@metamask-previews/permission-controller 13.0.0-preview-53e60e1a5 → 13.0.0-preview-4e0ae1bc9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [Unreleased]
9
9
 
10
+ ### Added
11
+
12
+ - Expose missing public `PermissionController` methods through its messenger ([#8675](https://github.com/MetaMask/core/pull/8675))
13
+ - The following actions are now available:
14
+ - `PermissionController:acceptPermissionsRequest`,
15
+ - `PermissionController:rejectPermissionsRequest`,
16
+ - `PermissionController:revokePermission`,
17
+ - `PermissionController:updatePermissionsByCaveat`,
18
+ - `PermissionController:getPermission`
19
+ - Corresponding action types are available as well.
20
+
10
21
  ## [13.0.0]
11
22
 
12
23
  ### Added
@@ -1 +1 @@
1
- {"version":3,"file":"PermissionController-method-action-types.cjs","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":";AAAA;;;GAGG","sourcesContent":["/**\n * This file is auto generated.\n * Do not edit manually.\n */\n\nimport type { PermissionController } from './PermissionController';\n\n/**\n * Checks whether the given method was declared as unrestricted at\n * construction time. Methods unknown to the controller return `false` and\n * would be treated as restricted by callers such as the permission\n * middleware.\n *\n * @param method - The name of the method to check.\n * @returns Whether the method is unrestricted.\n */\nexport type PermissionControllerHasUnrestrictedMethodAction = {\n type: `PermissionController:hasUnrestrictedMethod`;\n handler: PermissionController['hasUnrestrictedMethod'];\n};\n\n/**\n * Clears the state of the controller.\n */\nexport type PermissionControllerClearStateAction = {\n type: `PermissionController:clearState`;\n handler: PermissionController['clearState'];\n};\n\n/**\n * Gets a list of all origins of subjects.\n *\n * @returns The origins (i.e. IDs) of all subjects.\n */\nexport type PermissionControllerGetSubjectNamesAction = {\n type: `PermissionController:getSubjectNames`;\n handler: PermissionController['getSubjectNames'];\n};\n\n/**\n * Gets all permissions for the specified subject, if any.\n *\n * @param origin - The origin of the subject.\n * @returns The permissions of the subject, if any.\n */\nexport type PermissionControllerGetPermissionsAction = {\n type: `PermissionController:getPermissions`;\n handler: PermissionController['getPermissions'];\n};\n\n/**\n * Checks whether the subject with the specified origin has the specified\n * permission.\n *\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @returns Whether the subject has the permission.\n */\nexport type PermissionControllerHasPermissionAction = {\n type: `PermissionController:hasPermission`;\n handler: PermissionController['hasPermission'];\n};\n\n/**\n * Checks whether the subject with the specified origin has any permissions.\n * Use this if you want to know if a subject \"exists\".\n *\n * @param origin - The origin of the subject to check.\n * @returns Whether the subject has any permissions.\n */\nexport type PermissionControllerHasPermissionsAction = {\n type: `PermissionController:hasPermissions`;\n handler: PermissionController['hasPermissions'];\n};\n\n/**\n * Revokes all permissions from the specified origin.\n *\n * Throws an error if the origin has no permissions.\n *\n * @param origin - The origin whose permissions to revoke.\n */\nexport type PermissionControllerRevokeAllPermissionsAction = {\n type: `PermissionController:revokeAllPermissions`;\n handler: PermissionController['revokeAllPermissions'];\n};\n\n/**\n * Revokes the specified permissions from the specified subjects.\n *\n * Throws an error if any of the subjects or permissions do not exist.\n *\n * @param subjectsAndPermissions - An object mapping subject origins\n * to arrays of permission target names to revoke.\n */\nexport type PermissionControllerRevokePermissionsAction = {\n type: `PermissionController:revokePermissions`;\n handler: PermissionController['revokePermissions'];\n};\n\n/**\n * Revokes all permissions corresponding to the specified target for all subjects.\n * Does nothing if no subjects or no such permission exists.\n *\n * @param target - The name of the target to revoke all permissions for.\n */\nexport type PermissionControllerRevokePermissionForAllSubjectsAction = {\n type: `PermissionController:revokePermissionForAllSubjects`;\n handler: PermissionController['revokePermissionForAllSubjects'];\n};\n\n/**\n * Gets the caveat of the specified type, if any, for the permission of\n * the subject corresponding to the given origin.\n *\n * Throws an error if the subject does not have a permission with the\n * specified target name.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to get.\n * @returns The caveat, or `undefined` if no such caveat exists.\n */\nexport type PermissionControllerGetCaveatAction = {\n type: `PermissionController:getCaveat`;\n handler: PermissionController['getCaveat'];\n};\n\n/**\n * Updates the value of the caveat of the specified type belonging to the\n * permission corresponding to the given subject origin and permission\n * target.\n *\n * For adding new caveats, use\n * {@link PermissionController.addCaveat}.\n *\n * Throws an error if no such permission or caveat exists.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to update.\n * @param caveatValue - The new value of the caveat.\n */\nexport type PermissionControllerUpdateCaveatAction = {\n type: `PermissionController:updateCaveat`;\n handler: PermissionController['updateCaveat'];\n};\n\n/**\n * Grants _approved_ permissions to the specified subject. Every permission and\n * caveat is stringently validated—including by calling their specification\n * validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissions} For initiating a\n * permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsAction = {\n type: `PermissionController:grantPermissions`;\n handler: PermissionController['grantPermissions'];\n};\n\n/**\n * Incrementally grants _approved_ permissions to the specified subject. Every\n * permission and caveat is stringently validated—including by calling their\n * specification validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissionsIncremental} For initiating\n * an incremental permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsIncrementalAction = {\n type: `PermissionController:grantPermissionsIncremental`;\n handler: PermissionController['grantPermissionsIncremental'];\n};\n\n/**\n * Initiates a permission request that requires user approval.\n *\n * Either this or {@link PermissionController.requestPermissionsIncremental}\n * should always be used to grant additional permissions to a subject,\n * unless user approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions. Defaults to `true`.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsAction = {\n type: `PermissionController:requestPermissions`;\n handler: PermissionController['requestPermissions'];\n};\n\n/**\n * Initiates an incremental permission request that prompts for user approval.\n * Incremental permission requests allow the caller to replace existing and/or\n * add brand new permissions and caveats for the specified subject.\n *\n * Incremental permission request are merged with the subject's existing permissions\n * through a right-biased union, where the incremental permission are the right-hand\n * side of the merger. If both sides of the merger specify the same caveats for a\n * given permission, the caveats are merged using their specification's caveat value\n * merger property.\n *\n * Either this or {@link PermissionController.requestPermissions} should\n * always be used to grant additional permissions to a subject, unless user\n * approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsIncrementalAction = {\n type: `PermissionController:requestPermissionsIncremental`;\n handler: PermissionController['requestPermissionsIncremental'];\n};\n\n/**\n * Gets the subject's endowments per the specified endowment permission.\n * Throws if the subject does not have the required permission or if the\n * permission is not an endowment permission.\n *\n * @param origin - The origin of the subject whose endowments to retrieve.\n * @param targetName - The name of the endowment permission. This must be a\n * valid permission target name.\n * @param requestData - Additional data associated with the request, if any.\n * Forwarded to the endowment getter function for the permission.\n * @returns The endowments, if any.\n */\nexport type PermissionControllerGetEndowmentsAction = {\n type: `PermissionController:getEndowments`;\n handler: PermissionController['getEndowments'];\n};\n\n/**\n * Executes a restricted method as the subject with the given origin.\n * The specified params, if any, will be passed to the method implementation.\n *\n * ATTN: Great caution should be exercised in the use of this method.\n * Methods that cause side effects or affect application state should\n * be avoided.\n *\n * This method will first attempt to retrieve the requested restricted method\n * implementation, throwing if it does not exist. The method will then be\n * invoked as though the subject with the specified origin had invoked it with\n * the specified parameters. This means that any existing caveats will be\n * applied to the restricted method, and this method will throw if the\n * restricted method or its caveat decorators throw.\n *\n * In addition, this method will throw if the subject does not have a\n * permission for the specified restricted method.\n *\n * @param origin - The origin of the subject to execute the method on behalf\n * of.\n * @param targetName - The name of the method to execute. This must be a valid\n * permission target name.\n * @param params - The parameters to pass to the method implementation.\n * @returns The result of the executed method.\n */\nexport type PermissionControllerExecuteRestrictedMethodAction = {\n type: `PermissionController:executeRestrictedMethod`;\n handler: PermissionController['executeRestrictedMethod'];\n};\n\n/**\n * Union of all PermissionController action types.\n */\nexport type PermissionControllerMethodActions =\n | PermissionControllerHasUnrestrictedMethodAction\n | PermissionControllerClearStateAction\n | PermissionControllerGetSubjectNamesAction\n | PermissionControllerGetPermissionsAction\n | PermissionControllerHasPermissionAction\n | PermissionControllerHasPermissionsAction\n | PermissionControllerRevokeAllPermissionsAction\n | PermissionControllerRevokePermissionsAction\n | PermissionControllerRevokePermissionForAllSubjectsAction\n | PermissionControllerGetCaveatAction\n | PermissionControllerUpdateCaveatAction\n | PermissionControllerGrantPermissionsAction\n | PermissionControllerGrantPermissionsIncrementalAction\n | PermissionControllerRequestPermissionsAction\n | PermissionControllerRequestPermissionsIncrementalAction\n | PermissionControllerGetEndowmentsAction\n | PermissionControllerExecuteRestrictedMethodAction;\n"]}
