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAEvE;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,CACjC,MAAM,SAAS,0BAA0B,GAAG,IAAI,IAC9C;IACF,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,uBAAuB,CAAC;CAClC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAC9B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,CAC/B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE/D;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IAEjB,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,GACpC,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE1C,MAAM,MAAM,qBAAqB,CAC/B,oBAAoB,SAAS,gBAAgB,CAC3C,0BAA0B,EAC1B,IAAI,CACL,IACC,oBAAoB,SAAS,CAAC,IAAI,EAAE,MAAM,OAAO,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,GAC1E,OAAO,SAAS,uBAAuB,CAAC,0BAA0B,CAAC,GACjE,oBAAoB,GACpB,KAAK,GACP,KAAK,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,eAAe,CAAC,UAAU,SAAS,IAAI,IAAI,CACrD,OAAO,EAAE,qBAAqB,KAC3B,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,MAAM,iBAAiB,CAC3B,gBAAgB,SAAS,oBAAoB,EAC7C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACzC,CACF,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,EAC5C,WAAW,CAAC,EAAE,WAAW,KACtB,gBAAgB,CAAC;AAEtB,MAAM,MAAM,6BAA6B,GAAG,CAC1C,UAAU,EAAE,oBAAoB,EAChC,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,gBAAgB,CAC1B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF,WAAW,EAAE,kBAAkB,CAAC;IAChC,SAAS,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CACjD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAC3B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpE;;GAEG;AACH,MAAM,MAAM,oBAAoB,CAC9B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF;;OAEG;IACH,WAAW,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,CAAC,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CAChD,CAAC;AAEF;;GAEG;AACH,oBAAY,cAAc;IACxB;;;OAGG;IACH,gBAAgB,qBAAqB;IAErC;;;OAGG;IACH,SAAS,cAAc;CACxB;AAED;;;;;;;;;GASG;AACH,KAAK,2BAA2B,CAAC,IAAI,SAAS,cAAc,IAAI;IAC9D;;OAEG;IACH,cAAc,EAAE,IAAI,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,cAAc,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IAEvD;;;;;;;;;OASG;IAGH,OAAO,CAAC,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1D;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,6BAA6B,CAAC;IAE1C;;;;;OAKG;IACH,UAAU,CAAC,EAAE,oBAAoB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;IAErE;;;;;OAKG;IACH,YAAY,CAAC,EAAE,SAAS,WAAW,EAAE,CAAC;CACvC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,uCAAuC,GACjD,2BAA2B,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;IAC7D;;;OAGG;IAGH,oBAAoB,EAAE,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;CACnD,CAAC;AAEJ;;;;;;GAMG;AACH,MAAM,MAAM,gCAAgC,GAC1C,2BAA2B,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;IACtD;;;;;OAKG;IACH,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,MAAM,iCAAiC,GACzC,gCAAgC,GAChC,uCAAuC,CAAC;AAE5C;;GAEG;AACH,KAAK,qCAAqC,CACxC,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC3C,~~aAAa~~,~~GAAG~~,OAAO,~~IACrB~~;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IACxD,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B~~;;;;;OAKG;IACH~~,~~SAAS~~,CAAC,EAAE,~~aAAa~~,CAAC;~~CAC3B~~,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,8BAA8B,CACxC,IAAI,SAAS,cAAc,EAC3B,OAAO,SAAS,qCAAqC,CACnD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,aAAa,SAAS,iCAAiC,GAAG;IACxD,cAAc,EAAE,IAAI,CAAC;CACtB,IACC,CAAC,OAAO,EAAE,OAAO,KAAK,aAAa,CAAC;AAExC,KAAK,kCAAkC,CACrC,aAAa,SAAS,uCAAuC,IAE7D,aAAa,CAAC,sBAAsB,CAAC,SAAS,qBAAqB,CACjE,aAAa,CAAC,sBAAsB,CAAC,CACtC,GACG,aAAa,GACb,KAAK,CAAC;AAEZ;;;;;GAKG;AACH,MAAM,MAAM,4BAA4B,CACtC,aAAa,SAAS,iCAAiC,IACrD,aAAa,CAAC,YAAY,CAAC,SAAS,UAAU,GAC9C,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,SAAS,GAC9D,aAAa,GACb,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,gBAAgB,GACrE,kCAAkC,CAChC,OAAO,CAAC,aAAa,EAAE,uCAAuC,CAAC,CAChE,GACD,KAAK,GACT,KAAK,CAAC;AAEV;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,cAAc,EAE3B,aAAa,EAAE,aAAa,EAC5B,YAAY,EAAE,IAAI,GACjB,aAAa,IAAI,aAAa,GAAG;IAClC,cAAc,EAAE,IAAI,CAAC;CACtB,CAEA;AAED;;;;;GAKG;AACH,MAAM,MAAM,0BAA0B,CACpC,aAAa,SAAS,iCAAiC,IACrD;KACD,IAAI,IAAI,aAAa,CAAC,YAAY,CAAC,GAAG,aAAa,SAAS;QAC3D,UAAU,EAAE,IAAI,CAAC;KAClB,GACG,aAAa,GACb,KAAK;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8BAA8B,CACxC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,aAAa,CAAC,YAAY,CAAC,IACtC,aAAa,SAAS;IACxB,UAAU,EAAE,IAAI,CAAC;CAClB,GACG,aAAa,GACb,KAAK,CAAC"}
1	+ {"version":3,"file":"Permission.d.mts","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mCAAmC;AAChE,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,4BAA4B;AAC7E,OAAO,KAAK,EAAE,IAAI,EAAE,wBAAwB;AAI5C,OAAO,KAAK,EAAE,gBAAgB,EAAU,qBAAiB;AACzD,OAAO,KAAK,EAGV,kBAAkB,EAClB,mBAAmB,EACpB,mCAA+B;AAChC,OAAO,KAAK,EAAE,WAAW,EAAE,wCAAoC;AAE/D;;;GAGG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAElC;;GAEG;AACH,KAAK,UAAU,GAAG,MAAM,CAAC;AAEzB;;;;;;;;GAQG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAE5C;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,IAAI,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;IAEzD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IAE/B;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;CACnC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,eAAe,CACzB,IAAI,SAAS,UAAU,EACvB,aAAa,SAAS,gBAAgB,IACpC,oBAAoB,GAAG;IACzB;;;;OAIG;IACH,QAAQ,CAAC,OAAO,EAAE,aAAa,SAAS,KAAK,GACzC,IAAI,GACJ,aAAa,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC;IAExC;;;OAGG;IACH,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;CACjC,CAAC;AAEF;;;;;;GAMG;AACH,KAAK,mBAAmB,CAAC,SAAS,IAAI,SAAS,SAAS,EAAE,GACtD,KAAK,GACL,SAAS,SAAS,OAAO,EAAE,GAAG,SAAS,OAAO,EAAE,GAC9C,SAAS,CAAC,MAAM,CAAC,GACjB,KAAK,CAAC;AAEZ;;;;;;GAMG;AACH,MAAM,MAAM,yBAAyB,CACnC,uBAAuB,SAAS,iCAAiC,IAC/D,mBAAmB,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAEnE;;;;GAIG;AACH,MAAM,MAAM,iBAAiB,CAAC,gBAAgB,SAAS,oBAAoB,IAAI;IAC7E,MAAM,EAAE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;IAC7C;;OAEG;IACH,OAAO,EAAE,YAAY,CAAC;IAEtB;;;OAGG;IACH,OAAO,CAAC,EAAE,aAAa,CAAC,gBAAgB,CAAC,CAAC;CAC3C,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,gBAAgB,SAAS,oBAAoB,EAC7C,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,gBAAgB,CAUhE;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,CACxB,UAAU,EAAE,oBAAoB,EAChC,UAAU,EAAE,MAAM,GACjB,gBAAgB,GAAG,SAAS,CAE9B;AAED;;;GAGG;AACH,KAAK,mBAAmB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAEzD;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC;AAE3E;;;;GAIG;AACH,KAAK,uBAAuB,GAAG,QAAQ,CAAC;IACtC,MAAM,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC,CAAC;AAEH,MAAM,MAAM,0BAA0B,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAEvE;;;;GAIG;AACH,MAAM,MAAM,uBAAuB,CACjC,MAAM,SAAS,0BAA0B,GAAG,IAAI,IAC9C;IACF,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,uBAAuB,CAAC;CAClC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,oBAAoB,CAC9B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC;AAEtD;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,CAC/B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IACjB,CAAC,IAAI,EAAE,uBAAuB,CAAC,MAAM,CAAC,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;AAE/D;;;;;GAKG;AACH,MAAM,MAAM,gBAAgB,CAC1B,MAAM,SAAS,0BAA0B,EACzC,MAAM,SAAS,IAAI,IAEjB,oBAAoB,CAAC,MAAM,EAAE,MAAM,CAAC,GACpC,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAE1C,MAAM,MAAM,qBAAqB,CAC/B,oBAAoB,SAAS,gBAAgB,CAC3C,0BAA0B,EAC1B,IAAI,CACL,IACC,oBAAoB,SAAS,CAAC,IAAI,EAAE,MAAM,OAAO,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,GAC1E,OAAO,SAAS,uBAAuB,CAAC,0BAA0B,CAAC,GACjE,oBAAoB,GACpB,KAAK,GACP,KAAK,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,eAAe,CAAC,UAAU,SAAS,IAAI,IAAI,CACrD,OAAO,EAAE,qBAAqB,KAC3B,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AAEtC,MAAM,MAAM,iBAAiB,CAC3B,gBAAgB,SAAS,oBAAoB,EAC7C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IACzC,CACF,OAAO,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,EAC5C,WAAW,CAAC,EAAE,WAAW,KACtB,gBAAgB,CAAC;AAEtB,MAAM,MAAM,6BAA6B,GAAG,CAC1C,UAAU,EAAE,oBAAoB,EAChC,MAAM,CAAC,EAAE,YAAY,EACrB,MAAM,CAAC,EAAE,MAAM,KACZ,IAAI,CAAC;AAEV;;GAEG;AACH,MAAM,MAAM,gBAAgB,CAC1B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF,WAAW,EAAE,kBAAkB,CAAC;IAChC,SAAS,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CACjD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,CAC3B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpE;;GAEG;AACH,MAAM,MAAM,oBAAoB,CAC9B,OAAO,SAAS,gBAAgB,EAChC,MAAM,SAAS,eAAe,IAC5B;IACF;;OAEG;IACH,WAAW,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAChD;;OAEG;IACH,SAAS,CAAC,EAAE,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;CAChD,CAAC;AAEF;;GAEG;AACH,oBAAY,cAAc;IACxB;;;OAGG;IACH,gBAAgB,qBAAqB;IAErC;;;OAGG;IACH,SAAS,cAAc;CACxB;AAED;;;;;;;;;GASG;AACH,KAAK,2BAA2B,CAAC,IAAI,SAAS,cAAc,IAAI;IAC9D;;OAEG;IACH,cAAc,EAAE,IAAI,CAAC;IAErB;;OAEG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,cAAc,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IAEvD;;;;;;;;;OASG;IAGH,OAAO,CAAC,EAAE,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1D;;;;;;;;;;OAUG;IACH,SAAS,CAAC,EAAE,6BAA6B,CAAC;IAE1C;;;;;OAKG;IACH,UAAU,CAAC,EAAE,oBAAoB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;IAErE;;;;;OAKG;IACH,YAAY,CAAC,EAAE,SAAS,WAAW,EAAE,CAAC;CACvC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,uCAAuC,GACjD,2BAA2B,CAAC,cAAc,CAAC,gBAAgB,CAAC,GAAG;IAC7D;;;OAGG;IAGH,oBAAoB,EAAE,gBAAgB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;CACnD,CAAC;AAEJ;;;;;;GAMG;AACH,MAAM,MAAM,gCAAgC,GAC1C,2BAA2B,CAAC,cAAc,CAAC,SAAS,CAAC,GAAG;IACtD;;;;;OAKG;IACH,eAAe,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAEJ;;;;;;;;;GASG;AACH,MAAM,MAAM,iCAAiC,GACzC,gCAAgC,GAChC,uCAAuC,CAAC;AAE5C;;GAEG;AACH,KAAK,qCAAqC,CACxC,YAAY,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5C,WAAW,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC3C,cAAc,SAAS,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAC5C;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC;IACxD,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,8BAA8B,CACxC,IAAI,SAAS,cAAc,EAC3B,OAAO,SAAS,qCAAqC,CACnD,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,aAAa,SAAS,iCAAiC,GAAG;IACxD,cAAc,EAAE,IAAI,CAAC;CACtB,IACC,CAAC,OAAO,EAAE,OAAO,KAAK,aAAa,CAAC;AAExC;;;GAGG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,UAAU,EAAE,MAAM,CAAC;IACnB,oBAAoB,EAAE,8BAA8B,CAClD,cAAc,EACd,qCAAqC,CACnC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvB,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CACxB,EACD,iCAAiC,CAClC,CAAC;IACF,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACvC,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;CAC3C,CAAC;AAEF,KAAK,kCAAkC,CACrC,aAAa,SAAS,uCAAuC,IAE7D,aAAa,CAAC,sBAAsB,CAAC,SAAS,qBAAqB,CACjE,aAAa,CAAC,sBAAsB,CAAC,CACtC,GACG,aAAa,GACb,KAAK,CAAC;AAEZ;;;;;GAKG;AACH,MAAM,MAAM,4BAA4B,CACtC,aAAa,SAAS,iCAAiC,IACrD,aAAa,CAAC,YAAY,CAAC,SAAS,UAAU,GAC9C,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,SAAS,GAC9D,aAAa,GACb,aAAa,CAAC,gBAAgB,CAAC,SAAS,cAAc,CAAC,gBAAgB,GACrE,kCAAkC,CAChC,OAAO,CAAC,aAAa,EAAE,uCAAuC,CAAC,CAChE,GACD,KAAK,GACT,KAAK,CAAC;AAEV;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,cAAc,EAE3B,aAAa,EAAE,aAAa,EAC5B,YAAY,EAAE,IAAI,GACjB,aAAa,IAAI,aAAa,GAAG;IAClC,cAAc,EAAE,IAAI,CAAC;CACtB,CAEA;AAED;;;;;GAKG;AACH,MAAM,MAAM,0BAA0B,CACpC,aAAa,SAAS,iCAAiC,IACrD;KACD,IAAI,IAAI,aAAa,CAAC,YAAY,CAAC,GAAG,aAAa,SAAS;QAC3D,UAAU,EAAE,IAAI,CAAC;KAClB,GACG,aAAa,GACb,KAAK;CACV,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8BAA8B,CACxC,aAAa,SAAS,iCAAiC,EACvD,IAAI,SAAS,aAAa,CAAC,YAAY,CAAC,IACtC,aAAa,SAAS;IACxB,UAAU,EAAE,IAAI,CAAC;CAClB,GACG,aAAa,GACb,KAAK,CAAC"}

