npm - @mondaydotcomorg/monday-authorization - Versions diffs - 1.1.9-authzbashanyeasync-resource-attributes-support.3214 → 1.1.9-bugmoshefixhourcolumn.385 - Mend

@mondaydotcomorg/monday-authorization 1.1.9-authzbashanyeasync-resource-attributes-support.3214 → 1.1.9-bugmoshefixhourcolumn.385

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/CHANGELOG.md +0 -15
package/README.md +0 -32
package/package.json +6 -30
package/dist/index.d.ts +0 -13
package/dist/index.js +0 -51
package/dist/index.js.map +0 -1
package/dist/lib/attributions-service.d.ts +0 -3
package/dist/lib/attributions-service.js +0 -54
package/dist/lib/attributions-service.js.map +0 -1
package/dist/lib/authorization-attributes-service.d.ts +0 -44
package/dist/lib/authorization-attributes-service.js +0 -142
package/dist/lib/authorization-attributes-service.js.map +0 -1
package/dist/lib/authorization-internal-service.d.ts +0 -13
package/dist/lib/authorization-internal-service.js +0 -79
package/dist/lib/authorization-internal-service.js.map +0 -1
package/dist/lib/authorization-middleware.d.ts +0 -6
package/dist/lib/authorization-middleware.js +0 -57
package/dist/lib/authorization-middleware.js.map +0 -1
package/dist/lib/authorization-service.d.ts +0 -29
package/dist/lib/authorization-service.js +0 -186
package/dist/lib/authorization-service.js.map +0 -1
package/dist/lib/constants/sns.d.ts +0 -3
package/dist/lib/constants/sns.js +0 -7
package/dist/lib/constants/sns.js.map +0 -1
package/dist/lib/prometheus-service.d.ts +0 -10
package/dist/lib/prometheus-service.js +0 -51
package/dist/lib/prometheus-service.js.map +0 -1
package/dist/lib/testKit/index.d.ts +0 -11
package/dist/lib/testKit/index.js +0 -59
package/dist/lib/testKit/index.js.map +0 -1
package/dist/lib/types/authorization-attributes-contracts.d.ts +0 -27
package/dist/lib/types/authorization-attributes-contracts.js +0 -9
package/dist/lib/types/authorization-attributes-contracts.js.map +0 -1
package/dist/lib/types/express.d.ts +0 -10
package/dist/lib/types/express.js +0 -2
package/dist/lib/types/express.js.map +0 -1
package/dist/lib/types/general.d.ts +0 -30
package/dist/lib/types/general.js +0 -3
package/dist/lib/types/general.js.map +0 -1
package/dist/lib/types/scoped-actions-contracts.d.ts +0 -38
package/dist/lib/types/scoped-actions-contracts.js +0 -10
package/dist/lib/types/scoped-actions-contracts.js.map +0 -1
package/dist/tsconfig.tsbuildinfo +0 -1

package/CHANGELOG.md CHANGED Viewed

@@ -5,21 +5,6 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
-## [1.2.9] - 2024-10-06
-### Added
-- [`authz/bashanye/add-async-resource-attributes-support`](https://github.com/DaPulse/monday-npm-packages/pull/6859)
-  - `AuthorizationAttributesService` - now supports async upsert and delete - requests sent through SNS-SQS).
-## [1.2.3] - 2024-06-10
-### Added
-- [`feature/yarden/resource-attributes-api-support-authz-sdk (#5826)`](https://github.com/DaPulse/monday-npm-packages/pull/5826)
-  - `AuthorizationAttributesService` - now supports upsert (`upsertResourceAttributesSync`) and delete (`deleteResourceAttributesSync`) resource attributes in the authorization MS
-## [1.2.0] - 2024-01-05
-### Added
- - `isAuthorized` now return the unauthorized objects - regardless to the unauthorized ids (which may be missing resource ids if resource has no id, like `feature` e.g.)
 ## [1.1.0] - 2023-08-09
 ### ⚠ BREAKING CHANGES

package/README.md CHANGED Viewed

@@ -136,35 +136,3 @@ const canActionInScopeMultipleResponse: ScopedActionResponseObject[] =
  * ]
  * /
 ```
-### Authorization Attributes API
-Use `AuthorizationAttributesService.upsertResourceAttributesSync` to upsert multiple resource attributes in the authorization MS synchronously.
-```ts
-import { AuthorizationAttributesService, ResourceAttributeAssignment, ResourceAttributeResponse } from '@mondaydotcomorg/monday-authorization';
-const accountId = 739630;
-const userId = 4;
-const resourceAttributesAssignments: ResourceAttributeAssignment[] = [
-  { resourceId: 18, resourceType: 'workspace', key: 'is_default_workspace', value: 'true' },
-  { resourceId: 23, resourceType: 'board', key: 'board_kind', value: 'private' }
-];
-const response: ResourceAttributeResponse = await AuthorizationAttributesService.upsertResourceAttributesSync(accountId, userId, resourceAttributesAssignments);
-```
-Use `AuthorizationAttributesService.deleteResourceAttributesSync` to delete single resource's attributes in the authorization MS synchronously.