1
+ {"version":3,"file":"PermissionController-method-action-types.cjs","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":";AAAA;;;GAGG","sourcesContent":["/**\n * This file is auto generated.\n * Do not edit manually.\n */\n\nimport type { PermissionController } from './PermissionController';\n\n/**\n * Checks whether the given method was declared as unrestricted at\n * construction time. Methods unknown to the controller return `false` and\n * would be treated as restricted by callers such as the permission\n * middleware.\n *\n * @param method - The name of the method to check.\n * @returns Whether the method is unrestricted.\n */\nexport type PermissionControllerHasUnrestrictedMethodAction = {\n type: `PermissionController:hasUnrestrictedMethod`;\n handler: PermissionController['hasUnrestrictedMethod'];\n};\n\n/**\n * Clears the state of the controller.\n */\nexport type PermissionControllerClearStateAction = {\n type: `PermissionController:clearState`;\n handler: PermissionController['clearState'];\n};\n\n/**\n * Gets a list of all origins of subjects.\n *\n * @returns The origins (i.e. IDs) of all subjects.\n */\nexport type PermissionControllerGetSubjectNamesAction = {\n type: `PermissionController:getSubjectNames`;\n handler: PermissionController['getSubjectNames'];\n};\n\n/**\n * Gets the permission for the specified target of the subject corresponding\n * to the specified origin.\n *\n * @param origin - The origin of the subject.\n * @param targetName - The method name as invoked by a third party (i.e., not\n * a method key).\n * @returns The permission if it exists, or undefined otherwise.\n */\nexport type PermissionControllerGetPermissionAction = {\n type: `PermissionController:getPermission`;\n handler: PermissionController['getPermission'];\n};\n\n/**\n * Gets all permissions for the specified subject, if any.\n *\n * @param origin - The origin of the subject.\n * @returns The permissions of the subject, if any.\n */\nexport type PermissionControllerGetPermissionsAction = {\n type: `PermissionController:getPermissions`;\n handler: PermissionController['getPermissions'];\n};\n\n/**\n * Checks whether the subject with the specified origin has the specified\n * permission.\n *\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @returns Whether the subject has the permission.\n */\nexport type PermissionControllerHasPermissionAction = {\n type: `PermissionController:hasPermission`;\n handler: PermissionController['hasPermission'];\n};\n\n/**\n * Checks whether the subject with the specified origin has any permissions.\n * Use this if you want to know if a subject \"exists\".\n *\n * @param origin - The origin of the subject to check.\n * @returns Whether the subject has any permissions.\n */\nexport type PermissionControllerHasPermissionsAction = {\n type: `PermissionController:hasPermissions`;\n handler: PermissionController['hasPermissions'];\n};\n\n/**\n * Revokes all permissions from the specified origin.\n *\n * Throws an error if the origin has no permissions.\n *\n * @param origin - The origin whose permissions to revoke.\n */\nexport type PermissionControllerRevokeAllPermissionsAction = {\n type: `PermissionController:revokeAllPermissions`;\n handler: PermissionController['revokeAllPermissions'];\n};\n\n/**\n * Revokes the specified permission from the subject with the specified\n * origin.\n *\n * Throws an error if the subject or the permission does not exist.\n *\n * @param origin - The origin of the subject whose permission to revoke.\n * @param target - The target name of the permission to revoke.\n */\nexport type PermissionControllerRevokePermissionAction = {\n type: `PermissionController:revokePermission`;\n handler: PermissionController['revokePermission'];\n};\n\n/**\n * Revokes the specified permissions from the specified subjects.\n *\n * Throws an error if any of the subjects or permissions do not exist.\n *\n * @param subjectsAndPermissions - An object mapping subject origins\n * to arrays of permission target names to revoke.\n */\nexport type PermissionControllerRevokePermissionsAction = {\n type: `PermissionController:revokePermissions`;\n handler: PermissionController['revokePermissions'];\n};\n\n/**\n * Revokes all permissions corresponding to the specified target for all subjects.\n * Does nothing if no subjects or no such permission exists.\n *\n * @param target - The name of the target to revoke all permissions for.\n */\nexport type PermissionControllerRevokePermissionForAllSubjectsAction = {\n type: `PermissionController:revokePermissionForAllSubjects`;\n handler: PermissionController['revokePermissionForAllSubjects'];\n};\n\n/**\n * Gets the caveat of the specified type, if any, for the permission of\n * the subject corresponding to the given origin.\n *\n * Throws an error if the subject does not have a permission with the\n * specified target name.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to get.\n * @returns The caveat, or `undefined` if no such caveat exists.\n */\nexport type PermissionControllerGetCaveatAction = {\n type: `PermissionController:getCaveat`;\n handler: PermissionController['getCaveat'];\n};\n\n/**\n * Updates the value of the caveat of the specified type belonging to the\n * permission corresponding to the given subject origin and permission\n * target.\n *\n * For adding new caveats, use\n * {@link PermissionController.addCaveat}.\n *\n * Throws an error if no such permission or caveat exists.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to update.\n * @param caveatValue - The new value of the caveat.\n */\nexport type PermissionControllerUpdateCaveatAction = {\n type: `PermissionController:updateCaveat`;\n handler: PermissionController['updateCaveat'];\n};\n\n/**\n * Updates all caveats with the specified type for all subjects and\n * permissions by applying the specified mutator function to them.\n *\n * ATTN: Permissions can be revoked entirely by the action of this method,\n * read on for details.\n *\n * Caveat mutators are functions that receive a caveat value and return a\n * tuple consisting of a {@link CaveatMutatorOperation} and, optionally, a new\n * value to update the existing caveat with.\n *\n * For each caveat, depending on the mutator result, this method will:\n * - Do nothing ({@link CaveatMutatorOperation.Noop})\n * - Update the value of the caveat ({@link CaveatMutatorOperation.UpdateValue}). The caveat specification validator, if any, will be called after updating the value.\n * - Delete the caveat ({@link CaveatMutatorOperation.DeleteCaveat}). The permission specification validator, if any, will be called after deleting the caveat.\n * - Revoke the parent permission ({@link CaveatMutatorOperation.RevokePermission})\n *\n * This method throws if the validation of any caveat or permission fails.\n *\n * @param targetCaveatType - The type of the caveats to update.\n * @param mutator - The mutator function which will be applied to all caveat\n * values.\n */\nexport type PermissionControllerUpdatePermissionsByCaveatAction = {\n type: `PermissionController:updatePermissionsByCaveat`;\n handler: PermissionController['updatePermissionsByCaveat'];\n};\n\n/**\n * Grants _approved_ permissions to the specified subject. Every permission and\n * caveat is stringently validated—including by calling their specification\n * validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissions} For initiating a\n * permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsAction = {\n type: `PermissionController:grantPermissions`;\n handler: PermissionController['grantPermissions'];\n};\n\n/**\n * Incrementally grants _approved_ permissions to the specified subject. Every\n * permission and caveat is stringently validated—including by calling their\n * specification validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissionsIncremental} For initiating\n * an incremental permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsIncrementalAction = {\n type: `PermissionController:grantPermissionsIncremental`;\n handler: PermissionController['grantPermissionsIncremental'];\n};\n\n/**\n * Initiates a permission request that requires user approval.\n *\n * Either this or {@link PermissionController.requestPermissionsIncremental}\n * should always be used to grant additional permissions to a subject,\n * unless user approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions. Defaults to `true`.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsAction = {\n type: `PermissionController:requestPermissions`;\n handler: PermissionController['requestPermissions'];\n};\n\n/**\n * Initiates an incremental permission request that prompts for user approval.