package/dist/Permission.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"Permission.mjs","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,eAAe;AAkJhC;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAEjC,OAA4C;IAC5C,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,MAAM,EAAE;QACZ,gBAAgB,EAAE,MAAM;QACxB,OAAO;QACP,OAAO;QACP,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;KACP,CAAC;AACxB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,UAAU,CACxB,UAAgC,EAChC,UAAkB;IAElB,OAAO,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;AAC1E,CAAC;AAgKD;;GAEG;AACH,MAAM,CAAN,IAAY,cAYX;AAZD,WAAY,cAAc;IACxB;;;OAGG;IACH,uDAAqC,CAAA;IAErC;;;OAGG;IACH,yCAAuB,CAAA;AACzB,CAAC,EAZW,cAAc,KAAd,cAAc,QAYzB;AAyLD;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAIlC,aAA4B,EAC5B,YAAkB;IAIlB,OAAO,aAAa,CAAC,cAAc,KAAK,YAAY,CAAC;AACvD,CAAC","sourcesContent":["import type { NonEmptyArray } from '@metamask/controller-utils';\nimport type { ActionConstraint, EventConstraint } from '@metamask/messenger';\nimport type { Json } from '@metamask/utils';\nimport { nanoid } from 'nanoid';\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { CaveatConstraint, Caveat } from './Caveat';\nimport type {\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n PermissionController,\n PermissionsRequest,\n SideEffectMessenger,\n} from './PermissionController';\nimport type { SubjectType } from './SubjectMetadataController';\n\n/*\n The origin of a subject.\n * Effectively the GUID of an entity that can have permissions.\n /\nexport type OriginString = string;\n\n/\n The name of a permission target.\n /\ntype TargetName = string;\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n /\nexport type PermissionConstraint = {\n /\n The context(s) in which this capability is meaningful.\n \n It is required by the standard, but we make it optional since there is only\n * one context in our usage (i.e. the user's MetaMask instance).\n /\n readonly '@context'?: NonEmptyArray<string>;\n\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: null \| NonEmptyArray<CaveatConstraint>;\n\n /\n The creation date of the permission, in UNIX epoch time.\n /\n readonly date: number;\n\n /\n The GUID of the permission object.\n /\n readonly id: string;\n\n /\n The origin string of the subject that has the permission.\n /\n readonly invoker: OriginString;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: string;\n};\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n \n @template Name - The name of the permission that the target corresponds to.\n * @template AllowedCaveat - A union of the allowed {@link Caveat} types\n * for the permission.\n /\nexport type ValidPermission<\n Name extends TargetName,\n AllowedCaveat extends CaveatConstraint,\n> = PermissionConstraint & {\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: AllowedCaveat extends never\n ? null\n : NonEmptyArray<AllowedCaveat> \| null;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: Name;\n};\n\n/\n Internal utility for extracting the members types of an array. The type\n * evalutes to `never` if the specified type is the empty tuple or neither\n * an array nor a tuple.\n \n @template ArrayType - The array type whose members to extract.\n /\ntype ExtractArrayMembers<ArrayType> = ArrayType extends []\n ? never\n : ArrayType extends unknown[] \| readonly unknown[]\n ? ArrayType[number]\n : never;\n\n/\n A utility type for extracting the allowed caveat types for a particular\n * permission from a permission specification type.\n \n @template PermissionSpecification - The permission specification type to\n * extract valid caveat types from.\n /\nexport type ExtractAllowedCaveatTypes<\n PermissionSpecification extends PermissionSpecificationConstraint,\n> = ExtractArrayMembers<PermissionSpecification['allowedCaveats']>;\n\n/\n The options object of {@link constructPermission}.\n \n @template TargetPermission - The {@link Permission} that will be constructed.\n /\nexport type PermissionOptions<TargetPermission extends PermissionConstraint> = {\n target: TargetPermission['parentCapability'];\n /\n The origin string of the subject that has the permission.\n /\n invoker: OriginString;\n\n /\n The caveats of the permission.\n * See {@link Caveat}.\n /\n caveats?: NonEmptyArray<CaveatConstraint>;\n};\n\n/\n The default permission factory function. Naively constructs a permission from\n * the inputs. Sets a default, random `id` if none is provided.\n \n @see {@link Permission} For more details.\n * @template TargetPermission- - The {@link Permission} that will be constructed.\n * @param options - The options for the permission.\n * @returns The new permission object.\n /\nexport function constructPermission<\n TargetPermission extends PermissionConstraint,\n>(options: PermissionOptions<TargetPermission>): TargetPermission {\n const { caveats = null, invoker, target } = options;\n\n return {\n id: nanoid(),\n parentCapability: target,\n invoker,\n caveats,\n date: new Date().getTime(),\n } as TargetPermission;\n}\n\n/\n Gets the caveat of the specified type belonging to the specified permission.\n \n @param permission - The permission whose caveat to retrieve.\n * @param caveatType - The type of the caveat to retrieve.\n * @returns The caveat, or undefined if no such caveat exists.\n /\nexport function findCaveat(\n permission: PermissionConstraint,\n caveatType: string,\n): CaveatConstraint \| undefined {\n return permission.caveats?.find((caveat) => caveat.type === caveatType);\n}\n\n/\n A requested permission object. Just an object with any of the properties\n * of a {@link PermissionConstraint} object.\n /\ntype RequestedPermission = Partial<PermissionConstraint>;\n\n/\n A record of target names and their {@link RequestedPermission} objects.\n /\nexport type RequestedPermissions = Record<TargetName, RequestedPermission>;\n\n/\n The restricted method context object. Essentially a way to pass internal\n * arguments to restricted methods and caveat functions, most importantly the\n * requesting origin.\n /\ntype RestrictedMethodContext = Readonly<{\n origin: OriginString;\n [key: string]: unknown;\n}>;\n\nexport type RestrictedMethodParameters = Json[] \| Record<string, Json>;\n\n/\n The arguments passed to a restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n /\nexport type RestrictedMethodOptions<\n Params extends RestrictedMethodParameters \| null,\n> = {\n method: TargetName;\n params?: Params;\n context: RestrictedMethodContext;\n};\n\n/\n A synchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type SyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Result;\n\n/\n An asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type AsyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Promise<Result>;\n\n/\n A synchronous or asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type RestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> =\n \| SyncRestrictedMethod<Params, Result>\n \| AsyncRestrictedMethod<Params, Result>;\n\nexport type ValidRestrictedMethod<\n MethodImplementation extends RestrictedMethod<\n RestrictedMethodParameters,\n Json\n >,\n> = MethodImplementation extends (args: infer Options) => Json \| Promise<Json>\n ? Options extends RestrictedMethodOptions<RestrictedMethodParameters>\n ? MethodImplementation\n : never\n : never;\n\n/\n {@link EndowmentGetter} parameter object.\n /\nexport type EndowmentGetterParams = {\n /\n The origin of the requesting subject.\n /\n origin: string;\n\n /\n Any additional data associated with the request.\n /\n requestData?: unknown;\n\n [key: string]: unknown;\n};\n\n/\n A synchronous or asynchronous function that gets the endowments for a\n * particular endowment permission. The getter receives the origin of the\n * requesting subject and, optionally, additional request metadata.\n /\nexport type EndowmentGetter<Endowments extends Json> = (\n options: EndowmentGetterParams,\n) => Endowments \| Promise<Endowments>;\n\nexport type PermissionFactory<\n TargetPermission extends PermissionConstraint,\n RequestData extends Record<string, unknown>,\n> = (\n options: PermissionOptions<TargetPermission>,\n requestData?: RequestData,\n) => TargetPermission;\n\nexport type PermissionValidatorConstraint = (\n permission: PermissionConstraint,\n origin?: OriginString,\n target?: string,\n) => void;\n\n/\n The parameters passed to the side-effect function.\n /\nexport type SideEffectParams<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n requestData: PermissionsRequest;\n messenger: SideEffectMessenger<Actions, Events>;\n};\n\n/\n A function that will execute actions as a permission side-effect.\n /\nexport type SideEffectHandler<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = (params: SideEffectParams<Actions, Events>) => Promise<unknown>;\n\n/\n The permissions side effects.\n /\nexport type PermissionSideEffect<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n /\n A method triggered when the permission is accepted by the user\n /\n onPermitted: SideEffectHandler<Actions, Events>;\n /\n A method triggered if a `onPermitted` method rejected.\n /\n onFailure?: SideEffectHandler<Actions, Events>;\n};\n\n/\n The different possible types of permissions.\n /\nexport enum PermissionType {\n /\n A restricted JSON-RPC method. A subject must have the requisite permission\n * to call a restricted JSON-RPC method.\n /\n RestrictedMethod = 'RestrictedMethod',\n\n /\n An \"endowment\" granted to subjects that possess the requisite permission,\n * such as a global environment variable exposing a restricted API, etc.\n /\n Endowment = 'Endowment',\n}\n\n/\n The base constraint for permission specification objects. Every\n * {@link Permission} supported by a {@link PermissionController} must have an\n * associated specification, which is the source of truth for all permission-\n * related types. A permission specification includes the list of permitted\n * caveats, and any factory and validation functions specified by the consumer.\n * A concrete permission specification may specify further fields as necessary.\n \n See the README for more details.\n /\ntype PermissionSpecificationBase<Type extends PermissionType> = {\n /\n The type of the specified permission.\n /\n permissionType: Type;\n\n /\n The name of the target resource of the permission.\n /\n targetName: string;\n\n /\n An array of the caveat types that may be added to instances of this\n * permission.\n /\n allowedCaveats: Readonly<NonEmptyArray<string>> \| null;\n\n /\n The factory function used to get permission objects. Permissions returned\n * by this function are presumed to valid, and they will not be passed to the\n * validator function associated with this specification (if any). In other\n * words, the factory function should validate the permissions it creates.\n \n If no factory is specified, the {@link Permission} constructor will be\n * used, and the validator function (if specified) will be called on newly\n * constructed permissions.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n factory?: PermissionFactory<any, Record<string, unknown>>;\n\n /\n The validator function used to validate permissions of the associated type\n * whenever they are granted or their caveat arrays are mutated.\n \n Permission validators are not invoked when a caveat is mutated, provided\n * the caveat array has not changed. For this reason, permission validators\n * must not be used to validate caveats. To validate caveats, use the\n * corresponding caveat specification property.\n \n The validator should throw an appropriate JSON-RPC error if validation fails.\n /\n validator?: PermissionValidatorConstraint;\n\n /\n The side-effect triggered by the {@link PermissionController} once the user approved it.\n * The side-effect can only be an action allowed to be called inside the {@link PermissionController}.\n \n If the side-effect action fails, the permission that triggered it is revoked.\n /\n sideEffect?: PermissionSideEffect<ActionConstraint, EventConstraint>;\n\n /\n The Permission may be available to only a subset of the subject types. If so, specify the subject types as an array.\n * If a subject with a type not in this array tries to request the permission, the call will fail.\n \n Leaving this as undefined uses default behaviour where the permission is available to request for all subject types.