-```ts
-import { AuthorizationAttributesService, ResourceAttributeResponse, Resource } from '@mondaydotcomorg/monday-authorization';
-const accountId = 739630;
-const userId = 4;
-const resource: Resource = { type: 'workspace', id: 18 };
-const attributeKeys: string[] = ['is_default_workspace', 'workspace_kind'];
-const response: ResourceAttributeResponse = await AuthorizationAttributesService.deleteResourceAttributesSync(accountId, userId, resource, attributeKeys);
-```

package/package.json CHANGED Viewed

@@ -1,60 +1,36 @@
 {
   "name": "@mondaydotcomorg/monday-authorization",
-  "version": "1.1.9-authzbashanyeasync-resource-attributes-support.3214+3ff72e577",
+  "version": "1.1.9-bugmoshefixhourcolumn.385+615c92e7d",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "license": "BSD-3-Clause",
-  "jest": {
-    "testEnvironment": "node",
-    "testMatch": [
-      "**/+(*.)+(spec|test).+(ts|js)?(x)"
-    ],
-    "transform": {
-      "^.+\\.(ts|js|html)$": "ts-jest"
-    },
-    "moduleFileExtensions": [
-      "ts",
-      "js",
-      "html"
-    ],
-    "coverageReporters": [
-      "html"
-    ]
-  },
   "scripts": {
-    "test": "jest",
+    "test": "mocha -r ts-node/register -r tsconfig-paths/register './tests/*.test.ts' --timeout 5000 --exit",
     "build": "tsc --build"
   },
   "dependencies": {
     "@mondaydotcomorg/monday-fetch": "^0.0.7",
-    "@mondaydotcomorg/monday-jwt": "^3.0.14",
-    "@mondaydotcomorg/monday-logger": "^4.0.11",
-    "@mondaydotcomorg/monday-sns": "^1.0.6",
-    "@mondaydotcomorg/trident-backend-api": "^0.23.10",
-    "@types/lodash": "^4.17.10",
-    "lodash": "^4.17.21",
+    "@mondaydotcomorg/monday-jwt": "^3.0.10",
+    "@mondaydotcomorg/monday-logger": "^3.0.10",
     "node-fetch": "^2.6.7",
-    "on-headers": "^1.0.2",
     "ts-node": "^10.0.0"
   },
   "devDependencies": {
     "@types/express": "^4.17.20",
-    "@types/jest": "^27.4.1",
     "@types/mocha": "^8.2.2",
     "@types/on-headers": "^1.0.0",
     "@types/supertest": "^2.0.11",
     "express": "^4.17.1",
     "ioredis": "^5.2.4",
     "ioredis-mock": "^8.2.2",
-    "jest": "^27.5.1",
     "mocha": "^9.0.1",
+    "on-headers": "^1.0.2",
     "supertest": "^6.1.3",
-    "ts-jest": "^27.1.3",
     "tsconfig-paths": "^3.9.0",
     "typescript": "^5.1.6"
   },
   "files": [
     "dist/"
   ],
-  "gitHead": "3ff72e577a6a6a2176266650210071ea086bb2ec"
+  "gitHead": "615c92e7dc78def059faf333b5443ae643730929"
 }

package/dist/index.d.ts DELETED Viewed

@@ -1,13 +0,0 @@
-import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
-import * as TestKit from './lib/testKit';
-export interface InitOptions {
-    prometheus?: any;
-    mondayFetchOptions?: MondayFetchOptions;
-    redisClient?: any;
-    grantedFeatureRedisExpirationInSeconds?: number;
-}
-export declare function init(options?: InitOptions): void;
-export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware, } from './lib/authorization-middleware';
-export { AuthorizationService } from './lib/authorization-service';
-export { AuthorizationAttributesService } from './lib/authorization-attributes-service';
-export { TestKit };

package/dist/index.js DELETED Viewed

@@ -1,51 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TestKit = exports.AuthorizationAttributesService = exports.AuthorizationService = exports.skipAuthorizationMiddleware = exports.getAuthorizationMiddleware = exports.authorizationCheckMiddleware = void 0;
-exports.init = init;
-const prometheus_service_1 = require("./lib/prometheus-service");
-const authorization_service_1 = require("./lib/authorization-service");
-const TestKit = __importStar(require("./lib/testKit"));
-exports.TestKit = TestKit;
-function init(options = {}) {
-    if (options.prometheus) {
-        (0, prometheus_service_1.setPrometheus)(options.prometheus);
-    }
-    if (options.mondayFetchOptions) {
-        (0, authorization_service_1.setRequestFetchOptions)(options.mondayFetchOptions);
-    }
-    if (options.redisClient) {
-        (0, authorization_service_1.setRedisClient)(options.redisClient, options.grantedFeatureRedisExpirationInSeconds);
-    }
-}
-var authorization_middleware_1 = require("./lib/authorization-middleware");
-Object.defineProperty(exports, "authorizationCheckMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.authorizationCheckMiddleware; } });
-Object.defineProperty(exports, "getAuthorizationMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.getAuthorizationMiddleware; } });
-Object.defineProperty(exports, "skipAuthorizationMiddleware", { enumerable: true, get: function () { return authorization_middleware_1.skipAuthorizationMiddleware; } });
-var authorization_service_2 = require("./lib/authorization-service");
-Object.defineProperty(exports, "AuthorizationService", { enumerable: true, get: function () { return authorization_service_2.AuthorizationService; } });
-var authorization_attributes_service_1 = require("./lib/authorization-attributes-service");
-Object.defineProperty(exports, "AuthorizationAttributesService", { enumerable: true, get: function () { return authorization_attributes_service_1.AuthorizationAttributesService; } });
-//# sourceMappingURL=index.js.map

package/dist/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAWA,oBAWC;AArBD,iEAAyD;AACzD,uEAAqF;AACrF,uDAAyC;AA6BhC,0BAAO;AArBhB,SAAgB,IAAI,CAAC,UAAuB,EAAE;IAC5C,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACvB,IAAA,kCAAa,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAC/B,IAAA,8CAAsB,EAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,IAAA,sCAAc,EAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,sCAAsC,CAAC,CAAC;IACtF,CAAC;AACH,CAAC;AAED,2EAIwC;AAHtC,wIAAA,4BAA4B,OAAA;AAC5B,sIAAA,0BAA0B,OAAA;AAC1B,uIAAA,2BAA2B,OAAA;AAE7B,qEAAmE;AAA1D,6HAAA,oBAAoB,OAAA;AAC7B,2FAAwF;AAA/E,kJAAA,8BAA8B,OAAA"}

package/dist/lib/attributions-service.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export declare function getAttributionsFromApi(): {
-    [key: string]: string;
-};

package/dist/lib/attributions-service.js DELETED Viewed

@@ -1,54 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getAttributionsFromApi = getAttributionsFromApi;
-const trident_backend_api_1 = require("@mondaydotcomorg/trident-backend-api");
-const authorization_internal_service_1 = require("./authorization-internal-service");
-const APP_NAME_VARIABLE_KEY = 'APP_NAME';
-const APP_NAME_HEADER_NAME = 'x-caller-app-name-from-sdk';
-const FROM_SDK_HEADER_SUFFIX = `-from-sdk`;
-let didSendFailureLogOnce = false;
-function getAttributionsFromApi() {
-    let callerAppNameFromSdk = {
-        [APP_NAME_HEADER_NAME]: tryJsonParse(getEnvVariable(APP_NAME_VARIABLE_KEY)),
-    };
-    try {
-        const tridentContext = trident_backend_api_1.Api.getPart('context');
-        if (!tridentContext) {
-            return callerAppNameFromSdk;
-        }
-        const { runtimeAttributions } = tridentContext;
-        let runtimeAttributionsOutgoingHeaders = runtimeAttributions === null || runtimeAttributions === void 0 ? void 0 : runtimeAttributions.buildOutgoingHeaders('HTTP_INTERNAL');
-        if (!runtimeAttributionsOutgoingHeaders) {
-            return callerAppNameFromSdk;
-        }
-        const attributionsHeaders = Object.fromEntries(runtimeAttributionsOutgoingHeaders);
-        const attributionHeadersFromSdk = {};
-        Object.keys(attributionsHeaders).forEach(function (key) {
-            attributionHeadersFromSdk[`${key}${FROM_SDK_HEADER_SUFFIX}`] = attributionsHeaders[key];
-        });
-        return attributionHeadersFromSdk;
-    }
-    catch (error) {
-        if (!didSendFailureLogOnce) {
-            authorization_internal_service_1.logger.warn({ tag: 'authorization-service', error }, 'Failed to generate attributions headers from the API. Unexpected error while extracting headers. It may be caused by out of date Trident version.');
-            didSendFailureLogOnce = true;
-        }
-        return callerAppNameFromSdk;
-    }
-}
-function getEnvVariable(key) {
-    const envVar = process.env[key] || process.env[key.toUpperCase()] || process.env[key.toLowerCase()];
-    return envVar;
-}
-function tryJsonParse(value) {
-    if (!value) {
-        return value;
-    }
-    try {
-        return JSON.parse(value);
-    }
-    catch (_err) {
-        return value;
-    }
-}
-//# sourceMappingURL=attributions-service.js.map