\n * Incremental permission requests allow the caller to replace existing and/or\n * add brand new permissions and caveats for the specified subject.\n *\n * Incremental permission request are merged with the subject's existing permissions\n * through a right-biased union, where the incremental permission are the right-hand\n * side of the merger. If both sides of the merger specify the same caveats for a\n * given permission, the caveats are merged using their specification's caveat value\n * merger property.\n *\n * Either this or {@link PermissionController.requestPermissions} should\n * always be used to grant additional permissions to a subject, unless user\n * approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsIncrementalAction = {\n type: `PermissionController:requestPermissionsIncremental`;\n handler: PermissionController['requestPermissionsIncremental'];\n};\n\n/**\n * Accepts a permissions request created by\n * {@link PermissionController.requestPermissions}.\n *\n * @param request - The permissions request.\n */\nexport type PermissionControllerAcceptPermissionsRequestAction = {\n type: `PermissionController:acceptPermissionsRequest`;\n handler: PermissionController['acceptPermissionsRequest'];\n};\n\n/**\n * Rejects a permissions request created by\n * {@link PermissionController.requestPermissions}.\n *\n * @param id - The id of the request to be rejected.\n */\nexport type PermissionControllerRejectPermissionsRequestAction = {\n type: `PermissionController:rejectPermissionsRequest`;\n handler: PermissionController['rejectPermissionsRequest'];\n};\n\n/**\n * Gets the subject's endowments per the specified endowment permission.\n * Throws if the subject does not have the required permission or if the\n * permission is not an endowment permission.\n *\n * @param origin - The origin of the subject whose endowments to retrieve.\n * @param targetName - The name of the endowment permission. This must be a\n * valid permission target name.\n * @param requestData - Additional data associated with the request, if any.\n * Forwarded to the endowment getter function for the permission.\n * @returns The endowments, if any.\n */\nexport type PermissionControllerGetEndowmentsAction = {\n type: `PermissionController:getEndowments`;\n handler: PermissionController['getEndowments'];\n};\n\n/**\n * Executes a restricted method as the subject with the given origin.\n * The specified params, if any, will be passed to the method implementation.\n *\n * ATTN: Great caution should be exercised in the use of this method.\n * Methods that cause side effects or affect application state should\n * be avoided.\n *\n * This method will first attempt to retrieve the requested restricted method\n * implementation, throwing if it does not exist. The method will then be\n * invoked as though the subject with the specified origin had invoked it with\n * the specified parameters. This means that any existing caveats will be\n * applied to the restricted method, and this method will throw if the\n * restricted method or its caveat decorators throw.\n *\n * In addition, this method will throw if the subject does not have a\n * permission for the specified restricted method.\n *\n * @param origin - The origin of the subject to execute the method on behalf\n * of.\n * @param targetName - The name of the method to execute. This must be a valid\n * permission target name.\n * @param params - The parameters to pass to the method implementation.\n * @returns The result of the executed method.\n */\nexport type PermissionControllerExecuteRestrictedMethodAction = {\n type: `PermissionController:executeRestrictedMethod`;\n handler: PermissionController['executeRestrictedMethod'];\n};\n\n/**\n * Union of all PermissionController action types.\n */\nexport type PermissionControllerMethodActions =\n | PermissionControllerHasUnrestrictedMethodAction\n | PermissionControllerClearStateAction\n | PermissionControllerGetSubjectNamesAction\n | PermissionControllerGetPermissionAction\n | PermissionControllerGetPermissionsAction\n | PermissionControllerHasPermissionAction\n | PermissionControllerHasPermissionsAction\n | PermissionControllerRevokeAllPermissionsAction\n | PermissionControllerRevokePermissionAction\n | PermissionControllerRevokePermissionsAction\n | PermissionControllerRevokePermissionForAllSubjectsAction\n | PermissionControllerGetCaveatAction\n | PermissionControllerUpdateCaveatAction\n | PermissionControllerUpdatePermissionsByCaveatAction\n | PermissionControllerGrantPermissionsAction\n | PermissionControllerGrantPermissionsIncrementalAction\n | PermissionControllerRequestPermissionsAction\n | PermissionControllerRequestPermissionsIncrementalAction\n | PermissionControllerAcceptPermissionsRequestAction\n | PermissionControllerRejectPermissionsRequestAction\n | PermissionControllerGetEndowmentsAction\n | PermissionControllerExecuteRestrictedMethodAction;\n"]}
@@ -32,6 +32,19 @@ export type PermissionControllerGetSubjectNamesAction = {
32
32
  type: `PermissionController:getSubjectNames`;
33
33
  handler: PermissionController['getSubjectNames'];
34
34
  };
35
+ /**
36
+ * Gets the permission for the specified target of the subject corresponding
37
+ * to the specified origin.
38
+ *
39
+ * @param origin - The origin of the subject.
40
+ * @param targetName - The method name as invoked by a third party (i.e., not
41
+ * a method key).
42
+ * @returns The permission if it exists, or undefined otherwise.
43
+ */
44
+ export type PermissionControllerGetPermissionAction = {
45
+ type: `PermissionController:getPermission`;
46
+ handler: PermissionController['getPermission'];
47
+ };
35
48
  /**
36
49
  * Gets all permissions for the specified subject, if any.
37
50
  *
@@ -76,6 +89,19 @@ export type PermissionControllerRevokeAllPermissionsAction = {
76
89
  type: `PermissionController:revokeAllPermissions`;
77
90
  handler: PermissionController['revokeAllPermissions'];
78
91
  };
92
+ /**
93
+ * Revokes the specified permission from the subject with the specified
94
+ * origin.
95
+ *
96
+ * Throws an error if the subject or the permission does not exist.
97
+ *
98
+ * @param origin - The origin of the subject whose permission to revoke.
99
+ * @param target - The target name of the permission to revoke.
100
+ */
101
+ export type PermissionControllerRevokePermissionAction = {
102
+ type: `PermissionController:revokePermission`;
103
+ handler: PermissionController['revokePermission'];
104
+ };
79
105
  /**
80
106
  * Revokes the specified permissions from the specified subjects.
81
107
  *
@@ -139,6 +165,33 @@ export type PermissionControllerUpdateCaveatAction = {
139
165
  type: `PermissionController:updateCaveat`;
140
166
  handler: PermissionController['updateCaveat'];
141
167
  };
168
+ /**
169
+ * Updates all caveats with the specified type for all subjects and
170
+ * permissions by applying the specified mutator function to them.
171
+ *
172
+ * ATTN: Permissions can be revoked entirely by the action of this method,
173
+ * read on for details.
174
+ *
175
+ * Caveat mutators are functions that receive a caveat value and return a
176
+ * tuple consisting of a {@link CaveatMutatorOperation} and, optionally, a new
177
+ * value to update the existing caveat with.
178
+ *
179
+ * For each caveat, depending on the mutator result, this method will:
180
+ * - Do nothing ({@link CaveatMutatorOperation.Noop})
181
+ * - Update the value of the caveat ({@link CaveatMutatorOperation.UpdateValue}). The caveat specification validator, if any, will be called after updating the value.
182
+ * - Delete the caveat ({@link CaveatMutatorOperation.DeleteCaveat}). The permission specification validator, if any, will be called after deleting the caveat.
183
+ * - Revoke the parent permission ({@link CaveatMutatorOperation.RevokePermission})
184
+ *
185
+ * This method throws if the validation of any caveat or permission fails.
186
+ *
187
+ * @param targetCaveatType - The type of the caveats to update.
188
+ * @param mutator - The mutator function which will be applied to all caveat
189
+ * values.
190
+ */
191
+ export type PermissionControllerUpdatePermissionsByCaveatAction = {
192
+ type: `PermissionController:updatePermissionsByCaveat`;
193
+ handler: PermissionController['updatePermissionsByCaveat'];
194
+ };
142
195
  /**
143
196
  * Grants _approved_ permissions to the specified subject. Every permission and
144
197
  * caveat is stringently validated—including by calling their specification
@@ -249,6 +302,26 @@ export type PermissionControllerRequestPermissionsIncrementalAction = {
249
302
  type: `PermissionController:requestPermissionsIncremental`;
250
303
  handler: PermissionController['requestPermissionsIncremental'];
251
304
  };
305
+ /**
306
+ * Accepts a permissions request created by
307
+ * {@link PermissionController.requestPermissions}.
308
+ *
309
+ * @param request - The permissions request.
310
+ */
311
+ export type PermissionControllerAcceptPermissionsRequestAction = {
312
+ type: `PermissionController:acceptPermissionsRequest`;
313
+ handler: PermissionController['acceptPermissionsRequest'];
314
+ };
315
+ /**
316
+ * Rejects a permissions request created by
317
+ * {@link PermissionController.requestPermissions}.
318
+ *
319
+ * @param id - The id of the request to be rejected.
320
+ */
321
+ export type PermissionControllerRejectPermissionsRequestAction = {
322
+ type: `PermissionController:rejectPermissionsRequest`;
323
+ handler: PermissionController['rejectPermissionsRequest'];
324
+ };
252
325
  /**
253
326
  * Gets the subject's endowments per the specified endowment permission.
254
327
  * Throws if the subject does not have the required permission or if the
@@ -297,5 +370,5 @@ export type PermissionControllerExecuteRestrictedMethodAction = {
297
370
  /**
298
371
  * Union of all PermissionController action types.