\n /\n subjectTypes?: readonly SubjectType[];\n};\n\n/\n The constraint for restricted method permission specification objects.\n * Permissions that correspond to JSON-RPC methods are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type RestrictedMethodSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.RestrictedMethod> & {\n /\n The implementation of the restricted method that the permission\n * corresponds to.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n methodImplementation: RestrictedMethod<any, Json>;\n };\n\n/\n The constraint for endowment permission specification objects. Permissions\n * that endow callers with some restricted resource are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type EndowmentSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.Endowment> & {\n /\n The {@link EndowmentGetter} function for the permission. This function\n * will be called by the {@link PermissionController} whenever the\n * permission is invoked, after which the host can apply the endowments to\n * the requesting subject in the intended manner.\n /\n endowmentGetter: EndowmentGetter<Json>;\n };\n\n/\n The constraint for permission specification objects. Every {@link Permission}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all permission-related types.\n * All specifications must adhere to the {@link PermissionSpecificationBase}\n * interface, but specifications may have different fields depending on the\n * {@link PermissionType}.\n \n See the README for more details.\n /\nexport type PermissionSpecificationConstraint =\n \| EndowmentSpecificationConstraint\n \| RestrictedMethodSpecificationConstraint;\n\n/\n Options for {@link PermissionSpecificationBuilder} functions.\n /\ntype PermissionSpecificationBuilderOptions<\n MethodHooks extends Record<string, unknown>,\n SpecMessenger = unknown,\n> = {\n targetName?: string;\n allowedCaveats?: Readonly<NonEmptyArray<string>> \| null;\n methodHooks?: MethodHooks;\n /\n A messenger scoped to this permission specification. The messenger is\n * expected to have exactly the actions declared by the spec's `actionNames`\n * delegated to it; {@link createRestrictedMethodMessenger} is the canonical\n * way to construct it.\n /\n messenger?: SpecMessenger;\n};\n\n/\n A function that builds a permission specification. Modules that specify\n * permissions for external consumption should make this their primary /\n * default export so that host applications can use them to generate concrete\n * specifications tailored to their requirements.\n /\nexport type PermissionSpecificationBuilder<\n Type extends PermissionType,\n Options extends PermissionSpecificationBuilderOptions<\n Record<string, unknown>\n >,\n Specification extends PermissionSpecificationConstraint & {\n permissionType: Type;\n },\n> = (options: Options) => Specification;\n\ntype ValidRestrictedMethodSpecification<\n Specification extends RestrictedMethodSpecificationConstraint,\n> =\n Specification['methodImplementation'] extends ValidRestrictedMethod<\n Specification['methodImplementation']\n >\n ? Specification\n : never;\n\n/\n Constraint for {@link PermissionSpecificationConstraint} objects that\n * evaluates to `never` if the specification contains any invalid fields.\n \n @template Specification - The permission specification to validate.\n /\nexport type ValidPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n> = Specification['targetName'] extends TargetName\n ? Specification['permissionType'] extends PermissionType.Endowment\n ? Specification\n : Specification['permissionType'] extends PermissionType.RestrictedMethod\n ? ValidRestrictedMethodSpecification<\n Extract<Specification, RestrictedMethodSpecificationConstraint>\n >\n : never\n : never;\n\n/\n Checks that the specification has the expected permission type.\n \n @param specification - The specification to check.\n * @param expectedType - The expected permission type.\n * @template Specification - The specification to check.\n * @template Type - The expected permission type.\n * @returns Whether or not the specification is of the expected type.\n /\nexport function hasSpecificationType<\n Specification extends PermissionSpecificationConstraint,\n Type extends PermissionType,\n>(\n specification: Specification,\n expectedType: Type,\n): specification is Specification & {\n permissionType: Type;\n} {\n return specification.permissionType === expectedType;\n}\n\n/\n The specifications for all permissions supported by a particular\n * {@link PermissionController}.\n \n @template Specifications - The union of all {@link PermissionSpecificationConstraint} types.\n /\nexport type PermissionSpecificationMap<\n Specification extends PermissionSpecificationConstraint,\n> = {\n [Name in Specification['targetName']]: Specification extends {\n targetName: Name;\n }\n ? Specification\n : never;\n};\n\n/\n Extracts a specific {@link PermissionSpecificationConstraint} from a union of\n * permission specifications.\n \n @template Specification - The specification union type to extract from.\n * @template Name - The `targetName` of the specification to extract.\n */\nexport type ExtractPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n Name extends Specification['targetName'],\n> = Specification extends {\n targetName: Name;\n}\n ? Specification\n : never;\n"]}
1	+ {"version":3,"file":"Permission.mjs","sourceRoot":"","sources":["../src/Permission.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,eAAe;AAkJhC;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAEjC,OAA4C;IAC5C,MAAM,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,MAAM,EAAE;QACZ,gBAAgB,EAAE,MAAM;QACxB,OAAO;QACP,OAAO;QACP,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;KACP,CAAC;AACxB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,UAAU,CACxB,UAAgC,EAChC,UAAkB;IAElB,OAAO,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;AAC1E,CAAC;AAgKD;;GAEG;AACH,MAAM,CAAN,IAAY,cAYX;AAZD,WAAY,cAAc;IACxB;;;OAGG;IACH,uDAAqC,CAAA;IAErC;;;OAGG;IACH,yCAAuB,CAAA;AACzB,CAAC,EAZW,cAAc,KAAd,cAAc,QAYzB;AA2MD;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAIlC,aAA4B,EAC5B,YAAkB;IAIlB,OAAO,aAAa,CAAC,cAAc,KAAK,YAAY,CAAC;AACvD,CAAC","sourcesContent":["import type { NonEmptyArray } from '@metamask/controller-utils';\nimport type { ActionConstraint, EventConstraint } from '@metamask/messenger';\nimport type { Json } from '@metamask/utils';\nimport { nanoid } from 'nanoid';\n\n// eslint-disable-next-line @typescript-eslint/no-unused-vars\nimport type { CaveatConstraint, Caveat } from './Caveat';\nimport type {\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n PermissionController,\n PermissionsRequest,\n SideEffectMessenger,\n} from './PermissionController';\nimport type { SubjectType } from './SubjectMetadataController';\n\n/*\n The origin of a subject.\n * Effectively the GUID of an entity that can have permissions.\n /\nexport type OriginString = string;\n\n/\n The name of a permission target.\n /\ntype TargetName = string;\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n /\nexport type PermissionConstraint = {\n /\n The context(s) in which this capability is meaningful.\n \n It is required by the standard, but we make it optional since there is only\n * one context in our usage (i.e. the user's MetaMask instance).\n /\n readonly '@context'?: NonEmptyArray<string>;\n\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: null \| NonEmptyArray<CaveatConstraint>;\n\n /\n The creation date of the permission, in UNIX epoch time.\n /\n readonly date: number;\n\n /\n The GUID of the permission object.\n /\n readonly id: string;\n\n /\n The origin string of the subject that has the permission.\n /\n readonly invoker: OriginString;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: string;\n};\n\n/\n A `ZCAP-LD`-like permission object. A permission is associated with a\n * particular `invoker`, which is the holder of the permission. Possessing the\n * permission grants access to a particular restricted resource, identified by\n * the `parentCapability`. The use of the restricted resource may be further\n * restricted by any `caveats` associated with the permission.\n \n See the README for details.\n \n @template Name - The name of the permission that the target corresponds to.\n * @template AllowedCaveat - A union of the allowed {@link Caveat} types\n * for the permission.\n /\nexport type ValidPermission<\n Name extends TargetName,\n AllowedCaveat extends CaveatConstraint,\n> = PermissionConstraint & {\n /\n The caveats of the permission.\n \n @see {@link Caveat} For more information.\n /\n readonly caveats: AllowedCaveat extends never\n ? null\n : NonEmptyArray<AllowedCaveat> \| null;\n\n /\n A pointer to the resource that possession of the capability grants\n * access to, for example a JSON-RPC method or endowment.\n /\n readonly parentCapability: Name;\n};\n\n/\n Internal utility for extracting the members types of an array. The type\n * evalutes to `never` if the specified type is the empty tuple or neither\n * an array nor a tuple.\n \n @template ArrayType - The array type whose members to extract.\n /\ntype ExtractArrayMembers<ArrayType> = ArrayType extends []\n ? never\n : ArrayType extends unknown[] \| readonly unknown[]\n ? ArrayType[number]\n : never;\n\n/\n A utility type for extracting the allowed caveat types for a particular\n * permission from a permission specification type.\n \n @template PermissionSpecification - The permission specification type to\n * extract valid caveat types from.\n /\nexport type ExtractAllowedCaveatTypes<\n PermissionSpecification extends PermissionSpecificationConstraint,\n> = ExtractArrayMembers<PermissionSpecification['allowedCaveats']>;\n\n/\n The options object of {@link constructPermission}.\n \n @template TargetPermission - The {@link Permission} that will be constructed.\n /\nexport type PermissionOptions<TargetPermission extends PermissionConstraint> = {\n target: TargetPermission['parentCapability'];\n /\n The origin string of the subject that has the permission.\n /\n invoker: OriginString;\n\n /\n The caveats of the permission.\n * See {@link Caveat}.\n /\n caveats?: NonEmptyArray<CaveatConstraint>;\n};\n\n/\n The default permission factory function. Naively constructs a permission from\n * the inputs. Sets a default, random `id` if none is provided.\n \n @see {@link Permission} For more details.\n * @template TargetPermission- - The {@link Permission} that will be constructed.\n * @param options - The options for the permission.\n * @returns The new permission object.\n /\nexport function constructPermission<\n TargetPermission extends PermissionConstraint,\n>(options: PermissionOptions<TargetPermission>): TargetPermission {\n const { caveats = null, invoker, target } = options;\n\n return {\n id: nanoid(),\n parentCapability: target,\n invoker,\n caveats,\n date: new Date().getTime(),\n } as TargetPermission;\n}\n\n/\n Gets the caveat of the specified type belonging to the specified permission.\n \n @param permission - The permission whose caveat to retrieve.\n * @param caveatType - The type of the caveat to retrieve.\n * @returns The caveat, or undefined if no such caveat exists.\n /\nexport function findCaveat(\n permission: PermissionConstraint,\n caveatType: string,\n): CaveatConstraint \| undefined {\n return permission.caveats?.find((caveat) => caveat.type === caveatType);\n}\n\n/\n A requested permission object. Just an object with any of the properties\n * of a {@link PermissionConstraint} object.\n /\ntype RequestedPermission = Partial<PermissionConstraint>;\n\n/\n A record of target names and their {@link RequestedPermission} objects.\n /\nexport type RequestedPermissions = Record<TargetName, RequestedPermission>;\n\n/\n The restricted method context object. Essentially a way to pass internal\n * arguments to restricted methods and caveat functions, most importantly the\n * requesting origin.