package/dist/lib/attributions-service.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"attributions-service.js","sourceRoot":"","sources":["../../lib/attributions-service.ts"],"names":[],"mappings":";;AASA,wDAqCC;AA9CD,8EAA2D;AAC3D,qFAA0D;AAE1D,MAAM,qBAAqB,GAAG,UAAU,CAAC;AACzC,MAAM,oBAAoB,GAAG,4BAA4B,CAAC;AAC1D,MAAM,sBAAsB,GAAG,WAAW,CAAC;AAE3C,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,SAAgB,sBAAsB;IACpC,IAAI,oBAAoB,GAAG;QACzB,CAAC,oBAAoB,CAAC,EAAE,YAAY,CAAC,cAAc,CAAC,qBAAqB,CAAC,CAAC;KAC5E,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,yBAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE9C,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,oBAAoB,CAAC;QAC9B,CAAC;QAED,MAAM,EAAE,mBAAmB,EAAE,GAAG,cAAc,CAAC;QAC/C,IAAI,kCAAkC,GAAG,mBAAmB,aAAnB,mBAAmB,uBAAnB,mBAAmB,CAAE,oBAAoB,CAAC,eAAe,CAAC,CAAC;QAEpG,IAAI,CAAC,kCAAkC,EAAE,CAAC;YACxC,OAAO,oBAAoB,CAAC;QAC9B,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,CAAC,WAAW,CAAC,kCAAkC,CAAC,CAAC;QAEnF,MAAM,yBAAyB,GAAG,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG;YACpD,yBAAyB,CAAC,GAAG,GAAG,GAAG,sBAAsB,EAAE,CAAC,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;QAC1F,CAAC,CAAC,CAAC;QAEH,OAAO,yBAAyB,CAAC;IACnC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAC3B,uCAAM,CAAC,IAAI,CACT,EAAE,GAAG,EAAE,uBAAuB,EAAE,KAAK,EAAE,EACvC,mJAAmJ,CACpJ,CAAC;YACF,qBAAqB,GAAG,IAAI,CAAC;QAC/B,CAAC;QACD,OAAO,oBAAoB,CAAC;IAC9B,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,GAAW;IACjC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IACpG,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,KAAyB;IAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,IAAI,EAAE,CAAC;QACd,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/lib/authorization-attributes-service.d.ts DELETED Viewed

@@ -1,44 +0,0 @@
-import { ResourceAttributeAssignment, ResourceAttributeResponse, ResourceAttributesOperation } from './types/authorization-attributes-contracts';
-import { Resource } from './types/general';
-export declare class AuthorizationAttributesService {
-    private static LOG_TAG;
-    /**
-     * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
-     * @param accountId
-     * @param userId
-     * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
-     * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
-     * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
-     */
-    static upsertResourceAttributes(accountId: number, userId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
-    /**
-     * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
-     * @param accountId
-     * @param userId
-     * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
-     * @param attributeKeys - Array of attribute keys to delete for the resource.
-     * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
-     */
-    static deleteResourceAttributes(accountId: number, userId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-     *  */
-    static updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
-    private static sendSingleSnsMessage;
-    private static getSnsTopicArn;
-    private static getResourceAttributesUrl;
-    /**
-     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-     * This function can be used as health check for services that updating resource attributes in async is crucial.
-     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-     * However, this is the best we can do without actually push dummy messages to the SNS.
-     * @return {Promise<boolean>} - true if succeeded
-     */
-    static asyncResourceAttributesHealthCheck(): Promise<boolean>;
-}

package/dist/lib/authorization-attributes-service.js DELETED Viewed

@@ -1,142 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthorizationAttributesService = void 0;
-const chunk_1 = __importDefault(require("lodash/chunk"));
-const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
-const authorization_internal_service_1 = require("./authorization-internal-service");
-const attributions_service_1 = require("./attributions-service");
-const trident_backend_api_1 = require("@mondaydotcomorg/trident-backend-api");
-const monday_sns_1 = require("@mondaydotcomorg/monday-sns");
-const sns_1 = require("./constants/sns");
-class AuthorizationAttributesService {
-    /**
-     * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
-     * @param accountId
-     * @param userId
-     * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
-     * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
-     * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
-     */
-    static upsertResourceAttributes(accountId, userId, resourceAttributeAssignments) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
-            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
-            const response = yield (0, monday_fetch_1.fetch)(this.getResourceAttributesUrl(accountId), {
-                method: 'POST',
-                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
-                timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
-                body: JSON.stringify({ resourceAttributeAssignments }),
-            }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
-            const responseBody = yield response.json();
-            authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'upsertResourceAttributesSync');
-            return { attributes: responseBody['attributes'] };
-        });
-    }
-    /**
-     * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
-     * @param accountId
-     * @param userId
-     * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
-     * @param attributeKeys - Array of attribute keys to delete for the resource.
-     * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
-     */
-    static deleteResourceAttributes(accountId, userId, resource, attributeKeys) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
-            const url = `${this.getResourceAttributesUrl(accountId)}/${resource.type}/${resource.id}`;
-            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
-            const response = yield (0, monday_fetch_1.fetch)(url, {
-                method: 'DELETE',
-                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
-                timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
-                body: JSON.stringify({ keys: attributeKeys }),
-            }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
-            const responseBody = yield response.json();
-            authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'deleteResourceAttributesSync');
-            return { attributes: responseBody['attributes'] };
-        });
-    }
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-     *  */
-    static updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const topicArn = this.getSnsTopicArn();
-            const sendToSnsPromises = [];
-            const operationChucks = (0, chunk_1.default)(resourceAttributeOperations, sns_1.ASYNC_MAX_OPERATIONS_PER_MESSAGE);
-            for (const operationsChunk of operationChucks) {
-                sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk));
-            }
-            return (yield Promise.all(sendToSnsPromises)).flat();
-        });
-    }
-    static sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const payload = {
-                kind: sns_1.RESOURCE_ATTRIBUTES_SNS_MESSAGE_KIND,
-                payload: {
-                    accountId: accountId,
-                    callerAppName: appName,
-                    callerActionIdentifier: callerActionIdentifier,
-                    operations: operations,
-                }
-            };
-            try {
-                yield (0, monday_sns_1.sendToSns)(payload, topicArn);
-                return operations;
-            }
-            catch (error) {
-                authorization_internal_service_1.logger.error({ error, tag: this.LOG_TAG }, "Authorization resource attributes async update: failed to send operations to SNS");
-                return [];
-            }
-        });
-    }
-    static getSnsTopicArn() {
-        var _a;
-        return ((_a = trident_backend_api_1.Api.getPart('configurationVariables')) === null || _a === void 0 ? void 0 : _a.get(sns_1.RESOURCE_ATTRIBUTES_SECRET_NAME).arn) ||
-            JSON.parse(process.env[sns_1.RESOURCE_ATTRIBUTES_SECRET_NAME]).arn;
-    }
-    static getResourceAttributesUrl(accountId) {
-        return `${process.env.AUTHORIZATION_URL}/attributes/${accountId}/resource`;
-    }
-    /**
-     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-     * This function can be used as health check for services that updating resource attributes in async is crucial.
-     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-     * However, this is the best we can do without actually push dummy messages to the SNS.