299
372
  */
300
- export type PermissionControllerMethodActions = PermissionControllerHasUnrestrictedMethodAction | PermissionControllerClearStateAction | PermissionControllerGetSubjectNamesAction | PermissionControllerGetPermissionsAction | PermissionControllerHasPermissionAction | PermissionControllerHasPermissionsAction | PermissionControllerRevokeAllPermissionsAction | PermissionControllerRevokePermissionsAction | PermissionControllerRevokePermissionForAllSubjectsAction | PermissionControllerGetCaveatAction | PermissionControllerUpdateCaveatAction | PermissionControllerGrantPermissionsAction | PermissionControllerGrantPermissionsIncrementalAction | PermissionControllerRequestPermissionsAction | PermissionControllerRequestPermissionsIncrementalAction | PermissionControllerGetEndowmentsAction | PermissionControllerExecuteRestrictedMethodAction;
373
+ export type PermissionControllerMethodActions = PermissionControllerHasUnrestrictedMethodAction | PermissionControllerClearStateAction | PermissionControllerGetSubjectNamesAction | PermissionControllerGetPermissionAction | PermissionControllerGetPermissionsAction | PermissionControllerHasPermissionAction | PermissionControllerHasPermissionsAction | PermissionControllerRevokeAllPermissionsAction | PermissionControllerRevokePermissionAction | PermissionControllerRevokePermissionsAction | PermissionControllerRevokePermissionForAllSubjectsAction | PermissionControllerGetCaveatAction | PermissionControllerUpdateCaveatAction | PermissionControllerUpdatePermissionsByCaveatAction | PermissionControllerGrantPermissionsAction | PermissionControllerGrantPermissionsIncrementalAction | PermissionControllerRequestPermissionsAction | PermissionControllerRequestPermissionsIncrementalAction | PermissionControllerAcceptPermissionsRequestAction | PermissionControllerRejectPermissionsRequestAction | PermissionControllerGetEndowmentsAction | PermissionControllerExecuteRestrictedMethodAction;
301
374
  //# sourceMappingURL=PermissionController-method-action-types.d.cts.map
@@ -1 +1 @@
1
- {"version":3,"file":"PermissionController-method-action-types.d.cts","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,mCAA+B;AAEnE;;;;;;;;GAQG;AACH,MAAM,MAAM,+CAA+C,GAAG;IAC5D,IAAI,EAAE,4CAA4C,CAAC;IACnD,OAAO,EAAE,oBAAoB,CAAC,uBAAuB,CAAC,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,IAAI,EAAE,iCAAiC,CAAC;IACxC,OAAO,EAAE,oBAAoB,CAAC,YAAY,CAAC,CAAC;CAC7C,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,yCAAyC,GAAG;IACtD,IAAI,EAAE,sCAAsC,CAAC;IAC7C,OAAO,EAAE,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;CAClD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,IAAI,EAAE,2CAA2C,CAAC;IAClD,OAAO,EAAE,oBAAoB,CAAC,sBAAsB,CAAC,CAAC;CACvD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,2CAA2C,GAAG;IACxD,IAAI,EAAE,wCAAwC,CAAC;IAC/C,OAAO,EAAE,oBAAoB,CAAC,mBAAmB,CAAC,CAAC;CACpD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,qDAAqD,CAAC;IAC5D,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,CAAC,CAAC;CACjE,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,mCAAmC,GAAG;IAChD,IAAI,EAAE,gCAAgC,CAAC;IACvC,OAAO,EAAE,oBAAoB,CAAC,WAAW,CAAC,CAAC;CAC5C,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,sCAAsC,GAAG;IACnD,IAAI,EAAE,mCAAmC,CAAC;IAC1C,OAAO,EAAE,oBAAoB,CAAC,cAAc,CAAC,CAAC;CAC/C,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,kDAAkD,CAAC;IACzD,OAAO,EAAE,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;CAC9D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,4CAA4C,GAAG;IACzD,IAAI,EAAE,yCAAyC,CAAC;IAChD,OAAO,EAAE,oBAAoB,CAAC,oBAAoB,CAAC,CAAC;CACrD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,oDAAoD,CAAC;IAC3D,OAAO,EAAE,oBAAoB,CAAC,+BAA+B,CAAC,CAAC;CAChE,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,iDAAiD,GAAG;IAC9D,IAAI,EAAE,8CAA8C,CAAC;IACrD,OAAO,EAAE,oBAAoB,CAAC,yBAAyB,CAAC,CAAC;CAC1D,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iCAAiC,GACzC,+CAA+C,GAC/C,oCAAoC,GACpC,yCAAyC,GACzC,wCAAwC,GACxC,uCAAuC,GACvC,wCAAwC,GACxC,8CAA8C,GAC9C,2CAA2C,GAC3C,wDAAwD,GACxD,mCAAmC,GACnC,sCAAsC,GACtC,0CAA0C,GAC1C,qDAAqD,GACrD,4CAA4C,GAC5C,uDAAuD,GACvD,uCAAuC,GACvC,iDAAiD,CAAC"}
1
+ {"version":3,"file":"PermissionController-method-action-types.d.cts","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,mCAA+B;AAEnE;;;;;;;;GAQG;AACH,MAAM,MAAM,+CAA+C,GAAG;IAC5D,IAAI,EAAE,4CAA4C,CAAC;IACnD,OAAO,EAAE,oBAAoB,CAAC,uBAAuB,CAAC,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,IAAI,EAAE,iCAAiC,CAAC;IACxC,OAAO,EAAE,oBAAoB,CAAC,YAAY,CAAC,CAAC;CAC7C,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,yCAAyC,GAAG;IACtD,IAAI,EAAE,sCAAsC,CAAC;IAC7C,OAAO,EAAE,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;CAClD,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,IAAI,EAAE,2CAA2C,CAAC;IAClD,OAAO,EAAE,oBAAoB,CAAC,sBAAsB,CAAC,CAAC;CACvD,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,2CAA2C,GAAG;IACxD,IAAI,EAAE,wCAAwC,CAAC;IAC/C,OAAO,EAAE,oBAAoB,CAAC,mBAAmB,CAAC,CAAC;CACpD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,qDAAqD,CAAC;IAC5D,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,CAAC,CAAC;CACjE,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,mCAAmC,GAAG;IAChD,IAAI,EAAE,gCAAgC,CAAC;IACvC,OAAO,EAAE,oBAAoB,CAAC,WAAW,CAAC,CAAC;CAC5C,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,sCAAsC,GAAG;IACnD,IAAI,EAAE,mCAAmC,CAAC;IAC1C,OAAO,EAAE,oBAAoB,CAAC,cAAc,CAAC,CAAC;CAC/C,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,MAAM,mDAAmD,GAAG;IAChE,IAAI,EAAE,gDAAgD,CAAC;IACvD,OAAO,EAAE,oBAAoB,CAAC,2BAA2B,CAAC,CAAC;CAC5D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,kDAAkD,CAAC;IACzD,OAAO,EAAE,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;CAC9D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,4CAA4C,GAAG;IACzD,IAAI,EAAE,yCAAyC,CAAC;IAChD,OAAO,EAAE,oBAAoB,CAAC,oBAAoB,CAAC,CAAC;CACrD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,oDAAoD,CAAC;IAC3D,OAAO,EAAE,oBAAoB,CAAC,+BAA+B,CAAC,CAAC;CAChE,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,kDAAkD,GAAG;IAC/D,IAAI,EAAE,+CAA+C,CAAC;IACtD,OAAO,EAAE,oBAAoB,CAAC,0BAA0B,CAAC,CAAC;CAC3D,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,kDAAkD,GAAG;IAC/D,IAAI,EAAE,+CAA+C,CAAC;IACtD,OAAO,EAAE,oBAAoB,CAAC,0BAA0B,CAAC,CAAC;CAC3D,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,iDAAiD,GAAG;IAC9D,IAAI,EAAE,8CAA8C,CAAC;IACrD,OAAO,EAAE,oBAAoB,CAAC,yBAAyB,CAAC,CAAC;CAC1D,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iCAAiC,GACzC,+CAA+C,GAC/C,oCAAoC,GACpC,yCAAyC,GACzC,uCAAuC,GACvC,wCAAwC,GACxC,uCAAuC,GACvC,wCAAwC,GACxC,8CAA8C,GAC9C,0CAA0C,GAC1C,2CAA2C,GAC3C,wDAAwD,GACxD,mCAAmC,GACnC,sCAAsC,GACtC,mDAAmD,GACnD,0CAA0C,GAC1C,qDAAqD,GACrD,4CAA4C,GAC5C,uDAAuD,GACvD,kDAAkD,GAClD,kDAAkD,GAClD,uCAAuC,GACvC,iDAAiD,CAAC"}
@@ -32,6 +32,19 @@ export type PermissionControllerGetSubjectNamesAction = {
32
32
  type: `PermissionController:getSubjectNames`;
33
33
  handler: PermissionController['getSubjectNames'];
34
34
  };
35
+ /**
36
+ * Gets the permission for the specified target of the subject corresponding
37
+ * to the specified origin.
38
+ *
39
+ * @param origin - The origin of the subject.
40
+ * @param targetName - The method name as invoked by a third party (i.e., not
41
+ * a method key).
42
+ * @returns The permission if it exists, or undefined otherwise.
43
+ */
44
+ export type PermissionControllerGetPermissionAction = {
45
+ type: `PermissionController:getPermission`;
46
+ handler: PermissionController['getPermission'];
47
+ };
35
48
  /**
36
49
  * Gets all permissions for the specified subject, if any.
37
50
  *
@@ -76,6 +89,19 @@ export type PermissionControllerRevokeAllPermissionsAction = {
76
89
  type: `PermissionController:revokeAllPermissions`;
77
90
  handler: PermissionController['revokeAllPermissions'];
78
91
  };
92
+ /**
93
+ * Revokes the specified permission from the subject with the specified
94
+ * origin.
95
+ *
96
+ * Throws an error if the subject or the permission does not exist.
97
+ *
98
+ * @param origin - The origin of the subject whose permission to revoke.