\n /\ntype RestrictedMethodContext = Readonly<{\n origin: OriginString;\n [key: string]: unknown;\n}>;\n\nexport type RestrictedMethodParameters = Json[] \| Record<string, Json>;\n\n/\n The arguments passed to a restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n /\nexport type RestrictedMethodOptions<\n Params extends RestrictedMethodParameters \| null,\n> = {\n method: TargetName;\n params?: Params;\n context: RestrictedMethodContext;\n};\n\n/\n A synchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type SyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Result;\n\n/\n An asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type AsyncRestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> = (args: RestrictedMethodOptions<Params>) => Promise<Result>;\n\n/\n A synchronous or asynchronous restricted method implementation.\n \n @template Params - The JSON-RPC parameters of the restricted method.\n * @template Result - The JSON-RPC result of the restricted method.\n /\nexport type RestrictedMethod<\n Params extends RestrictedMethodParameters,\n Result extends Json,\n> =\n \| SyncRestrictedMethod<Params, Result>\n \| AsyncRestrictedMethod<Params, Result>;\n\nexport type ValidRestrictedMethod<\n MethodImplementation extends RestrictedMethod<\n RestrictedMethodParameters,\n Json\n >,\n> = MethodImplementation extends (args: infer Options) => Json \| Promise<Json>\n ? Options extends RestrictedMethodOptions<RestrictedMethodParameters>\n ? MethodImplementation\n : never\n : never;\n\n/\n {@link EndowmentGetter} parameter object.\n /\nexport type EndowmentGetterParams = {\n /\n The origin of the requesting subject.\n /\n origin: string;\n\n /\n Any additional data associated with the request.\n /\n requestData?: unknown;\n\n [key: string]: unknown;\n};\n\n/\n A synchronous or asynchronous function that gets the endowments for a\n * particular endowment permission. The getter receives the origin of the\n * requesting subject and, optionally, additional request metadata.\n /\nexport type EndowmentGetter<Endowments extends Json> = (\n options: EndowmentGetterParams,\n) => Endowments \| Promise<Endowments>;\n\nexport type PermissionFactory<\n TargetPermission extends PermissionConstraint,\n RequestData extends Record<string, unknown>,\n> = (\n options: PermissionOptions<TargetPermission>,\n requestData?: RequestData,\n) => TargetPermission;\n\nexport type PermissionValidatorConstraint = (\n permission: PermissionConstraint,\n origin?: OriginString,\n target?: string,\n) => void;\n\n/\n The parameters passed to the side-effect function.\n /\nexport type SideEffectParams<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n requestData: PermissionsRequest;\n messenger: SideEffectMessenger<Actions, Events>;\n};\n\n/\n A function that will execute actions as a permission side-effect.\n /\nexport type SideEffectHandler<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = (params: SideEffectParams<Actions, Events>) => Promise<unknown>;\n\n/\n The permissions side effects.\n /\nexport type PermissionSideEffect<\n Actions extends ActionConstraint,\n Events extends EventConstraint,\n> = {\n /\n A method triggered when the permission is accepted by the user\n /\n onPermitted: SideEffectHandler<Actions, Events>;\n /\n A method triggered if a `onPermitted` method rejected.\n /\n onFailure?: SideEffectHandler<Actions, Events>;\n};\n\n/\n The different possible types of permissions.\n /\nexport enum PermissionType {\n /\n A restricted JSON-RPC method. A subject must have the requisite permission\n * to call a restricted JSON-RPC method.\n /\n RestrictedMethod = 'RestrictedMethod',\n\n /\n An \"endowment\" granted to subjects that possess the requisite permission,\n * such as a global environment variable exposing a restricted API, etc.\n /\n Endowment = 'Endowment',\n}\n\n/\n The base constraint for permission specification objects. Every\n * {@link Permission} supported by a {@link PermissionController} must have an\n * associated specification, which is the source of truth for all permission-\n * related types. A permission specification includes the list of permitted\n * caveats, and any factory and validation functions specified by the consumer.\n * A concrete permission specification may specify further fields as necessary.\n \n See the README for more details.\n /\ntype PermissionSpecificationBase<Type extends PermissionType> = {\n /\n The type of the specified permission.\n /\n permissionType: Type;\n\n /\n The name of the target resource of the permission.\n /\n targetName: string;\n\n /\n An array of the caveat types that may be added to instances of this\n * permission.\n /\n allowedCaveats: Readonly<NonEmptyArray<string>> \| null;\n\n /\n The factory function used to get permission objects. Permissions returned\n * by this function are presumed to valid, and they will not be passed to the\n * validator function associated with this specification (if any). In other\n * words, the factory function should validate the permissions it creates.\n \n If no factory is specified, the {@link Permission} constructor will be\n * used, and the validator function (if specified) will be called on newly\n * constructed permissions.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n factory?: PermissionFactory<any, Record<string, unknown>>;\n\n /\n The validator function used to validate permissions of the associated type\n * whenever they are granted or their caveat arrays are mutated.\n \n Permission validators are not invoked when a caveat is mutated, provided\n * the caveat array has not changed. For this reason, permission validators\n * must not be used to validate caveats. To validate caveats, use the\n * corresponding caveat specification property.\n \n The validator should throw an appropriate JSON-RPC error if validation fails.\n /\n validator?: PermissionValidatorConstraint;\n\n /\n The side-effect triggered by the {@link PermissionController} once the user approved it.\n * The side-effect can only be an action allowed to be called inside the {@link PermissionController}.\n \n If the side-effect action fails, the permission that triggered it is revoked.\n /\n sideEffect?: PermissionSideEffect<ActionConstraint, EventConstraint>;\n\n /\n The Permission may be available to only a subset of the subject types. If so, specify the subject types as an array.\n * If a subject with a type not in this array tries to request the permission, the call will fail.\n \n Leaving this as undefined uses default behaviour where the permission is available to request for all subject types.\n /\n subjectTypes?: readonly SubjectType[];\n};\n\n/\n The constraint for restricted method permission specification objects.\n * Permissions that correspond to JSON-RPC methods are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type RestrictedMethodSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.RestrictedMethod> & {\n /\n The implementation of the restricted method that the permission\n * corresponds to.\n /\n // TODO: Replace `any` with type\n // eslint-disable-next-line @typescript-eslint/no-explicit-any\n methodImplementation: RestrictedMethod<any, Json>;\n };\n\n/\n The constraint for endowment permission specification objects. Permissions\n * that endow callers with some restricted resource are specified using objects\n * that conform to this type.\n \n See the README for more details.\n /\nexport type EndowmentSpecificationConstraint =\n PermissionSpecificationBase<PermissionType.Endowment> & {\n /\n The {@link EndowmentGetter} function for the permission. This function\n * will be called by the {@link PermissionController} whenever the\n * permission is invoked, after which the host can apply the endowments to\n * the requesting subject in the intended manner.\n /\n endowmentGetter: EndowmentGetter<Json>;\n };\n\n/\n The constraint for permission specification objects. Every {@link Permission}\n * supported by a {@link PermissionController} must have an associated\n * specification, which is the source of truth for all permission-related types.\n * All specifications must adhere to the {@link PermissionSpecificationBase}\n * interface, but specifications may have different fields depending on the\n * {@link PermissionType}.\n \n See the README for more details.\n /\nexport type PermissionSpecificationConstraint =\n \| EndowmentSpecificationConstraint\n \| RestrictedMethodSpecificationConstraint;\n\n/\n Options for {@link PermissionSpecificationBuilder} functions.\n /\ntype PermissionSpecificationBuilderOptions<\n FactoryHooks extends Record<string, unknown>,\n MethodHooks extends Record<string, unknown>,\n ValidatorHooks extends Record<string, unknown>,\n> = {\n targetName?: string;\n allowedCaveats?: Readonly<NonEmptyArray<string>> \| null;\n factoryHooks?: FactoryHooks;\n methodHooks?: MethodHooks;\n validatorHooks?: ValidatorHooks;\n};\n\n/\n A function that builds a permission specification. Modules that specify\n * permissions for external consumption should make this their primary /\n * default export so that host applications can use them to generate concrete\n * specifications tailored to their requirements.\n /\nexport type PermissionSpecificationBuilder<\n Type extends PermissionType,\n Options extends PermissionSpecificationBuilderOptions<\n Record<string, unknown>,\n Record<string, unknown>,\n Record<string, unknown>\n >,\n Specification extends PermissionSpecificationConstraint & {\n permissionType: Type;\n },\n> = (options: Options) => Specification;\n\n/\n A restricted method permission export object, containing the\n * {@link PermissionSpecificationBuilder} function and \"hook name\" objects.\n /\nexport type PermissionSpecificationBuilderExportConstraint = {\n targetName: string;\n specificationBuilder: PermissionSpecificationBuilder<\n PermissionType,\n PermissionSpecificationBuilderOptions<\n Record<string, unknown>,\n Record<string, unknown>,\n Record<string, unknown>\n >,\n PermissionSpecificationConstraint\n >;\n factoryHookNames?: Record<string, true>;\n methodHookNames?: Record<string, true>;\n validatorHookNames?: Record<string, true>;\n};\n\ntype ValidRestrictedMethodSpecification<\n Specification extends RestrictedMethodSpecificationConstraint,\n> =\n Specification['methodImplementation'] extends ValidRestrictedMethod<\n Specification['methodImplementation']\n >\n ? Specification\n : never;\n\n/\n Constraint for {@link PermissionSpecificationConstraint} objects that\n * evaluates to `never` if the specification contains any invalid fields.\n \n @template Specification - The permission specification to validate.\n /\nexport type ValidPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n> = Specification['targetName'] extends TargetName\n ? Specification['permissionType'] extends PermissionType.Endowment\n ? Specification\n : Specification['permissionType'] extends PermissionType.RestrictedMethod\n ? ValidRestrictedMethodSpecification<\n Extract<Specification, RestrictedMethodSpecificationConstraint>\n >\n : never\n : never;\n\n/\n Checks that the specification has the expected permission type.\n \n @param specification - The specification to check.\n * @param expectedType - The expected permission type.\n * @template Specification - The specification to check.\n * @template Type - The expected permission type.\n * @returns Whether or not the specification is of the expected type.\n /\nexport function hasSpecificationType<\n Specification extends PermissionSpecificationConstraint,\n Type extends PermissionType,\n>(\n specification: Specification,\n expectedType: Type,\n): specification is Specification & {\n permissionType: Type;\n} {\n return specification.permissionType === expectedType;\n}\n\n/\n The specifications for all permissions supported by a particular\n * {@link PermissionController}.\n \n @template Specifications - The union of all {@link PermissionSpecificationConstraint} types.\n /\nexport type PermissionSpecificationMap<\n Specification extends PermissionSpecificationConstraint,\n> = {\n [Name in Specification['targetName']]: Specification extends {\n targetName: Name;\n }\n ? Specification\n : never;\n};\n\n/\n Extracts a specific {@link PermissionSpecificationConstraint} from a union of\n * permission specifications.\n \n @template Specification - The specification union type to extract from.\n * @template Name - The `targetName` of the specification to extract.\n */\nexport type ExtractPermissionSpecification<\n Specification extends PermissionSpecificationConstraint,\n Name extends Specification['targetName'],\n> = Specification extends {\n targetName: Name;\n}\n ? Specification\n : never;\n"]}