-     * @return {Promise<boolean>} - true if succeeded
-     */
-    static asyncResourceAttributesHealthCheck() {
-        return __awaiter(this, void 0, void 0, function* () {
-            try {
-                const requestedTopicArn = this.getSnsTopicArn();
-                const attributes = yield (0, monday_sns_1.getTopicAttributes)(requestedTopicArn);
-                return !(!attributes || !("TopicArn" in attributes) || attributes.TopicArn !== requestedTopicArn);
-            }
-            catch (error) {
-                return false;
-            }
-        });
-    }
-}
-exports.AuthorizationAttributesService = AuthorizationAttributesService;
-AuthorizationAttributesService.LOG_TAG = "authorization_attributes";
-//# sourceMappingURL=authorization-attributes-service.js.map

package/dist/lib/authorization-attributes-service.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"authorization-attributes-service.js","sourceRoot":"","sources":["../../lib/authorization-attributes-service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,yDAAkC;AAOlC,gEAAsD;AACtD,qFAAwF;AACxF,iEAAgE;AAChE,8EAA2D;AAC3D,4DAA4E;AAE5E,yCAIyB;AAEzB,MAAa,8BAA8B;IAEzC;;;;;;;OAOG;IACH,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,4BAA2D;;YAE3D,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,EACxC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,4BAA4B,EAAE,CAAC;aACvD,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,8BAA8B,CAAC,CAAC;YAEhG,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACpD,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,QAAkB,EAClB,aAAuB;;YAEvB,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAC1F,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,GAAG,EACH;gBACE,MAAM,EAAE,QAAQ;gBAChB,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;aAC9C,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,8BAA8B,CAAC,CAAC;YAEhG,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACpD,CAAC;KAAA;IAED;;;;;;;UAOM;IACN,MAAM,CAAO,6BAA6B,CAAC,SAAiB,EAAE,OAAe,EAAE,sBAA8B,EAClE,2BAA0D;;YACnG,MAAM,QAAQ,GAAW,IAAI,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,iBAAiB,GAA6C,EAAE,CAAC;YACvE,MAAM,eAAe,GAAG,IAAA,eAAM,EAAC,2BAA2B,EAAE,sCAAgC,CAAC,CAAC;YAC9F,KAAK,MAAM,eAAe,IAAI,eAAe,EAAE,CAAC;gBAC9C,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,sBAAsB,EAAE,eAAe,CAAC,CAAC,CAAC;YAC3H,CAAC;YACD,OAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACtD,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CAAC,QAAgB,EAAE,SAAiB,EAAE,OAAe,EAAE,sBAA8B,EAAE,UAAyC;;YAEvK,MAAM,OAAO,GAAG;gBACd,IAAI,EAAE,0CAAoC;gBAC1C,OAAO,EAAE;oBACP,SAAS,EAAE,SAAS;oBACpB,aAAa,EAAE,OAAO;oBACtB,sBAAsB,EAAE,sBAAsB;oBAC9C,UAAU,EAAE,UAAU;iBACvB;aACF,CAAA;YACD,IAAI,CAAC;gBACH,MAAM,IAAA,sBAAS,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;gBACnC,OAAO,UAAU,CAAC;YACpB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,uCAAM,CAAC,KAAK,CAAC,EAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,EAAC,EAAE,kFAAkF,CAAC,CAAA;gBAC5H,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;KAAA;IAEO,MAAM,CAAC,cAAc;;QAC3B,OAAO,CAAA,MAAA,yBAAG,CAAC,OAAO,CAAC,wBAAwB,CAAC,0CAAE,GAAG,CAAC,qCAA+B,EAAE,GAAG;YACpF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,qCAA+B,CAAW,CAAC,CAAC,GAAG,CAAC;IAC3E,CAAC;IAEO,MAAM,CAAC,wBAAwB,CAAC,SAAiB;QACvD,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,eAAe,SAAS,WAAW,CAAC;IAC7E,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAO,kCAAkC;;YAC7C,IAAI,CAAC;gBACH,MAAM,iBAAiB,GAAW,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxD,MAAM,UAAU,GAAuB,MAAM,IAAA,+BAAkB,EAAC,iBAAiB,CAAC,CAAC;gBACnF,OAAO,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,UAAU,CAAC,QAAQ,KAAK,iBAAiB,CAAC,CAAC;YACpG,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;;AA5IH,wEA6IC;AA5IgB,sCAAO,GAAG,0BAA0B,CAAA"}

package/dist/lib/authorization-internal-service.d.ts DELETED Viewed

@@ -1,13 +0,0 @@
-import { Request } from 'express';
-import { fetch, MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
-export declare const logger: import("bunyan");
-export declare class AuthorizationInternalService {
-    static skipAuthorization(requset: Request): void;
-    static markAuthorized(request: Request): void;
-    static failIfNotCoveredByAuthorization(request: Request): void;
-    static throwOnHttpErrorIfNeeded(response: Awaited<ReturnType<typeof fetch>>, placement: string): void;
-    static generateInternalAuthToken(accountId: number, userId: number): string;
-    static setRequestFetchOptions(customMondayFetchOptions: MondayFetchOptions): void;
-    static getRequestFetchOptions(): MondayFetchOptions;
-    static getRequestTimeout(): 60000 | 2000;
-}

package/dist/lib/authorization-internal-service.js DELETED Viewed

@@ -1,79 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthorizationInternalService = exports.logger = void 0;
-const monday_jwt_1 = require("@mondaydotcomorg/monday-jwt");
-const MondayLogger = __importStar(require("@mondaydotcomorg/monday-logger"));
-const INTERNAL_APP_NAME = 'internal_ms';
-const defaultMondayFetchOptions = {
-    retries: 3,
-    callback: logOnFetchFail,
-};
-function logOnFetchFail(retriesLeft, error) {
-    if (retriesLeft == 0) {
-        exports.logger.error({ retriesLeft, error }, 'Authorization attempt failed due to network issues');
-    }
-    else {
-        exports.logger.info({ retriesLeft, error }, 'Authorization attempt failed due to network issues, trying again');
-    }
-}
-let mondayFetchOptions = defaultMondayFetchOptions;
-exports.logger = MondayLogger.getLogger();
-class AuthorizationInternalService {
-    static skipAuthorization(requset) {
-        requset.authorizationSkipPerformed = true;
-    }
-    static markAuthorized(request) {
-        request.authorizationCheckPerformed = true;
-    }
-    static failIfNotCoveredByAuthorization(request) {
-        if (!request.authorizationCheckPerformed && !request.authorizationSkipPerformed) {
-            throw 'Endpoint is not covered by authorization check';
-        }
-    }
-    static throwOnHttpErrorIfNeeded(response, placement) {
-        if (response.ok) {
-            return;
-        }
-        const status = response.status;
-        exports.logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
-        throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
-    }
-    static generateInternalAuthToken(accountId, userId) {
-        return (0, monday_jwt_1.signAuthorizationHeader)({ appName: INTERNAL_APP_NAME, accountId, userId });
-    }
-    static setRequestFetchOptions(customMondayFetchOptions) {
-        mondayFetchOptions = Object.assign(Object.assign({}, defaultMondayFetchOptions), customMondayFetchOptions);
-    }
-    static getRequestFetchOptions() {
-        return mondayFetchOptions;
-    }
-    static getRequestTimeout() {
-        const isDevEnv = process.env.NODE_ENV === 'development';
-        return isDevEnv ? 60000 : 2000;
-    }
-}
-exports.AuthorizationInternalService = AuthorizationInternalService;
-//# sourceMappingURL=authorization-internal-service.js.map