99
+ * @param target - The target name of the permission to revoke.
100
+ */
101
+ export type PermissionControllerRevokePermissionAction = {
102
+ type: `PermissionController:revokePermission`;
103
+ handler: PermissionController['revokePermission'];
104
+ };
79
105
  /**
80
106
  * Revokes the specified permissions from the specified subjects.
81
107
  *
@@ -139,6 +165,33 @@ export type PermissionControllerUpdateCaveatAction = {
139
165
  type: `PermissionController:updateCaveat`;
140
166
  handler: PermissionController['updateCaveat'];
141
167
  };
168
+ /**
169
+ * Updates all caveats with the specified type for all subjects and
170
+ * permissions by applying the specified mutator function to them.
171
+ *
172
+ * ATTN: Permissions can be revoked entirely by the action of this method,
173
+ * read on for details.
174
+ *
175
+ * Caveat mutators are functions that receive a caveat value and return a
176
+ * tuple consisting of a {@link CaveatMutatorOperation} and, optionally, a new
177
+ * value to update the existing caveat with.
178
+ *
179
+ * For each caveat, depending on the mutator result, this method will:
180
+ * - Do nothing ({@link CaveatMutatorOperation.Noop})
181
+ * - Update the value of the caveat ({@link CaveatMutatorOperation.UpdateValue}). The caveat specification validator, if any, will be called after updating the value.
182
+ * - Delete the caveat ({@link CaveatMutatorOperation.DeleteCaveat}). The permission specification validator, if any, will be called after deleting the caveat.
183
+ * - Revoke the parent permission ({@link CaveatMutatorOperation.RevokePermission})
184
+ *
185
+ * This method throws if the validation of any caveat or permission fails.
186
+ *
187
+ * @param targetCaveatType - The type of the caveats to update.
188
+ * @param mutator - The mutator function which will be applied to all caveat
189
+ * values.
190
+ */
191
+ export type PermissionControllerUpdatePermissionsByCaveatAction = {
192
+ type: `PermissionController:updatePermissionsByCaveat`;
193
+ handler: PermissionController['updatePermissionsByCaveat'];
194
+ };
142
195
  /**
143
196
  * Grants _approved_ permissions to the specified subject. Every permission and
144
197
  * caveat is stringently validated—including by calling their specification
@@ -249,6 +302,26 @@ export type PermissionControllerRequestPermissionsIncrementalAction = {
249
302
  type: `PermissionController:requestPermissionsIncremental`;
250
303
  handler: PermissionController['requestPermissionsIncremental'];
251
304
  };
305
+ /**
306
+ * Accepts a permissions request created by
307
+ * {@link PermissionController.requestPermissions}.
308
+ *
309
+ * @param request - The permissions request.
310
+ */
311
+ export type PermissionControllerAcceptPermissionsRequestAction = {
312
+ type: `PermissionController:acceptPermissionsRequest`;
313
+ handler: PermissionController['acceptPermissionsRequest'];
314
+ };
315
+ /**
316
+ * Rejects a permissions request created by
317
+ * {@link PermissionController.requestPermissions}.
318
+ *
319
+ * @param id - The id of the request to be rejected.
320
+ */
321
+ export type PermissionControllerRejectPermissionsRequestAction = {
322
+ type: `PermissionController:rejectPermissionsRequest`;
323
+ handler: PermissionController['rejectPermissionsRequest'];
324
+ };
252
325
  /**
253
326
  * Gets the subject's endowments per the specified endowment permission.
254
327
  * Throws if the subject does not have the required permission or if the
@@ -297,5 +370,5 @@ export type PermissionControllerExecuteRestrictedMethodAction = {
297
370
  /**
298
371
  * Union of all PermissionController action types.
299
372
  */
300
- export type PermissionControllerMethodActions = PermissionControllerHasUnrestrictedMethodAction | PermissionControllerClearStateAction | PermissionControllerGetSubjectNamesAction | PermissionControllerGetPermissionsAction | PermissionControllerHasPermissionAction | PermissionControllerHasPermissionsAction | PermissionControllerRevokeAllPermissionsAction | PermissionControllerRevokePermissionsAction | PermissionControllerRevokePermissionForAllSubjectsAction | PermissionControllerGetCaveatAction | PermissionControllerUpdateCaveatAction | PermissionControllerGrantPermissionsAction | PermissionControllerGrantPermissionsIncrementalAction | PermissionControllerRequestPermissionsAction | PermissionControllerRequestPermissionsIncrementalAction | PermissionControllerGetEndowmentsAction | PermissionControllerExecuteRestrictedMethodAction;
373
+ export type PermissionControllerMethodActions = PermissionControllerHasUnrestrictedMethodAction | PermissionControllerClearStateAction | PermissionControllerGetSubjectNamesAction | PermissionControllerGetPermissionAction | PermissionControllerGetPermissionsAction | PermissionControllerHasPermissionAction | PermissionControllerHasPermissionsAction | PermissionControllerRevokeAllPermissionsAction | PermissionControllerRevokePermissionAction | PermissionControllerRevokePermissionsAction | PermissionControllerRevokePermissionForAllSubjectsAction | PermissionControllerGetCaveatAction | PermissionControllerUpdateCaveatAction | PermissionControllerUpdatePermissionsByCaveatAction | PermissionControllerGrantPermissionsAction | PermissionControllerGrantPermissionsIncrementalAction | PermissionControllerRequestPermissionsAction | PermissionControllerRequestPermissionsIncrementalAction | PermissionControllerAcceptPermissionsRequestAction | PermissionControllerRejectPermissionsRequestAction | PermissionControllerGetEndowmentsAction | PermissionControllerExecuteRestrictedMethodAction;
301
374
  //# sourceMappingURL=PermissionController-method-action-types.d.mts.map
@@ -1 +1 @@
1
- {"version":3,"file":"PermissionController-method-action-types.d.mts","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,mCAA+B;AAEnE;;;;;;;;GAQG;AACH,MAAM,MAAM,+CAA+C,GAAG;IAC5D,IAAI,EAAE,4CAA4C,CAAC;IACnD,OAAO,EAAE,oBAAoB,CAAC,uBAAuB,CAAC,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,IAAI,EAAE,iCAAiC,CAAC;IACxC,OAAO,EAAE,oBAAoB,CAAC,YAAY,CAAC,CAAC;CAC7C,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,yCAAyC,GAAG;IACtD,IAAI,EAAE,sCAAsC,CAAC;IAC7C,OAAO,EAAE,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;CAClD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,IAAI,EAAE,2CAA2C,CAAC;IAClD,OAAO,EAAE,oBAAoB,CAAC,sBAAsB,CAAC,CAAC;CACvD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,2CAA2C,GAAG;IACxD,IAAI,EAAE,wCAAwC,CAAC;IAC/C,OAAO,EAAE,oBAAoB,CAAC,mBAAmB,CAAC,CAAC;CACpD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,qDAAqD,CAAC;IAC5D,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,CAAC,CAAC;CACjE,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,mCAAmC,GAAG;IAChD,IAAI,EAAE,gCAAgC,CAAC;IACvC,OAAO,EAAE,oBAAoB,CAAC,WAAW,CAAC,CAAC;CAC5C,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,sCAAsC,GAAG;IACnD,IAAI,EAAE,mCAAmC,CAAC;IAC1C,OAAO,EAAE,oBAAoB,CAAC,cAAc,CAAC,CAAC;CAC/C,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,kDAAkD,CAAC;IACzD,OAAO,EAAE,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;CAC9D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,4CAA4C,GAAG;IACzD,IAAI,EAAE,yCAAyC,CAAC;IAChD,OAAO,EAAE,oBAAoB,CAAC,oBAAoB,CAAC,CAAC;CACrD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,oDAAoD,CAAC;IAC3D,OAAO,EAAE,oBAAoB,CAAC,+BAA+B,CAAC,CAAC;CAChE,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,iDAAiD,GAAG;IAC9D,IAAI,EAAE,8CAA8C,CAAC;IACrD,OAAO,EAAE,oBAAoB,CAAC,yBAAyB,CAAC,CAAC;CAC1D,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iCAAiC,GACzC,+CAA+C,GAC/C,oCAAoC,GACpC,yCAAyC,GACzC,wCAAwC,GACxC,uCAAuC,GACvC,wCAAwC,GACxC,8CAA8C,GAC9C,2CAA2C,GAC3C,wDAAwD,GACxD,mCAAmC,GACnC,sCAAsC,GACtC,0CAA0C,GAC1C,qDAAqD,GACrD,4CAA4C,GAC5C,uDAAuD,GACvD,uCAAuC,GACvC,iDAAiD,CAAC"}
1
+ {"version":3,"file":"PermissionController-method-action-types.d.mts","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,mCAA+B;AAEnE;;;;;;;;GAQG;AACH,MAAM,MAAM,+CAA+C,GAAG;IAC5D,IAAI,EAAE,4CAA4C,CAAC;IACnD,OAAO,EAAE,oBAAoB,CAAC,uBAAuB,CAAC,CAAC;CACxD,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,oCAAoC,GAAG;IACjD,IAAI,EAAE,iCAAiC,CAAC;IACxC,OAAO,EAAE,oBAAoB,CAAC,YAAY,CAAC,CAAC;CAC7C,CAAC;AAEF;;;;GAIG;AACH,MAAM,MAAM,yCAAyC,GAAG;IACtD,IAAI,EAAE,sCAAsC,CAAC;IAC7C,OAAO,EAAE,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;CAClD,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,wCAAwC,GAAG;IACrD,IAAI,EAAE,qCAAqC,CAAC;IAC5C,OAAO,EAAE,oBAAoB,CAAC,gBAAgB,CAAC,CAAC;CACjD,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,8CAA8C,GAAG;IAC3D,IAAI,EAAE,2CAA2C,CAAC;IAClD,OAAO,EAAE,oBAAoB,CAAC,sBAAsB,CAAC,CAAC;CACvD,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,MAAM,2CAA2C,GAAG;IACxD,IAAI,EAAE,wCAAwC,CAAC;IAC/C,OAAO,EAAE,oBAAoB,CAAC,mBAAmB,CAAC,CAAC;CACpD,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,wDAAwD,GAAG;IACrE,IAAI,EAAE,qDAAqD,CAAC;IAC5D,OAAO,EAAE,oBAAoB,CAAC,gCAAgC,CAAC,CAAC;CACjE,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,mCAAmC,GAAG;IAChD,IAAI,EAAE,gCAAgC,CAAC;IACvC,OAAO,EAAE,oBAAoB,CAAC,WAAW,CAAC,CAAC;CAC5C,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,sCAAsC,GAAG;IACnD,IAAI,EAAE,mCAAmC,CAAC;IAC1C,OAAO,EAAE,oBAAoB,CAAC,cAAc,CAAC,CAAC;CAC/C,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,MAAM,mDAAmD,GAAG;IAChE,IAAI,EAAE,gDAAgD,CAAC;IACvD,OAAO,EAAE,oBAAoB,CAAC,2BAA2B,CAAC,CAAC;CAC5D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,MAAM,0CAA0C,GAAG;IACvD,IAAI,EAAE,uCAAuC,CAAC;IAC9C,OAAO,EAAE,oBAAoB,CAAC,kBAAkB,CAAC,CAAC;CACnD,CAAC;AAEF;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,MAAM,qDAAqD,GAAG;IAClE,IAAI,EAAE,kDAAkD,CAAC;IACzD,OAAO,EAAE,oBAAoB,CAAC,6BAA6B,CAAC,CAAC;CAC9D,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,4CAA4C,GAAG;IACzD,IAAI,EAAE,yCAAyC,CAAC;IAChD,OAAO,EAAE,oBAAoB,CAAC,oBAAoB,CAAC,CAAC;CACrD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,MAAM,uDAAuD,GAAG;IACpE,IAAI,EAAE,oDAAoD,CAAC;IAC3D,OAAO,EAAE,oBAAoB,CAAC,+BAA+B,CAAC,CAAC;CAChE,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,kDAAkD,GAAG;IAC/D,IAAI,EAAE,+CAA+C,CAAC;IACtD,OAAO,EAAE,oBAAoB,CAAC,0BAA0B,CAAC,CAAC;CAC3D,CAAC;AAEF;;;;;GAKG;AACH,MAAM,MAAM,kDAAkD,GAAG;IAC/D,IAAI,EAAE,+CAA+C,CAAC;IACtD,OAAO,EAAE,oBAAoB,CAAC,0BAA0B,CAAC,CAAC;CAC3D,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,uCAAuC,GAAG;IACpD,IAAI,EAAE,oCAAoC,CAAC;IAC3C,OAAO,EAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;CAChD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,MAAM,iDAAiD,GAAG;IAC9D,IAAI,EAAE,8CAA8C,CAAC;IACrD,OAAO,EAAE,oBAAoB,CAAC,yBAAyB,CAAC,CAAC;CAC1D,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iCAAiC,GACzC,+CAA+C,GAC/C,oCAAoC,GACpC,yCAAyC,GACzC,uCAAuC,GACvC,wCAAwC,GACxC,uCAAuC,GACvC,wCAAwC,GACxC,8CAA8C,GAC9C,0CAA0C,GAC1C,2CAA2C,GAC3C,wDAAwD,GACxD,mCAAmC,GACnC,sCAAsC,GACtC,mDAAmD,GACnD,0CAA0C,GAC1C,qDAAqD,GACrD,4CAA4C,GAC5C,uDAAuD,GACvD,kDAAkD,GAClD,kDAAkD,GAClD,uCAAuC,GACvC,iDAAiD,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"PermissionController-method-action-types.mjs","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG","sourcesContent":["/**\n * This file is auto generated.\n * Do not edit manually.\n */\n\nimport type { PermissionController } from './PermissionController';\n\n/**\n * Checks whether the given method was declared as unrestricted at\n * construction time. Methods unknown to the controller return `false` and\n * would be treated as restricted by callers such as the permission\n * middleware.\n *\n * @param method - The name of the method to check.\n * @returns Whether the method is unrestricted.\n */\nexport type PermissionControllerHasUnrestrictedMethodAction = {\n type: `PermissionController:hasUnrestrictedMethod`;\n handler: PermissionController['hasUnrestrictedMethod'];\n};\n\n/**\n * Clears the state of the controller.\n */\nexport type PermissionControllerClearStateAction = {\n type: `PermissionController:clearState`;\n handler: PermissionController['clearState'];\n};\n\n/**\n * Gets a list of all origins of subjects.\n *\n * @returns The origins (i.e. IDs) of all subjects.\n */\nexport type PermissionControllerGetSubjectNamesAction = {\n type: `PermissionController:getSubjectNames`;\n handler: PermissionController['getSubjectNames'];\n};\n\n/**\n * Gets all permissions for the specified subject, if any.\n *\n * @param origin - The origin of the subject.\n * @returns The permissions of the subject, if any.\n */\nexport type PermissionControllerGetPermissionsAction = {\n type: `PermissionController:getPermissions`;\n handler: PermissionController['getPermissions'];\n};\n\n/**\n * Checks whether the subject with the specified origin has the specified\n * permission.\n *\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @returns Whether the subject has the permission.\n */\nexport type PermissionControllerHasPermissionAction = {\n type: `PermissionController:hasPermission`;\n handler: PermissionController['hasPermission'];\n};\n\n/**\n * Checks whether the subject with the specified origin has any permissions.\n * Use this if you want to know if a subject \"exists\".\n *\n * @param origin - The origin of the subject to check.\n * @returns Whether the subject has any permissions.\n */\nexport type PermissionControllerHasPermissionsAction = {\n type: `PermissionController:hasPermissions`;\n handler: PermissionController['hasPermissions'];\n};\n\n/**\n * Revokes all permissions from the specified origin.\n *\n * Throws an error if the origin has no permissions.\n *\n * @param origin - The origin whose permissions to revoke.\n */\nexport type PermissionControllerRevokeAllPermissionsAction = {\n type: `PermissionController:revokeAllPermissions`;\n handler: PermissionController['revokeAllPermissions'];\n};\n\n/**\n * Revokes the specified permissions from the specified subjects.\n *\n * Throws an error if any of the subjects or permissions do not exist.\n *\n * @param subjectsAndPermissions - An object mapping subject origins\n * to arrays of permission target names to revoke.\n */\nexport type PermissionControllerRevokePermissionsAction = {\n type: `PermissionController:revokePermissions`;\n handler: PermissionController['revokePermissions'];\n};\n\n/**\n * Revokes all permissions corresponding to the specified target for all subjects.\n * Does nothing if no subjects or no such permission exists.\n *\n * @param target - The name of the target to revoke all permissions for.\n */\nexport type PermissionControllerRevokePermissionForAllSubjectsAction = {\n type: `PermissionController:revokePermissionForAllSubjects`;\n handler: PermissionController['revokePermissionForAllSubjects'];\n};\n\n/**\n * Gets the caveat of the specified type, if any, for the permission of\n * the subject corresponding to the given origin.\n *\n * Throws an error if the subject does not have a permission with the\n * specified target name.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to get.\n * @returns The caveat, or `undefined` if no such caveat exists.\n */\nexport type PermissionControllerGetCaveatAction = {\n type: `PermissionController:getCaveat`;\n handler: PermissionController['getCaveat'];\n};\n\n/**\n * Updates the value of the caveat of the specified type belonging to the\n * permission corresponding to the given subject origin and permission\n * target.\n *\n * For adding new caveats, use\n * {@link PermissionController.addCaveat}.\n *\n * Throws an error if no such permission or caveat exists.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to update.\n * @param caveatValue - The new value of the caveat.\n */\nexport type PermissionControllerUpdateCaveatAction = {\n type: `PermissionController:updateCaveat`;\n handler: PermissionController['updateCaveat'];\n};\n\n/**\n * Grants _approved_ permissions to the specified subject. Every permission and\n * caveat is stringently validated—including by calling their specification\n * validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissions} For initiating a\n * permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsAction = {\n type: `PermissionController:grantPermissions`;\n handler: PermissionController['grantPermissions'];\n};\n\n/**\n * Incrementally grants _approved_ permissions to the specified subject. Every\n * permission and caveat is stringently validated—including by calling their\n * specification validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissionsIncremental} For initiating\n * an incremental permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsIncrementalAction = {\n type: `PermissionController:grantPermissionsIncremental`;\n handler: PermissionController['grantPermissionsIncremental'];\n};\n\n/**\n * Initiates a permission request that requires user approval.\n *\n * Either this or {@link PermissionController.requestPermissionsIncremental}\n * should always be used to grant additional permissions to a subject,\n * unless user approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions. Defaults to `true`.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsAction = {\n type: `PermissionController:requestPermissions`;\n handler: PermissionController['requestPermissions'];\n};\n\n/**\n * Initiates an incremental permission request that prompts for user approval.\n * Incremental permission requests allow the caller to replace existing and/or\n * add brand new permissions and caveats for the specified subject.\n *\n * Incremental permission request are merged with the subject's existing permissions\n * through a right-biased union, where the incremental permission are the right-hand\n * side of the merger. If both sides of the merger specify the same caveats for a\n * given permission, the caveats are merged using their specification's caveat value\n * merger property.\n *\n * Either this or {@link PermissionController.requestPermissions} should\n * always be used to grant additional permissions to a subject, unless user\n * approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsIncrementalAction = {\n type: `PermissionController:requestPermissionsIncremental`;\n handler: PermissionController['requestPermissionsIncremental'];\n};\n\n/**\n * Gets the subject's endowments per the specified endowment permission.\n * Throws if the subject does not have the required permission or if the\n * permission is not an endowment permission.\n *\n * @param origin - The origin of the subject whose endowments to retrieve.\n * @param targetName - The name of the endowment permission. This must be a\n * valid permission target name.\n * @param requestData - Additional data associated with the request, if any.