package/dist/index.cjs CHANGED Viewed

@@ -26,10 +26,8 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.permissionRpcMethods = exports.MethodNames = exports.createPermissionMiddlewareV2 = exports.createPermissionMiddleware = exports.createRestrictedMethodMessenger = void 0;
+exports.permissionRpcMethods = exports.MethodNames = exports.createPermissionMiddlewareV2 = exports.createPermissionMiddleware = void 0;
 __exportStar(require("./Caveat.cjs"), exports);
-var createRestrictedMethodMessenger_1 = require("./createRestrictedMethodMessenger.cjs");
-Object.defineProperty(exports, "createRestrictedMethodMessenger", { enumerable: true, get: function () { return createRestrictedMethodMessenger_1.createRestrictedMethodMessenger; } });
 __exportStar(require("./errors.cjs"), exports);
 __exportStar(require("./Permission.cjs"), exports);
 __exportStar(require("./PermissionController.cjs"), exports);

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.cjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAyB;AACzB~~,yFAAoF;AAA3E,kJAAA~~,+~~BAA+B,OAAA;AACxC,+~~CAAyB;AACzB,mDAA6B;AAC7B,6DAAuC;AAoBvC,qEAIiC;AAH/B,mIAAA,0BAA0B,OAAA;AAC1B,qIAAA,4BAA4B,OAAA;AAS9B,qCAAsC;AAA7B,oGAAA,WAAW,OAAA;AACpB,gFAAsD;AACtD,kEAA4C","sourcesContent":["export * from './Caveat';\nexport ~~{ createRestrictedMethodMessenger } from './createRestrictedMethodMessenger';\nexport~~ * from './errors';\nexport * from './Permission';\nexport * from './PermissionController';\nexport type {\n PermissionControllerClearStateAction,\n PermissionControllerExecuteRestrictedMethodAction,\n PermissionControllerGetCaveatAction,\n PermissionControllerGetEndowmentsAction,\n PermissionControllerGetPermissionsAction,\n PermissionControllerGetSubjectNamesAction,\n PermissionControllerGrantPermissionsAction,\n PermissionControllerGrantPermissionsIncrementalAction,\n PermissionControllerHasPermissionAction,\n PermissionControllerHasPermissionsAction,\n PermissionControllerHasUnrestrictedMethodAction,\n PermissionControllerRequestPermissionsAction,\n PermissionControllerRequestPermissionsIncrementalAction,\n PermissionControllerRevokeAllPermissionsAction,\n PermissionControllerRevokePermissionForAllSubjectsAction,\n PermissionControllerRevokePermissionsAction,\n PermissionControllerUpdateCaveatAction,\n} from './PermissionController-method-action-types';\nexport {\n createPermissionMiddleware,\n createPermissionMiddlewareV2,\n type PermissionMiddlewareActions,\n} from './permission-middleware';\nexport type {\n ExtractSpecifications,\n HandlerMiddlewareFunction,\n HookNames,\n PermittedHandlerExport,\n} from './utils';\nexport { MethodNames } from './utils';\nexport * as permissionRpcMethods from './rpc-methods';\nexport * from './SubjectMetadataController';\nexport type {\n SubjectMetadataControllerClearStateAction,\n SubjectMetadataControllerAddSubjectMetadataAction,\n SubjectMetadataControllerGetSubjectMetadataAction,\n SubjectMetadataControllerTrimMetadataStateAction,\n} from './SubjectMetadataController-method-action-types';\n"]}
1	+ {"version":3,"file":"index.cjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAyB;AACzB,+CAAyB;AACzB,mDAA6B;AAC7B,6DAAuC;AAoBvC,qEAIiC;AAH/B,mIAAA,0BAA0B,OAAA;AAC1B,qIAAA,4BAA4B,OAAA;AAS9B,qCAAsC;AAA7B,oGAAA,WAAW,OAAA;AACpB,gFAAsD;AACtD,kEAA4C","sourcesContent":["export * from './Caveat';\nexport * from './errors';\nexport * from './Permission';\nexport * from './PermissionController';\nexport type {\n PermissionControllerClearStateAction,\n PermissionControllerExecuteRestrictedMethodAction,\n PermissionControllerGetCaveatAction,\n PermissionControllerGetEndowmentsAction,\n PermissionControllerGetPermissionsAction,\n PermissionControllerGetSubjectNamesAction,\n PermissionControllerGrantPermissionsAction,\n PermissionControllerGrantPermissionsIncrementalAction,\n PermissionControllerHasPermissionAction,\n PermissionControllerHasPermissionsAction,\n PermissionControllerHasUnrestrictedMethodAction,\n PermissionControllerRequestPermissionsAction,\n PermissionControllerRequestPermissionsIncrementalAction,\n PermissionControllerRevokeAllPermissionsAction,\n PermissionControllerRevokePermissionForAllSubjectsAction,\n PermissionControllerRevokePermissionsAction,\n PermissionControllerUpdateCaveatAction,\n} from './PermissionController-method-action-types';\nexport {\n createPermissionMiddleware,\n createPermissionMiddlewareV2,\n type PermissionMiddlewareActions,\n} from './permission-middleware';\nexport type {\n ExtractSpecifications,\n HandlerMiddlewareFunction,\n HookNames,\n PermittedHandlerExport,\n} from './utils';\nexport { MethodNames } from './utils';\nexport * as permissionRpcMethods from './rpc-methods';\nexport * from './SubjectMetadataController';\nexport type {\n SubjectMetadataControllerClearStateAction,\n SubjectMetadataControllerAddSubjectMetadataAction,\n SubjectMetadataControllerGetSubjectMetadataAction,\n SubjectMetadataControllerTrimMetadataStateAction,\n} from './SubjectMetadataController-method-action-types';\n"]}

package/dist/index.d.cts CHANGED Viewed

@@ -1,5 +1,4 @@
 export * from "./Caveat.cjs";
-export { createRestrictedMethodMessenger } from "./createRestrictedMethodMessenger.cjs";
 export * from "./errors.cjs";
 export * from "./Permission.cjs";
 export * from "./PermissionController.cjs";

package/dist/index.d.cts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,~~OAAO,EAAE,+BAA+B,EAAE,8CAA0C;AACpF,~~6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AACvC,YAAY,EACV,oCAAoC,EACpC,iDAAiD,EACjD,mCAAmC,EACnC,uCAAuC,EACvC,wCAAwC,EACxC,yCAAyC,EACzC,0CAA0C,EAC1C,qDAAqD,EACrD,uCAAuC,EACvC,wCAAwC,EACxC,+CAA+C,EAC/C,4CAA4C,EAC5C,uDAAuD,EACvD,8CAA8C,EAC9C,wDAAwD,EACxD,2CAA2C,EAC3C,sCAAsC,GACvC,uDAAmD;AACpD,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,KAAK,2BAA2B,GACjC,oCAAgC;AACjC,YAAY,EACV,qBAAqB,EACrB,yBAAyB,EACzB,SAAS,EACT,sBAAsB,GACvB,oBAAgB;AACjB,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C;AAC5C,YAAY,EACV,yCAAyC,EACzC,iDAAiD,EACjD,iDAAiD,EACjD,gDAAgD,GACjD,4DAAwD"}
1	+ {"version":3,"file":"index.d.cts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AACvC,YAAY,EACV,oCAAoC,EACpC,iDAAiD,EACjD,mCAAmC,EACnC,uCAAuC,EACvC,wCAAwC,EACxC,yCAAyC,EACzC,0CAA0C,EAC1C,qDAAqD,EACrD,uCAAuC,EACvC,wCAAwC,EACxC,+CAA+C,EAC/C,4CAA4C,EAC5C,uDAAuD,EACvD,8CAA8C,EAC9C,wDAAwD,EACxD,2CAA2C,EAC3C,sCAAsC,GACvC,uDAAmD;AACpD,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,KAAK,2BAA2B,GACjC,oCAAgC;AACjC,YAAY,EACV,qBAAqB,EACrB,yBAAyB,EACzB,SAAS,EACT,sBAAsB,GACvB,oBAAgB;AACjB,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C;AAC5C,YAAY,EACV,yCAAyC,EACzC,iDAAiD,EACjD,iDAAiD,EACjD,gDAAgD,GACjD,4DAAwD"}

package/dist/index.d.mts CHANGED Viewed

@@ -1,5 +1,4 @@
 export * from "./Caveat.mjs";
-export { createRestrictedMethodMessenger } from "./createRestrictedMethodMessenger.mjs";
 export * from "./errors.mjs";
 export * from "./Permission.mjs";
 export * from "./PermissionController.mjs";

package/dist/index.d.mts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,~~OAAO,EAAE,+BAA+B,EAAE,8CAA0C;AACpF,~~6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AACvC,YAAY,EACV,oCAAoC,EACpC,iDAAiD,EACjD,mCAAmC,EACnC,uCAAuC,EACvC,wCAAwC,EACxC,yCAAyC,EACzC,0CAA0C,EAC1C,qDAAqD,EACrD,uCAAuC,EACvC,wCAAwC,EACxC,+CAA+C,EAC/C,4CAA4C,EAC5C,uDAAuD,EACvD,8CAA8C,EAC9C,wDAAwD,EACxD,2CAA2C,EAC3C,sCAAsC,GACvC,uDAAmD;AACpD,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,KAAK,2BAA2B,GACjC,oCAAgC;AACjC,YAAY,EACV,qBAAqB,EACrB,yBAAyB,EACzB,SAAS,EACT,sBAAsB,GACvB,oBAAgB;AACjB,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C;AAC5C,YAAY,EACV,yCAAyC,EACzC,iDAAiD,EACjD,iDAAiD,EACjD,gDAAgD,GACjD,4DAAwD"}
1	+ {"version":3,"file":"index.d.mts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AACvC,YAAY,EACV,oCAAoC,EACpC,iDAAiD,EACjD,mCAAmC,EACnC,uCAAuC,EACvC,wCAAwC,EACxC,yCAAyC,EACzC,0CAA0C,EAC1C,qDAAqD,EACrD,uCAAuC,EACvC,wCAAwC,EACxC,+CAA+C,EAC/C,4CAA4C,EAC5C,uDAAuD,EACvD,8CAA8C,EAC9C,wDAAwD,EACxD,2CAA2C,EAC3C,sCAAsC,GACvC,uDAAmD;AACpD,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,KAAK,2BAA2B,GACjC,oCAAgC;AACjC,YAAY,EACV,qBAAqB,EACrB,yBAAyB,EACzB,SAAS,EACT,sBAAsB,GACvB,oBAAgB;AACjB,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C;AAC5C,YAAY,EACV,yCAAyC,EACzC,iDAAiD,EACjD,iDAAiD,EACjD,gDAAgD,GACjD,4DAAwD"}

package/dist/index.mjs CHANGED Viewed

@@ -1,5 +1,4 @@
 export * from "./Caveat.mjs";
-export { createRestrictedMethodMessenger } from "./createRestrictedMethodMessenger.mjs";
 export * from "./errors.mjs";
 export * from "./Permission.mjs";
 export * from "./PermissionController.mjs";