package/dist/lib/authorization-internal-service.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"authorization-internal-service.js","sourceRoot":"","sources":["../../lib/authorization-internal-service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AACA,4DAAsE;AAEtE,6EAA+D;AAE/D,MAAM,iBAAiB,GAAG,aAAa,CAAC;AAExC,MAAM,yBAAyB,GAAuB;IACpD,OAAO,EAAE,CAAC;IACV,QAAQ,EAAE,cAAc;CACzB,CAAC;AAEF,SAAS,cAAc,CAAC,WAAmB,EAAE,KAAY;IACvD,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;QACrB,cAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,oDAAoD,CAAC,CAAC;IAC7F,CAAC;SAAM,CAAC;QACN,cAAM,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,kEAAkE,CAAC,CAAC;IAC1G,CAAC;AACH,CAAC;AAED,IAAI,kBAAkB,GAAuB,yBAAyB,CAAC;AAE1D,QAAA,MAAM,GAAG,YAAY,CAAC,SAAS,EAAE,CAAC;AAE/C,MAAa,4BAA4B;IACvC,MAAM,CAAC,iBAAiB,CAAC,OAAgB;QACvC,OAAO,CAAC,0BAA0B,GAAG,IAAI,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAAgB;QACpC,OAAO,CAAC,2BAA2B,GAAG,IAAI,CAAC;IAC7C,CAAC;IAED,MAAM,CAAC,+BAA+B,CAAC,OAAgB;QACrD,IAAI,CAAC,OAAO,CAAC,2BAA2B,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,CAAC;YAChF,MAAM,gDAAgD,CAAC;QACzD,CAAC;IACH,CAAC;IAED,MAAM,CAAC,wBAAwB,CAAC,QAA2C,EAAE,SAAiB;QAC5F,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC/B,cAAM,CAAC,KAAK,CACV,EAAE,GAAG,EAAE,uBAAuB,EAAE,SAAS,EAAE,MAAM,EAAE,EACnD,oDAAoD,CACrD,CAAC;QAEF,MAAM,IAAI,KAAK,CAAC,0BAA0B,SAAS,8CAA8C,MAAM,EAAE,CAAC,CAAC;IAC7G,CAAC;IAED,MAAM,CAAC,yBAAyB,CAAC,SAAiB,EAAE,MAAc;QAChE,OAAO,IAAA,oCAAuB,EAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,CAAC,sBAAsB,CAAC,wBAA4C;QACxE,kBAAkB,mCACb,yBAAyB,GACzB,wBAAwB,CAC5B,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,sBAAsB;QAC3B,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,MAAM,CAAC,iBAAiB;QACtB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC;QACxD,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;CACF;AAhDD,oEAgDC"}

package/dist/lib/authorization-middleware.d.ts DELETED Viewed

@@ -1,6 +0,0 @@
-import { NextFunction } from 'express';
-import { Action, BaseRequest, BaseResponse, Context, ContextGetter, ResourceGetter } from './types/general';
-export declare function getAuthorizationMiddleware(action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter): (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
-export declare function skipAuthorizationMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
-export declare function authorizationCheckMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
-export declare function defaultContextGetter(request: BaseRequest): Context;

package/dist/lib/authorization-middleware.js DELETED Viewed

@@ -1,57 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getAuthorizationMiddleware = getAuthorizationMiddleware;
-exports.skipAuthorizationMiddleware = skipAuthorizationMiddleware;
-exports.authorizationCheckMiddleware = authorizationCheckMiddleware;
-exports.defaultContextGetter = defaultContextGetter;
-const on_headers_1 = __importDefault(require("on-headers"));
-const authorization_internal_service_1 = require("./authorization-internal-service");
-const authorization_service_1 = require("./authorization-service");
-// getAuthorizationMiddleware is duplicated in testKit/index.ts
-// If you are making changes to this function, please make sure to update the other file as well
-function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
-    return function authorizationMiddleware(request, response, next) {
-        return __awaiter(this, void 0, void 0, function* () {
-            contextGetter || (contextGetter = defaultContextGetter);
-            const { userId, accountId } = contextGetter(request);
-            const resources = resourceGetter(request);
-            const { isAuthorized } = yield authorization_service_1.AuthorizationService.isAuthorized(accountId, userId, resources, action);
-            authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
-            if (!isAuthorized) {
-                response.status(403).json({ message: 'Access denied' });
-                return;
-            }
-            next();
-        });
-    };
-}
-function skipAuthorizationMiddleware(request, response, next) {
-    authorization_internal_service_1.AuthorizationInternalService.skipAuthorization(request);
-    next();
-}
-function authorizationCheckMiddleware(request, response, next) {
-    if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
-        (0, on_headers_1.default)(response, function () {
-            if (response.statusCode < 400) {
-                authorization_internal_service_1.AuthorizationInternalService.failIfNotCoveredByAuthorization(request);
-            }
-        });
-    }
-    next();
-}
-function defaultContextGetter(request) {
-    return request.payload;
-}
-//# sourceMappingURL=authorization-middleware.js.map

package/dist/lib/authorization-middleware.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"authorization-middleware.js","sourceRoot":"","sources":["../../lib/authorization-middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAQA,gEAqBC;AAED,kEAGC;AAED,oEASC;AAED,oDAEC;AAhDD,4DAAmC;AACnC,qFAAgF;AAChF,mEAA+D;AAG/D,+DAA+D;AAC/D,gGAAgG;AAChG,SAAgB,0BAA0B,CACxC,MAAc,EACd,cAA8B,EAC9B,aAA6B;IAE7B,OAAO,SAAe,uBAAuB,CAC3C,OAAoB,EACpB,QAAsB,EACtB,IAAkB;;YAElB,aAAa,KAAb,aAAa,GAAK,oBAAoB,EAAC;YACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,4CAAoB,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YACvG,6DAA4B,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;gBACxD,OAAO;YACT,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC;KAAA,CAAC;AACJ,CAAC;AAED,SAAgB,2BAA2B,CAAC,OAAoB,EAAE,QAAsB,EAAE,IAAkB;IAC1G,6DAA4B,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,EAAE,CAAC;AACT,CAAC;AAED,SAAgB,4BAA4B,CAAC,OAAoB,EAAE,QAAsB,EAAE,IAAkB;IAC3G,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC9E,IAAA,oBAAS,EAAC,QAAQ,EAAE;YAClB,IAAI,QAAQ,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC;gBAC9B,6DAA4B,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC;YACxE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IACD,IAAI,EAAE,CAAC;AACT,CAAC;AAED,SAAgB,oBAAoB,CAAC,OAAoB;IACvD,OAAO,OAAO,CAAC,OAAO,CAAC;AACzB,CAAC"}

package/dist/lib/authorization-service.d.ts DELETED Viewed

@@ -1,29 +0,0 @@
-import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
-import { Action, AuthorizationObject, Resource } from './types/general';
-import { ScopedAction, ScopedActionPermit, ScopedActionResponseObject, ScopeOptions } from './types/scoped-actions-contracts';
-export interface AuthorizeResponse {
-    isAuthorized: boolean;
-    unauthorizedIds?: number[];
-    unauthorizedObjects?: AuthorizationObject[];
-}
-export declare function setRequestFetchOptions(customMondayFetchOptions: MondayFetchOptions): void;
-export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
-export declare class AuthorizationService {
-    static redisClient?: any;
-    static grantedFeatureRedisExpirationInSeconds?: number;
-    /**
-     * @deprecated use the second form with authorizationRequestObjects instead,