\n * Forwarded to the endowment getter function for the permission.\n * @returns The endowments, if any.\n */\nexport type PermissionControllerGetEndowmentsAction = {\n type: `PermissionController:getEndowments`;\n handler: PermissionController['getEndowments'];\n};\n\n/**\n * Executes a restricted method as the subject with the given origin.\n * The specified params, if any, will be passed to the method implementation.\n *\n * ATTN: Great caution should be exercised in the use of this method.\n * Methods that cause side effects or affect application state should\n * be avoided.\n *\n * This method will first attempt to retrieve the requested restricted method\n * implementation, throwing if it does not exist. The method will then be\n * invoked as though the subject with the specified origin had invoked it with\n * the specified parameters. This means that any existing caveats will be\n * applied to the restricted method, and this method will throw if the\n * restricted method or its caveat decorators throw.\n *\n * In addition, this method will throw if the subject does not have a\n * permission for the specified restricted method.\n *\n * @param origin - The origin of the subject to execute the method on behalf\n * of.\n * @param targetName - The name of the method to execute. This must be a valid\n * permission target name.\n * @param params - The parameters to pass to the method implementation.\n * @returns The result of the executed method.\n */\nexport type PermissionControllerExecuteRestrictedMethodAction = {\n type: `PermissionController:executeRestrictedMethod`;\n handler: PermissionController['executeRestrictedMethod'];\n};\n\n/**\n * Union of all PermissionController action types.\n */\nexport type PermissionControllerMethodActions =\n | PermissionControllerHasUnrestrictedMethodAction\n | PermissionControllerClearStateAction\n | PermissionControllerGetSubjectNamesAction\n | PermissionControllerGetPermissionsAction\n | PermissionControllerHasPermissionAction\n | PermissionControllerHasPermissionsAction\n | PermissionControllerRevokeAllPermissionsAction\n | PermissionControllerRevokePermissionsAction\n | PermissionControllerRevokePermissionForAllSubjectsAction\n | PermissionControllerGetCaveatAction\n | PermissionControllerUpdateCaveatAction\n | PermissionControllerGrantPermissionsAction\n | PermissionControllerGrantPermissionsIncrementalAction\n | PermissionControllerRequestPermissionsAction\n | PermissionControllerRequestPermissionsIncrementalAction\n | PermissionControllerGetEndowmentsAction\n | PermissionControllerExecuteRestrictedMethodAction;\n"]}
1
+ {"version":3,"file":"PermissionController-method-action-types.mjs","sourceRoot":"","sources":["../src/PermissionController-method-action-types.ts"],"names":[],"mappings":"AAAA;;;GAGG","sourcesContent":["/**\n * This file is auto generated.\n * Do not edit manually.\n */\n\nimport type { PermissionController } from './PermissionController';\n\n/**\n * Checks whether the given method was declared as unrestricted at\n * construction time. Methods unknown to the controller return `false` and\n * would be treated as restricted by callers such as the permission\n * middleware.\n *\n * @param method - The name of the method to check.\n * @returns Whether the method is unrestricted.\n */\nexport type PermissionControllerHasUnrestrictedMethodAction = {\n type: `PermissionController:hasUnrestrictedMethod`;\n handler: PermissionController['hasUnrestrictedMethod'];\n};\n\n/**\n * Clears the state of the controller.\n */\nexport type PermissionControllerClearStateAction = {\n type: `PermissionController:clearState`;\n handler: PermissionController['clearState'];\n};\n\n/**\n * Gets a list of all origins of subjects.\n *\n * @returns The origins (i.e. IDs) of all subjects.\n */\nexport type PermissionControllerGetSubjectNamesAction = {\n type: `PermissionController:getSubjectNames`;\n handler: PermissionController['getSubjectNames'];\n};\n\n/**\n * Gets the permission for the specified target of the subject corresponding\n * to the specified origin.\n *\n * @param origin - The origin of the subject.\n * @param targetName - The method name as invoked by a third party (i.e., not\n * a method key).\n * @returns The permission if it exists, or undefined otherwise.\n */\nexport type PermissionControllerGetPermissionAction = {\n type: `PermissionController:getPermission`;\n handler: PermissionController['getPermission'];\n};\n\n/**\n * Gets all permissions for the specified subject, if any.\n *\n * @param origin - The origin of the subject.\n * @returns The permissions of the subject, if any.\n */\nexport type PermissionControllerGetPermissionsAction = {\n type: `PermissionController:getPermissions`;\n handler: PermissionController['getPermissions'];\n};\n\n/**\n * Checks whether the subject with the specified origin has the specified\n * permission.\n *\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @returns Whether the subject has the permission.\n */\nexport type PermissionControllerHasPermissionAction = {\n type: `PermissionController:hasPermission`;\n handler: PermissionController['hasPermission'];\n};\n\n/**\n * Checks whether the subject with the specified origin has any permissions.\n * Use this if you want to know if a subject \"exists\".\n *\n * @param origin - The origin of the subject to check.\n * @returns Whether the subject has any permissions.\n */\nexport type PermissionControllerHasPermissionsAction = {\n type: `PermissionController:hasPermissions`;\n handler: PermissionController['hasPermissions'];\n};\n\n/**\n * Revokes all permissions from the specified origin.\n *\n * Throws an error if the origin has no permissions.\n *\n * @param origin - The origin whose permissions to revoke.\n */\nexport type PermissionControllerRevokeAllPermissionsAction = {\n type: `PermissionController:revokeAllPermissions`;\n handler: PermissionController['revokeAllPermissions'];\n};\n\n/**\n * Revokes the specified permission from the subject with the specified\n * origin.\n *\n * Throws an error if the subject or the permission does not exist.\n *\n * @param origin - The origin of the subject whose permission to revoke.\n * @param target - The target name of the permission to revoke.\n */\nexport type PermissionControllerRevokePermissionAction = {\n type: `PermissionController:revokePermission`;\n handler: PermissionController['revokePermission'];\n};\n\n/**\n * Revokes the specified permissions from the specified subjects.\n *\n * Throws an error if any of the subjects or permissions do not exist.\n *\n * @param subjectsAndPermissions - An object mapping subject origins\n * to arrays of permission target names to revoke.\n */\nexport type PermissionControllerRevokePermissionsAction = {\n type: `PermissionController:revokePermissions`;\n handler: PermissionController['revokePermissions'];\n};\n\n/**\n * Revokes all permissions corresponding to the specified target for all subjects.\n * Does nothing if no subjects or no such permission exists.\n *\n * @param target - The name of the target to revoke all permissions for.\n */\nexport type PermissionControllerRevokePermissionForAllSubjectsAction = {\n type: `PermissionController:revokePermissionForAllSubjects`;\n handler: PermissionController['revokePermissionForAllSubjects'];\n};\n\n/**\n * Gets the caveat of the specified type, if any, for the permission of\n * the subject corresponding to the given origin.\n *\n * Throws an error if the subject does not have a permission with the\n * specified target name.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to get.\n * @returns The caveat, or `undefined` if no such caveat exists.\n */\nexport type PermissionControllerGetCaveatAction = {\n type: `PermissionController:getCaveat`;\n handler: PermissionController['getCaveat'];\n};\n\n/**\n * Updates the value of the caveat of the specified type belonging to the\n * permission corresponding to the given subject origin and permission\n * target.\n *\n * For adding new caveats, use\n * {@link PermissionController.addCaveat}.\n *\n * Throws an error if no such permission or caveat exists.\n *\n * @template TargetName - The permission target name. Should be inferred.\n * @template CaveatType - The valid caveat types for the permission. Should\n * be inferred.\n * @param origin - The origin of the subject.\n * @param target - The target name of the permission.\n * @param caveatType - The type of the caveat to update.\n * @param caveatValue - The new value of the caveat.\n */\nexport type PermissionControllerUpdateCaveatAction = {\n type: `PermissionController:updateCaveat`;\n handler: PermissionController['updateCaveat'];\n};\n\n/**\n * Updates all caveats with the specified type for all subjects and\n * permissions by applying the specified mutator function to them.\n *\n * ATTN: Permissions can be revoked entirely by the action of this method,\n * read on for details.\n *\n * Caveat mutators are functions that receive a caveat value and return a\n * tuple consisting of a {@link CaveatMutatorOperation} and, optionally, a new\n * value to update the existing caveat with.