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,~~OAAO,EAAE,+BAA+B,EAAE,8CAA0C;AACpF,~~6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AAoBvC,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAE7B,oCAAgC;AAOjC,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C","sourcesContent":["export * from './Caveat';\nexport ~~{ createRestrictedMethodMessenger } from './createRestrictedMethodMessenger';\nexport~~ * from './errors';\nexport * from './Permission';\nexport * from './PermissionController';\nexport type {\n PermissionControllerClearStateAction,\n PermissionControllerExecuteRestrictedMethodAction,\n PermissionControllerGetCaveatAction,\n PermissionControllerGetEndowmentsAction,\n PermissionControllerGetPermissionsAction,\n PermissionControllerGetSubjectNamesAction,\n PermissionControllerGrantPermissionsAction,\n PermissionControllerGrantPermissionsIncrementalAction,\n PermissionControllerHasPermissionAction,\n PermissionControllerHasPermissionsAction,\n PermissionControllerHasUnrestrictedMethodAction,\n PermissionControllerRequestPermissionsAction,\n PermissionControllerRequestPermissionsIncrementalAction,\n PermissionControllerRevokeAllPermissionsAction,\n PermissionControllerRevokePermissionForAllSubjectsAction,\n PermissionControllerRevokePermissionsAction,\n PermissionControllerUpdateCaveatAction,\n} from './PermissionController-method-action-types';\nexport {\n createPermissionMiddleware,\n createPermissionMiddlewareV2,\n type PermissionMiddlewareActions,\n} from './permission-middleware';\nexport type {\n ExtractSpecifications,\n HandlerMiddlewareFunction,\n HookNames,\n PermittedHandlerExport,\n} from './utils';\nexport { MethodNames } from './utils';\nexport * as permissionRpcMethods from './rpc-methods';\nexport * from './SubjectMetadataController';\nexport type {\n SubjectMetadataControllerClearStateAction,\n SubjectMetadataControllerAddSubjectMetadataAction,\n SubjectMetadataControllerGetSubjectMetadataAction,\n SubjectMetadataControllerTrimMetadataStateAction,\n} from './SubjectMetadataController-method-action-types';\n"]}
1	+ {"version":3,"file":"index.mjs","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,6BAAyB;AACzB,6BAAyB;AACzB,iCAA6B;AAC7B,2CAAuC;AAoBvC,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAE7B,oCAAgC;AAOjC,OAAO,EAAE,WAAW,EAAE,oBAAgB;AACtC,OAAO,KAAK,oBAAoB,gCAAsB;AACtD,gDAA4C","sourcesContent":["export * from './Caveat';\nexport * from './errors';\nexport * from './Permission';\nexport * from './PermissionController';\nexport type {\n PermissionControllerClearStateAction,\n PermissionControllerExecuteRestrictedMethodAction,\n PermissionControllerGetCaveatAction,\n PermissionControllerGetEndowmentsAction,\n PermissionControllerGetPermissionsAction,\n PermissionControllerGetSubjectNamesAction,\n PermissionControllerGrantPermissionsAction,\n PermissionControllerGrantPermissionsIncrementalAction,\n PermissionControllerHasPermissionAction,\n PermissionControllerHasPermissionsAction,\n PermissionControllerHasUnrestrictedMethodAction,\n PermissionControllerRequestPermissionsAction,\n PermissionControllerRequestPermissionsIncrementalAction,\n PermissionControllerRevokeAllPermissionsAction,\n PermissionControllerRevokePermissionForAllSubjectsAction,\n PermissionControllerRevokePermissionsAction,\n PermissionControllerUpdateCaveatAction,\n} from './PermissionController-method-action-types';\nexport {\n createPermissionMiddleware,\n createPermissionMiddlewareV2,\n type PermissionMiddlewareActions,\n} from './permission-middleware';\nexport type {\n ExtractSpecifications,\n HandlerMiddlewareFunction,\n HookNames,\n PermittedHandlerExport,\n} from './utils';\nexport { MethodNames } from './utils';\nexport * as permissionRpcMethods from './rpc-methods';\nexport * from './SubjectMetadataController';\nexport type {\n SubjectMetadataControllerClearStateAction,\n SubjectMetadataControllerAddSubjectMetadataAction,\n SubjectMetadataControllerGetSubjectMetadataAction,\n SubjectMetadataControllerTrimMetadataStateAction,\n} from './SubjectMetadataController-method-action-types';\n"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@metamask-previews/permission-controller",
-  "version": "12.3.0-preview-1e2fe74a0",
+  "version": "12.3.0-preview-7e80c49",
   "description": "Mediates access to JSON-RPC methods, used to interact with pieces of the MetaMask stack, via middleware for json-rpc-engine",
   "keywords": [
     "Ethereum",

package/dist/createRestrictedMethodMessenger.cjs DELETED Viewed

@@ -1,20 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createRestrictedMethodMessenger = void 0;
-const messenger_1 = require("@metamask/messenger");
-function createRestrictedMethodMessenger({ rootMessenger, namespace, actionNames, }) {
-    if (!actionNames?.length) {
-        return undefined;
-    }
-    const restrictedMethodMessenger = new messenger_1.Messenger({
-        namespace,
-        parent: rootMessenger,
-    });
-    rootMessenger.delegate({
-        actions: actionNames,
-        messenger: restrictedMethodMessenger,
-    });
-    return restrictedMethodMessenger;
-}
-exports.createRestrictedMethodMessenger = createRestrictedMethodMessenger;
-//# sourceMappingURL=createRestrictedMethodMessenger.cjs.map

package/dist/createRestrictedMethodMessenger.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"createRestrictedMethodMessenger.cjs","sourceRoot":"","sources":["../src/createRestrictedMethodMessenger.ts"],"names":[],"mappings":";;;AAKA,mDAAgD;AA2DhD,SAAgB,+BAA+B,CAO7C,EACA,aAAa,EACb,SAAS,EACT,WAAW,GAKZ;IAQC,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,yBAAyB,GAAG,IAAI,qBAAS,CAK7C;QACA,SAAS;QACT,MAAM,EAAE,aAAa;KACtB,CAAC,CAAC;IAEH,aAAa,CAAC,QAAQ,CAAC;QACrB,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,yBAAyB;KACrC,CAAC,CAAC;IAEH,OAAO,yBAAyB,CAAC;AACnC,CAAC;AA3CD,0EA2CC","sourcesContent":["import type {\n ActionConstraint,\n EventConstraint,\n MessengerActions,\n} from '@metamask/messenger';\nimport { Messenger } from '@metamask/messenger';\n\n/**\n * The subset of `RootMessenger`'s actions selected by `DelegatedActions`.\n */\ntype SelectedActions<\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends readonly MessengerActions<RootMessenger>['type'][],\n> = Extract<\n MessengerActions<RootMessenger>,\n { type: DelegatedActions[number] }\n>;\n\n/**\n * Create a child messenger scoped to a restricted-method permission\n * specification, delegating only the spec's declared actions from the root\n * messenger. This produces a minimally-scoped messenger whose action surface\n * matches exactly what the spec has declared it needs.\n *\n * Returns `undefined` when `actionNames` is omitted — there is nothing to\n * scope, and the builder can be invoked without a messenger.\n *\n * @param args - The arguments.\n * @param args.rootMessenger - The root messenger to delegate actions from.\n * @param args.namespace - The namespace for the scoped child messenger,\n * typically the spec's `targetName`.\n * @param args.actionNames - The action types the specification requires,\n * typically the spec's declared `actionNames`. Must be a non-empty tuple of\n * action types that exist on the root messenger.\n * @returns A scoped child messenger with the requested actions delegated, or\n * `undefined` if no actions were requested.\n */\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends readonly [\n MessengerActions<RootMessenger>['type'],\n ...MessengerActions<RootMessenger>['type'][],\n ],\n>(args: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames: DelegatedActions;\n}): Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n>;\n\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n>(args: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames?: undefined;\n}): undefined;\n\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends [\n MessengerActions<RootMessenger>['type'],\n ...MessengerActions<RootMessenger>['type'][],\n ],\n>({\n rootMessenger,\n namespace,\n actionNames,\n}: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames?: DelegatedActions;\n}):\n | Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n >\n | undefined {\n if (!actionNames?.length) {\n return undefined;\n }\n\n const restrictedMethodMessenger = new Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n >({\n namespace,\n parent: rootMessenger,\n });\n\n rootMessenger.delegate({\n actions: actionNames,\n messenger: restrictedMethodMessenger,\n });\n\n return restrictedMethodMessenger;\n}\n"]}

package/dist/createRestrictedMethodMessenger.d.cts DELETED Viewed

@@ -1,42 +0,0 @@
-import type { ActionConstraint, EventConstraint, MessengerActions } from "@metamask/messenger";
-import { Messenger } from "@metamask/messenger";
-/**
- * The subset of `RootMessenger`'s actions selected by `DelegatedActions`.
- */
-type SelectedActions<RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>, DelegatedActions extends readonly MessengerActions<RootMessenger>['type'][]> = Extract<MessengerActions<RootMessenger>, {
-    type: DelegatedActions[number];
-}>;
-/**
- * Create a child messenger scoped to a restricted-method permission
- * specification, delegating only the spec's declared actions from the root
- * messenger. This produces a minimally-scoped messenger whose action surface
- * matches exactly what the spec has declared it needs.
- *
- * Returns `undefined` when `actionNames` is omitted — there is nothing to
- * scope, and the builder can be invoked without a messenger.
- *
- * @param args - The arguments.
- * @param args.rootMessenger - The root messenger to delegate actions from.
- * @param args.namespace - The namespace for the scoped child messenger,
- * typically the spec's `targetName`.
- * @param args.actionNames - The action types the specification requires,
- * typically the spec's declared `actionNames`. Must be a non-empty tuple of
- * action types that exist on the root messenger.
- * @returns A scoped child messenger with the requested actions delegated, or
- * `undefined` if no actions were requested.
- */
-export declare function createRestrictedMethodMessenger<Namespace extends string, RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>, DelegatedActions extends readonly [
-    MessengerActions<RootMessenger>['type'],
-    ...MessengerActions<RootMessenger>['type'][]
-]>(args: {
-    rootMessenger: RootMessenger;
-    namespace: Namespace;
-    actionNames: DelegatedActions;
-}): Messenger<Namespace, SelectedActions<RootMessenger, DelegatedActions>, never, RootMessenger>;
-export declare function createRestrictedMethodMessenger<Namespace extends string, RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>>(args: {
-    rootMessenger: RootMessenger;
-    namespace: Namespace;
-    actionNames?: undefined;
-}): undefined;
-export {};
-//# sourceMappingURL=createRestrictedMethodMessenger.d.cts.map