-     * support of this function will be dropped gradually
-     */
-    static isAuthorized(accountId: number, userId: number, resources: Resource[], action: Action): Promise<AuthorizeResponse>;
-    static isAuthorized(accountId: number, userId: number, authorizationRequestObjects: AuthorizationObject[]): Promise<AuthorizeResponse>;
-    static isUserGrantedWithFeature(accountId: number, userId: number, featureName: string, options?: {
-        shouldSkipCache?: boolean;
-    }): Promise<boolean>;
-    private static fetchIsUserGrantedWithFeature;
-    private static getCachedKeyName;
-    static canActionInScope(accountId: number, userId: number, action: string, scope: ScopeOptions): Promise<ScopedActionPermit>;
-    static canActionInScopeMultiple(accountId: number, userId: number, scopedActions: ScopedAction[]): Promise<ScopedActionResponseObject[]>;
-    private static isAuthorizedSingular;
-    private static isAuthorizedMultiple;
-}

package/dist/lib/authorization-service.js DELETED Viewed

@@ -1,186 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AuthorizationService = void 0;
-exports.setRequestFetchOptions = setRequestFetchOptions;
-exports.setRedisClient = setRedisClient;
-const lodash_1 = require("lodash");
-const perf_hooks_1 = require("perf_hooks");
-const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
-const prometheus_service_1 = require("./prometheus-service");
-const authorization_internal_service_1 = require("./authorization-internal-service");
-const attributions_service_1 = require("./attributions-service");
-const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
-function setRequestFetchOptions(customMondayFetchOptions) {
-    authorization_internal_service_1.AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
-}
-function setRedisClient(client, grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS) {
-    AuthorizationService.redisClient = client;
-    if (grantedFeatureRedisExpirationInSeconds && grantedFeatureRedisExpirationInSeconds > 0) {
-        AuthorizationService.grantedFeatureRedisExpirationInSeconds = grantedFeatureRedisExpirationInSeconds;
-    }
-    else {
-        authorization_internal_service_1.logger.warn({ grantedFeatureRedisExpirationInSeconds }, 'Invalid input for grantedFeatureRedisExpirationInSeconds, must be positive number. using default ttl.');
-        AuthorizationService.grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS;
-    }
-}
-class AuthorizationService {
-    static isAuthorized(...args) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (args.length === 3) {
-                return this.isAuthorizedMultiple(args[0], args[1], args[2]);
-            }
-            else if (args.length == 4) {
-                return this.isAuthorizedSingular(args[0], args[1], args[2], args[3]);
-            }
-            else {
-                throw new Error('isAuthorized accepts either 3 or 4 arguments');
-            }
-        });
-    }
-    static isUserGrantedWithFeature(accountId_1, userId_1, featureName_1) {
-        return __awaiter(this, arguments, void 0, function* (accountId, userId, featureName, options = {}) {
-            var _a;
-            let cachedKey = this.getCachedKeyName(userId, featureName);
-            const shouldSkipCache = (_a = options.shouldSkipCache) !== null && _a !== void 0 ? _a : false;
-            if (this.redisClient && !shouldSkipCache) {
-                let grantedFeatureValue = yield this.redisClient.get(cachedKey);
-                if (!(grantedFeatureValue === undefined || grantedFeatureValue === null)) {
-                    // redis returns the value as string
-                    return grantedFeatureValue === 'true';
-                }
-            }
-            let grantedFeatureValue = yield this.fetchIsUserGrantedWithFeature(featureName, accountId, userId);
-            if (this.redisClient) {
-                yield this.redisClient.set(cachedKey, grantedFeatureValue, 'EX', this.grantedFeatureRedisExpirationInSeconds);
-            }
-            return grantedFeatureValue;
-        });
-    }
-    static fetchIsUserGrantedWithFeature(featureName, accountId, userId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let authorizationObject = {
-                action: featureName,
-                resource_type: 'feature',
-            };
-            let authorizeResponsePromise = yield this.isAuthorized(accountId, userId, [authorizationObject]);
-            return authorizeResponsePromise.isAuthorized;
-        });
-    }
-    static getCachedKeyName(userId, featureName) {
-        return `granted-feature-${featureName}-${userId}`;
-    }
-    static canActionInScope(accountId, userId, action, scope) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const scopedActions = [{ action, scope }];
-            const scopedActionResponseObjects = yield this.canActionInScopeMultiple(accountId, userId, scopedActions);
-            return scopedActionResponseObjects[0].permit;
-        });
-    }
-    static canActionInScopeMultiple(accountId, userId, scopedActions) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
-            const scopedActionsPayload = scopedActions.map(scopedAction => {
-                return Object.assign(Object.assign({}, scopedAction), { scope: (0, lodash_1.mapKeys)(scopedAction.scope, (_, key) => (0, lodash_1.snakeCase)(key)) }); // for example: { workspaceId: 1 } => { workspace_id: 1 }
-            });
-            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
-            const response = yield (0, monday_fetch_1.fetch)(getCanActionsInScopesUrl(), {
-                method: 'POST',
-                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
-                timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
-                body: JSON.stringify({
-                    user_id: userId,
-                    scoped_actions: scopedActionsPayload,
-                }),
-            }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
-            authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
-            const responseBody = yield response.json();
-            const camelCaseKeys = obj => Object.fromEntries(Object.entries(obj).map(([key, value]) => [(0, lodash_1.camelCase)(key), value]));
-            const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
-                const { scopedAction, permit } = responseObject;
-                const { scope } = scopedAction;
-                const transformKeys = obj => camelCaseKeys(obj);
-                return Object.assign(Object.assign({}, responseObject), { scopedAction: Object.assign(Object.assign({}, scopedAction), { scope: transformKeys(scope) }), permit: transformKeys(permit) });
-            });
-            return scopedActionsResponseObjects;
-        });
-    }
-    static isAuthorizedSingular(accountId, userId, resources, action) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const { authorizationObjects } = createAuthorizationParams(resources, action);