\n *\n * For each caveat, depending on the mutator result, this method will:\n * - Do nothing ({@link CaveatMutatorOperation.Noop})\n * - Update the value of the caveat ({@link CaveatMutatorOperation.UpdateValue}). The caveat specification validator, if any, will be called after updating the value.\n * - Delete the caveat ({@link CaveatMutatorOperation.DeleteCaveat}). The permission specification validator, if any, will be called after deleting the caveat.\n * - Revoke the parent permission ({@link CaveatMutatorOperation.RevokePermission})\n *\n * This method throws if the validation of any caveat or permission fails.\n *\n * @param targetCaveatType - The type of the caveats to update.\n * @param mutator - The mutator function which will be applied to all caveat\n * values.\n */\nexport type PermissionControllerUpdatePermissionsByCaveatAction = {\n type: `PermissionController:updatePermissionsByCaveat`;\n handler: PermissionController['updatePermissionsByCaveat'];\n};\n\n/**\n * Grants _approved_ permissions to the specified subject. Every permission and\n * caveat is stringently validated—including by calling their specification\n * validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissions} For initiating a\n * permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsAction = {\n type: `PermissionController:grantPermissions`;\n handler: PermissionController['grantPermissions'];\n};\n\n/**\n * Incrementally grants _approved_ permissions to the specified subject. Every\n * permission and caveat is stringently validated—including by calling their\n * specification validators—and an error is thrown if validation fails.\n *\n * ATTN: This method does **not** prompt the user for approval. User consent must\n * first be obtained through some other means.\n *\n * @see {@link PermissionController.requestPermissionsIncremental} For initiating\n * an incremental permissions request requiring user approval.\n * @param options - Options bag.\n * @param options.approvedPermissions - The requested permissions approved by\n * the user.\n * @param options.requestData - Permission request data. Passed to permission\n * factory functions.\n * @param options.subject - The subject to grant permissions to.\n * @returns The subject's new permission state. It may or may not have changed.\n */\nexport type PermissionControllerGrantPermissionsIncrementalAction = {\n type: `PermissionController:grantPermissionsIncremental`;\n handler: PermissionController['grantPermissionsIncremental'];\n};\n\n/**\n * Initiates a permission request that requires user approval.\n *\n * Either this or {@link PermissionController.requestPermissionsIncremental}\n * should always be used to grant additional permissions to a subject,\n * unless user approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.preserveExistingPermissions - Whether to preserve the\n * subject's existing permissions. Defaults to `true`.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsAction = {\n type: `PermissionController:requestPermissions`;\n handler: PermissionController['requestPermissions'];\n};\n\n/**\n * Initiates an incremental permission request that prompts for user approval.\n * Incremental permission requests allow the caller to replace existing and/or\n * add brand new permissions and caveats for the specified subject.\n *\n * Incremental permission request are merged with the subject's existing permissions\n * through a right-biased union, where the incremental permission are the right-hand\n * side of the merger. If both sides of the merger specify the same caveats for a\n * given permission, the caveats are merged using their specification's caveat value\n * merger property.\n *\n * Either this or {@link PermissionController.requestPermissions} should\n * always be used to grant additional permissions to a subject, unless user\n * approval has been obtained through some other means.\n *\n * Permissions are validated at every step of the approval process, and this\n * method will reject if validation fails.\n *\n * @see {@link ApprovalController} For the user approval logic.\n * @see {@link PermissionController.acceptPermissionsRequest} For the method\n * that _accepts_ the request and resolves the user approval promise.\n * @see {@link PermissionController.rejectPermissionsRequest} For the method\n * that _rejects_ the request and the user approval promise.\n * @param subject - The grantee subject.\n * @param requestedPermissions - The requested permissions.\n * @param options - Additional options.\n * @param options.id - The id of the permissions request. Defaults to a unique\n * id.\n * @param options.metadata - Additional metadata about the permission request.\n * @returns The granted permissions and request metadata.\n */\nexport type PermissionControllerRequestPermissionsIncrementalAction = {\n type: `PermissionController:requestPermissionsIncremental`;\n handler: PermissionController['requestPermissionsIncremental'];\n};\n\n/**\n * Accepts a permissions request created by\n * {@link PermissionController.requestPermissions}.\n *\n * @param request - The permissions request.\n */\nexport type PermissionControllerAcceptPermissionsRequestAction = {\n type: `PermissionController:acceptPermissionsRequest`;\n handler: PermissionController['acceptPermissionsRequest'];\n};\n\n/**\n * Rejects a permissions request created by\n * {@link PermissionController.requestPermissions}.\n *\n * @param id - The id of the request to be rejected.\n */\nexport type PermissionControllerRejectPermissionsRequestAction = {\n type: `PermissionController:rejectPermissionsRequest`;\n handler: PermissionController['rejectPermissionsRequest'];\n};\n\n/**\n * Gets the subject's endowments per the specified endowment permission.\n * Throws if the subject does not have the required permission or if the\n * permission is not an endowment permission.\n *\n * @param origin - The origin of the subject whose endowments to retrieve.\n * @param targetName - The name of the endowment permission. This must be a\n * valid permission target name.\n * @param requestData - Additional data associated with the request, if any.\n * Forwarded to the endowment getter function for the permission.\n * @returns The endowments, if any.\n */\nexport type PermissionControllerGetEndowmentsAction = {\n type: `PermissionController:getEndowments`;\n handler: PermissionController['getEndowments'];\n};\n\n/**\n * Executes a restricted method as the subject with the given origin.\n * The specified params, if any, will be passed to the method implementation.\n *\n * ATTN: Great caution should be exercised in the use of this method.\n * Methods that cause side effects or affect application state should\n * be avoided.\n *\n * This method will first attempt to retrieve the requested restricted method\n * implementation, throwing if it does not exist. The method will then be\n * invoked as though the subject with the specified origin had invoked it with\n * the specified parameters. This means that any existing caveats will be\n * applied to the restricted method, and this method will throw if the\n * restricted method or its caveat decorators throw.\n *\n * In addition, this method will throw if the subject does not have a\n * permission for the specified restricted method.\n *\n * @param origin - The origin of the subject to execute the method on behalf\n * of.\n * @param targetName - The name of the method to execute. This must be a valid\n * permission target name.\n * @param params - The parameters to pass to the method implementation.\n * @returns The result of the executed method.\n */\nexport type PermissionControllerExecuteRestrictedMethodAction = {\n type: `PermissionController:executeRestrictedMethod`;\n handler: PermissionController['executeRestrictedMethod'];\n};\n\n/**\n * Union of all PermissionController action types.\n */\nexport type PermissionControllerMethodActions =\n | PermissionControllerHasUnrestrictedMethodAction\n | PermissionControllerClearStateAction\n | PermissionControllerGetSubjectNamesAction\n | PermissionControllerGetPermissionAction\n | PermissionControllerGetPermissionsAction\n | PermissionControllerHasPermissionAction\n | PermissionControllerHasPermissionsAction\n | PermissionControllerRevokeAllPermissionsAction\n | PermissionControllerRevokePermissionAction\n | PermissionControllerRevokePermissionsAction\n | PermissionControllerRevokePermissionForAllSubjectsAction\n | PermissionControllerGetCaveatAction\n | PermissionControllerUpdateCaveatAction\n | PermissionControllerUpdatePermissionsByCaveatAction\n | PermissionControllerGrantPermissionsAction\n | PermissionControllerGrantPermissionsIncrementalAction\n | PermissionControllerRequestPermissionsAction\n | PermissionControllerRequestPermissionsIncrementalAction\n | PermissionControllerAcceptPermissionsRequestAction\n | PermissionControllerRejectPermissionsRequestAction\n | PermissionControllerGetEndowmentsAction\n | PermissionControllerExecuteRestrictedMethodAction;\n"]}
@@ -49,6 +49,11 @@ const MESSENGER_EXPOSED_METHODS = [
49
49
  'revokePermissions',
50
50
  'updateCaveat',
51
51
  'getCaveat',
52
+ 'acceptPermissionsRequest',
53
+ 'rejectPermissionsRequest',
54
+ 'revokePermission',
55
+ 'updatePermissionsByCaveat',
56
+ 'getPermission',
52
57
  ];
53
58
  /**
54
59
  * Get the state metadata of the {@link PermissionController}.