package/dist/createRestrictedMethodMessenger.d.cts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"createRestrictedMethodMessenger.d.cts","sourceRoot":"","sources":["../src/createRestrictedMethodMessenger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EACjB,4BAA4B;AAC7B,OAAO,EAAE,SAAS,EAAE,4BAA4B;AAEhD;;GAEG;AACH,KAAK,eAAe,CAClB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,gBAAgB,SAAS,SAAS,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE,IACzE,OAAO,CACT,gBAAgB,CAAC,aAAa,CAAC,EAC/B;IAAE,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAA;CAAE,CACnC,CAAC;AAEF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,+BAA+B,CAC7C,SAAS,SAAS,MAAM,EACxB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,gBAAgB,SAAS,SAAS;IAChC,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;IACvC,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE;CAC7C,EACD,IAAI,EAAE;IACN,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,SAAS,CAAC;IACrB,WAAW,EAAE,gBAAgB,CAAC;CAC/B,GAAG,SAAS,CACX,SAAS,EACT,eAAe,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAChD,KAAK,EACL,aAAa,CACd,CAAC;AAEF,wBAAgB,+BAA+B,CAC7C,SAAS,SAAS,MAAM,EACxB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,IAAI,EAAE;IACN,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,SAAS,CAAC;IACrB,WAAW,CAAC,EAAE,SAAS,CAAC;CACzB,GAAG,SAAS,CAAC"}

package/dist/createRestrictedMethodMessenger.d.mts DELETED Viewed

@@ -1,42 +0,0 @@
-import type { ActionConstraint, EventConstraint, MessengerActions } from "@metamask/messenger";
-import { Messenger } from "@metamask/messenger";
-/**
- * The subset of `RootMessenger`'s actions selected by `DelegatedActions`.
- */
-type SelectedActions<RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>, DelegatedActions extends readonly MessengerActions<RootMessenger>['type'][]> = Extract<MessengerActions<RootMessenger>, {
-    type: DelegatedActions[number];
-}>;
-/**
- * Create a child messenger scoped to a restricted-method permission
- * specification, delegating only the spec's declared actions from the root
- * messenger. This produces a minimally-scoped messenger whose action surface
- * matches exactly what the spec has declared it needs.
- *
- * Returns `undefined` when `actionNames` is omitted — there is nothing to
- * scope, and the builder can be invoked without a messenger.
- *
- * @param args - The arguments.
- * @param args.rootMessenger - The root messenger to delegate actions from.
- * @param args.namespace - The namespace for the scoped child messenger,
- * typically the spec's `targetName`.
- * @param args.actionNames - The action types the specification requires,
- * typically the spec's declared `actionNames`. Must be a non-empty tuple of
- * action types that exist on the root messenger.
- * @returns A scoped child messenger with the requested actions delegated, or
- * `undefined` if no actions were requested.
- */
-export declare function createRestrictedMethodMessenger<Namespace extends string, RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>, DelegatedActions extends readonly [
-    MessengerActions<RootMessenger>['type'],
-    ...MessengerActions<RootMessenger>['type'][]
-]>(args: {
-    rootMessenger: RootMessenger;
-    namespace: Namespace;
-    actionNames: DelegatedActions;
-}): Messenger<Namespace, SelectedActions<RootMessenger, DelegatedActions>, never, RootMessenger>;
-export declare function createRestrictedMethodMessenger<Namespace extends string, RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>>(args: {
-    rootMessenger: RootMessenger;
-    namespace: Namespace;
-    actionNames?: undefined;
-}): undefined;
-export {};
-//# sourceMappingURL=createRestrictedMethodMessenger.d.mts.map

package/dist/createRestrictedMethodMessenger.d.mts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"createRestrictedMethodMessenger.d.mts","sourceRoot":"","sources":["../src/createRestrictedMethodMessenger.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EACjB,4BAA4B;AAC7B,OAAO,EAAE,SAAS,EAAE,4BAA4B;AAEhD;;GAEG;AACH,KAAK,eAAe,CAClB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,gBAAgB,SAAS,SAAS,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE,IACzE,OAAO,CACT,gBAAgB,CAAC,aAAa,CAAC,EAC/B;IAAE,IAAI,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAA;CAAE,CACnC,CAAC;AAEF;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,+BAA+B,CAC7C,SAAS,SAAS,MAAM,EACxB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,gBAAgB,SAAS,SAAS;IAChC,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;IACvC,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE;CAC7C,EACD,IAAI,EAAE;IACN,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,SAAS,CAAC;IACrB,WAAW,EAAE,gBAAgB,CAAC;CAC/B,GAAG,SAAS,CACX,SAAS,EACT,eAAe,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAChD,KAAK,EACL,aAAa,CACd,CAAC;AAEF,wBAAgB,+BAA+B,CAC7C,SAAS,SAAS,MAAM,EACxB,aAAa,SAAS,SAAS,CAAC,MAAM,EAAE,gBAAgB,EAAE,eAAe,CAAC,EAC1E,IAAI,EAAE;IACN,aAAa,EAAE,aAAa,CAAC;IAC7B,SAAS,EAAE,SAAS,CAAC;IACrB,WAAW,CAAC,EAAE,SAAS,CAAC;CACzB,GAAG,SAAS,CAAC"}

package/dist/createRestrictedMethodMessenger.mjs DELETED Viewed

@@ -1,16 +0,0 @@
-import { Messenger } from "@metamask/messenger";
-export function createRestrictedMethodMessenger({ rootMessenger, namespace, actionNames, }) {
-    if (!actionNames?.length) {
-        return undefined;
-    }
-    const restrictedMethodMessenger = new Messenger({
-        namespace,
-        parent: rootMessenger,
-    });
-    rootMessenger.delegate({
-        actions: actionNames,
-        messenger: restrictedMethodMessenger,
-    });
-    return restrictedMethodMessenger;
-}
-//# sourceMappingURL=createRestrictedMethodMessenger.mjs.map

package/dist/createRestrictedMethodMessenger.mjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"createRestrictedMethodMessenger.mjs","sourceRoot":"","sources":["../src/createRestrictedMethodMessenger.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,SAAS,EAAE,4BAA4B;AA2DhD,MAAM,UAAU,+BAA+B,CAO7C,EACA,aAAa,EACb,SAAS,EACT,WAAW,GAKZ;IAQC,IAAI,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,yBAAyB,GAAG,IAAI,SAAS,CAK7C;QACA,SAAS;QACT,MAAM,EAAE,aAAa;KACtB,CAAC,CAAC;IAEH,aAAa,CAAC,QAAQ,CAAC;QACrB,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,yBAAyB;KACrC,CAAC,CAAC;IAEH,OAAO,yBAAyB,CAAC;AACnC,CAAC","sourcesContent":["import type {\n ActionConstraint,\n EventConstraint,\n MessengerActions,\n} from '@metamask/messenger';\nimport { Messenger } from '@metamask/messenger';\n\n/**\n * The subset of `RootMessenger`'s actions selected by `DelegatedActions`.\n */\ntype SelectedActions<\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends readonly MessengerActions<RootMessenger>['type'][],\n> = Extract<\n MessengerActions<RootMessenger>,\n { type: DelegatedActions[number] }\n>;\n\n/**\n * Create a child messenger scoped to a restricted-method permission\n * specification, delegating only the spec's declared actions from the root\n * messenger. This produces a minimally-scoped messenger whose action surface\n * matches exactly what the spec has declared it needs.\n *\n * Returns `undefined` when `actionNames` is omitted — there is nothing to\n * scope, and the builder can be invoked without a messenger.\n *\n * @param args - The arguments.\n * @param args.rootMessenger - The root messenger to delegate actions from.\n * @param args.namespace - The namespace for the scoped child messenger,\n * typically the spec's `targetName`.\n * @param args.actionNames - The action types the specification requires,\n * typically the spec's declared `actionNames`. Must be a non-empty tuple of\n * action types that exist on the root messenger.\n * @returns A scoped child messenger with the requested actions delegated, or\n * `undefined` if no actions were requested.\n */\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends readonly [\n MessengerActions<RootMessenger>['type'],\n ...MessengerActions<RootMessenger>['type'][],\n ],\n>(args: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames: DelegatedActions;\n}): Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n>;\n\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n>(args: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames?: undefined;\n}): undefined;\n\nexport function createRestrictedMethodMessenger<\n Namespace extends string,\n RootMessenger extends Messenger<string, ActionConstraint, EventConstraint>,\n DelegatedActions extends [\n MessengerActions<RootMessenger>['type'],\n ...MessengerActions<RootMessenger>['type'][],\n ],\n>({\n rootMessenger,\n namespace,\n actionNames,\n}: {\n rootMessenger: RootMessenger;\n namespace: Namespace;\n actionNames?: DelegatedActions;\n}):\n | Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n >\n | undefined {\n if (!actionNames?.length) {\n return undefined;\n }\n\n const restrictedMethodMessenger = new Messenger<\n Namespace,\n SelectedActions<RootMessenger, DelegatedActions>,\n never,\n RootMessenger\n >({\n namespace,\n parent: rootMessenger,\n });\n\n rootMessenger.delegate({\n actions: actionNames,\n messenger: restrictedMethodMessenger,\n });\n\n return restrictedMethodMessenger;\n}\n"]}