-            return this.isAuthorizedMultiple(accountId, userId, authorizationObjects);
-        });
-    }
-    static isAuthorizedMultiple(accountId, userId, authorizationRequestObjects) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
-            const startTime = perf_hooks_1.performance.now();
-            const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
-            const response = yield (0, monday_fetch_1.fetch)(getAuthorizeUrl(), {
-                method: 'POST',
-                headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
-                timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
-                body: JSON.stringify({
-                    user_id: userId,
-                    authorize_request_objects: authorizationRequestObjects,
-                }),
-            }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
-            const endTime = perf_hooks_1.performance.now();
-            const time = endTime - startTime;
-            const responseStatus = response.status;
-            (0, prometheus_service_1.sendAuthorizationChecksPerRequestMetric)(responseStatus, authorizationRequestObjects.length);
-            authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'isAuthorizedMultiple');
-            const responseBody = yield response.json();
-            const unauthorizedObjects = [];
-            responseBody.result.forEach(function (isAuthorized, index) {
-                const authorizationObject = authorizationRequestObjects[index];
-                if (!isAuthorized) {
-                    unauthorizedObjects.push(authorizationObject);
-                }
-                (0, prometheus_service_1.sendAuthorizationCheckResponseTimeMetric)(authorizationObject.resource_type, authorizationObject.action, isAuthorized, responseStatus, time);
-            });
-            if (unauthorizedObjects.length > 0) {
-                authorization_internal_service_1.logger.info({
-                    resources: JSON.stringify(unauthorizedObjects),
-                }, 'AuthorizationService: resource is unauthorized');
-                const unauthorizedIds = unauthorizedObjects
-                    .filter(obj => !!obj.resource_id)
-                    .map(obj => obj.resource_id);
-                return { isAuthorized: false, unauthorizedIds, unauthorizedObjects };
-            }
-            return { isAuthorized: true };
-        });
-    }
-}
-exports.AuthorizationService = AuthorizationService;
-function createAuthorizationParams(resources, action) {
-    const params = {
-        authorizationObjects: resources.map((resource) => {
-            const authorizationObject = {
-                resource_id: resource.id,
-                resource_type: resource.type,
-                action,
-            };
-            if (resource.wrapperData) {
-                authorizationObject.wrapper_data = resource.wrapperData;
-            }
-            return authorizationObject;
-        }),
-    };
-    return params;
-}
-function getAuthorizeUrl() {
-    return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
-}
-function getCanActionsInScopesUrl() {
-    return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/can_actions_in_scopes`;
-}
-//# sourceMappingURL=authorization-service.js.map

package/dist/lib/authorization-service.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"authorization-service.js","sourceRoot":"","sources":["../../lib/authorization-service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyBA,wDAEC;AAED,wCAcC;AA3CD,mCAAuD;AACvD,2CAAyC;AACzC,gEAA0E;AAE1E,6DAG8B;AAO9B,qFAAwF;AACxF,iEAAgE;AAEhE,MAAM,wCAAwC,GAAG,CAAC,GAAG,EAAE,CAAC;AAQxD,SAAgB,sBAAsB,CAAC,wBAA4C;IACjF,6DAA4B,CAAC,sBAAsB,CAAC,wBAAwB,CAAC,CAAC;AAChF,CAAC;AAED,SAAgB,cAAc,CAC5B,MAAM,EACN,yCAAiD,wCAAwC;IAEzF,oBAAoB,CAAC,WAAW,GAAG,MAAM,CAAC;IAC1C,IAAI,sCAAsC,IAAI,sCAAsC,GAAG,CAAC,EAAE,CAAC;QACzF,oBAAoB,CAAC,sCAAsC,GAAG,sCAAsC,CAAC;IACvG,CAAC;SAAM,CAAC;QACN,uCAAM,CAAC,IAAI,CACT,EAAE,sCAAsC,EAAE,EAC1C,uGAAuG,CACxG,CAAC;QACF,oBAAoB,CAAC,sCAAsC,GAAG,wCAAwC,CAAC;IACzG,CAAC;AACH,CAAC;AAED,MAAa,oBAAoB;IAqB/B,MAAM,CAAO,YAAY,CAAC,GAAG,IAAW;;YACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBAC5B,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;KAAA;IAED,MAAM,CAAO,wBAAwB;6DACnC,SAAiB,EACjB,MAAc,EACd,WAAmB,EACnB,UAAyC,EAAE;;YAE3C,IAAI,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,MAAA,OAAO,CAAC,eAAe,mCAAI,KAAK,CAAC;YACzD,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,eAAe,EAAE,CAAC;gBACzC,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAChE,IAAI,CAAC,CAAC,mBAAmB,KAAK,SAAS,IAAI,mBAAmB,KAAK,IAAI,CAAC,EAAE,CAAC;oBACzE,oCAAoC;oBACpC,OAAO,mBAAmB,KAAK,MAAM,CAAC;gBACxC,CAAC;YACH,CAAC;YAED,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YACnG,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACrB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,mBAAmB,EAAE,IAAI,EAAE,IAAI,CAAC,sCAAsC,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,mBAAmB,CAAC;QAC7B,CAAC;KAAA;IAEO,MAAM,CAAO,6BAA6B,CAChD,WAAmB,EACnB,SAAiB,EACjB,MAAc;;YAEd,IAAI,mBAAmB,GAAwB;gBAC7C,MAAM,EAAE,WAAW;gBACnB,aAAa,EAAE,SAAS;aACzB,CAAC;YAEF,IAAI,wBAAwB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC,mBAAmB,CAAC,CAAC,CAAC;YACjG,OAAO,wBAAwB,CAAC,YAAY,CAAC;QAC/C,CAAC;KAAA;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAc,EAAE,WAAmB;QACjE,OAAO,mBAAmB,WAAW,IAAI,MAAM,EAAE,CAAC;IACpD,CAAC;IAED,MAAM,CAAO,gBAAgB,CAC3B,SAAiB,EACjB,MAAc,EACd,MAAc,EACd,KAAmB;;YAEnB,MAAM,aAAa,GAAG,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1C,MAAM,2BAA2B,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;YAC1G,OAAO,2BAA2B,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC/C,CAAC;KAAA;IAED,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,aAA6B;;YAE7B,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;gBAC5D,uCAAY,YAAY,KAAE,KAAK,EAAE,IAAA,gBAAO,EAAC,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAC,IAAG,CAAC,yDAAyD;YACvJ,CAAC,CAAC,CAAC;YACH,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,wBAAwB,EAAE,EAC1B;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM;oBACf,cAAc,EAAE,oBAAoB;iBACrC,CAAC;aACH,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,0BAA0B,CAAC,CAAC;YAE5F,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,aAAa,GAAG,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YAEpH,MAAM,4BAA4B,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE;gBAC5E,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,cAAc,CAAC;gBAChD,MAAM,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC;gBAC/B,MAAM,aAAa,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;gBAEhD,uCACK,cAAc,KACjB,YAAY,kCAAO,YAAY,KAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,KAC5D,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,IAC7B;YACJ,CAAC,CAAC,CAAC;YAEH,OAAO,4BAA4B,CAAC;QACtC,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CACvC,SAAiB,EACjB,MAAc,EACd,SAAqB,EACrB,MAAc;;YAEd,MAAM,EAAE,oBAAoB,EAAE,GAAG,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YAC9E,OAAO,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,oBAAoB,CAAC,CAAC;QAC5E,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CACvC,SAAiB,EACjB,MAAc,EACd,2BAAkD;;YAElD,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,SAAS,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YACpC,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,eAAe,EAAE,EACjB;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM;oBACf,yBAAyB,EAAE,2BAA2B;iBACvD,CAAC;aACH,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YACF,MAAM,OAAO,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,OAAO,GAAG,SAAS,CAAC;YAEjC,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC;YACvC,IAAA,4DAAuC,EAAC,cAAc,EAAE,2BAA2B,CAAC,MAAM,CAAC,CAAC;YAE5F,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;YAExF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,mBAAmB,GAA0B,EAAE,CAAC;YACtD,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,YAAqB,EAAE,KAAa;gBACxE,MAAM,mBAAmB,GAAG,2BAA2B,CAAC,KAAK,CAAC,CAAC;gBAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,mBAAmB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAChD,CAAC;gBAED,IAAA,6DAAwC,EACtC,mBAAmB,CAAC,aAAa,EACjC,mBAAmB,CAAC,MAAM,EAC1B,YAAY,EACZ,cAAc,EACd,IAAI,CACL,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACnC,uCAAM,CAAC,IAAI,CACT;oBACE,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC;iBAC/C,EACD,gDAAgD,CACjD,CAAC;gBACF,MAAM,eAAe,GAAG,mBAAmB;qBACxC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC;qBAChC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,CAAa,CAAC;gBAC3C,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,CAAC;YACvE,CAAC;YAED,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;QAChC,CAAC;KAAA;CACF;AA9MD,oDA8MC;AAED,SAAS,yBAAyB,CAAC,SAAqB,EAAE,MAAc;IACtE,MAAM,MAAM,GAAG;QACb,oBAAoB,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,QAAkB,EAAE,EAAE;YACzD,MAAM,mBAAmB,GAAwB;gBAC/C,WAAW,EAAE,QAAQ,CAAC,EAAE;gBACxB,aAAa,EAAE,QAAQ,CAAC,IAAI;gBAC5B,MAAM;aACP,CAAC;YACF,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACzB,mBAAmB,CAAC,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC;YAC1D,CAAC;YACD,OAAO,mBAAmB,CAAC;QAC7B,CAAC,CAAC;KACH,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,sCAAsC,CAAC;AAClF,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,kDAAkD,CAAC;AAC9F,CAAC"}

package/dist/lib/constants/sns.d.ts DELETED Viewed

@@ -1,3 +0,0 @@
-export declare const RESOURCE_ATTRIBUTES_SECRET_NAME = "AUTHORIZATION_RESOURCE_ATTRIBUTES_SNS_TOPIC";
-export declare const RESOURCE_ATTRIBUTES_SNS_MESSAGE_KIND = "resourceAttributeModification";
-export declare const ASYNC_MAX_OPERATIONS_PER_MESSAGE = 100;

package/dist/lib/constants/sns.js DELETED Viewed

@@ -1,7 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ASYNC_MAX_OPERATIONS_PER_MESSAGE = exports.RESOURCE_ATTRIBUTES_SNS_MESSAGE_KIND = exports.RESOURCE_ATTRIBUTES_SECRET_NAME = void 0;
-exports.RESOURCE_ATTRIBUTES_SECRET_NAME = 'AUTHORIZATION_RESOURCE_ATTRIBUTES_SNS_TOPIC';
-exports.RESOURCE_ATTRIBUTES_SNS_MESSAGE_KIND = 'resourceAttributeModification';
-exports.ASYNC_MAX_OPERATIONS_PER_MESSAGE = 100;
-//# sourceMappingURL=sns.js.map

package/dist/lib/constants/sns.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"sns.js","sourceRoot":"","sources":["../../../lib/constants/sns.ts"],"names":[],"mappings":";;;AAAa,QAAA,+BAA+B,GAAG,6CAA6C,CAAA;AAC/E,QAAA,oCAAoC,GAAG,+BAA+B,CAAC;AACvE,QAAA,gCAAgC,GAAG,GAAG,CAAC"}

package/dist/lib/prometheus-service.d.ts DELETED Viewed

@@ -1,10 +0,0 @@
-import { Action } from './types/general';
-export declare const METRICS: {
-    AUTHORIZATION_CHECK: string;
-    AUTHORIZATION_CHECKS_PER_REQUEST: string;
-    AUTHORIZATION_CHECK_RESPONSE_TIME: string;
-};
-export declare function setPrometheus(customPrometheus: any): void;
-export declare function getMetricsManager(): any;
-export declare function sendAuthorizationChecksPerRequestMetric(responseStatus: any, amountOfAuthorizationObjects: any): void;
-export declare function sendAuthorizationCheckResponseTimeMetric(resourceType: string, action: Action, isAuthorized: boolean, responseStatus: number, time: number): void;

package/dist/lib/prometheus-service.js DELETED Viewed

@@ -1,51 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.METRICS = void 0;
-exports.setPrometheus = setPrometheus;
-exports.getMetricsManager = getMetricsManager;
-exports.sendAuthorizationChecksPerRequestMetric = sendAuthorizationChecksPerRequestMetric;
-exports.sendAuthorizationCheckResponseTimeMetric = sendAuthorizationCheckResponseTimeMetric;
-let prometheus = null;
-let authorizationChecksPerRequestMetric = null;
-let authorizationCheckResponseTimeMetric = null;
-exports.METRICS = {
-    AUTHORIZATION_CHECK: 'authorization_check',
-    AUTHORIZATION_CHECKS_PER_REQUEST: 'authorization_checks_per_request',
-    AUTHORIZATION_CHECK_RESPONSE_TIME: 'authorization_check_response_time',
-};
-const authorizationChecksPerRequestMetricConfig = {
-    name: exports.METRICS.AUTHORIZATION_CHECKS_PER_REQUEST,
-    labels: ['responseStatus'],
-    description: 'Authorization checks per request summary',
-};
-const authorizationCheckResponseTimeMetricConfig = {
-    name: exports.METRICS.AUTHORIZATION_CHECK_RESPONSE_TIME,
-    labels: ['resourceType', 'action', 'isAuthorized', 'responseStatus'],
-    description: 'Authorization check response time summary',
-};
-function setPrometheus(customPrometheus) {
-    prometheus = customPrometheus;
-    const { METRICS_TYPES } = prometheus;
-    authorizationChecksPerRequestMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationChecksPerRequestMetricConfig.name, authorizationChecksPerRequestMetricConfig.labels, authorizationChecksPerRequestMetricConfig.description);
-    authorizationCheckResponseTimeMetric = getMetricsManager().addMetric(METRICS_TYPES.SUMMARY, authorizationCheckResponseTimeMetricConfig.name, authorizationCheckResponseTimeMetricConfig.labels, authorizationCheckResponseTimeMetricConfig.description);
-}
-function getMetricsManager() {
-    return prometheus === null || prometheus === void 0 ? void 0 : prometheus.metricsManager;
-}
-function sendAuthorizationChecksPerRequestMetric(responseStatus, amountOfAuthorizationObjects) {
-    try {
-        if (authorizationChecksPerRequestMetric) {
-            authorizationChecksPerRequestMetric.labels(responseStatus).observe(amountOfAuthorizationObjects);
-        }
-    }
-    catch (e) { }
-}
-function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthorized, responseStatus, time) {
-    try {
-        if (authorizationCheckResponseTimeMetric) {
-            authorizationCheckResponseTimeMetric.labels(resourceType, action, isAuthorized, responseStatus).observe(time);
-        }
-    }
-    catch (e) { }
-}
-//# sourceMappingURL=prometheus-service.js.map

package/dist/lib/prometheus-service.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"prometheus-service.js","sourceRoot":"","sources":["../../lib/prometheus-service.ts"],"names":[],"mappings":";;;AAwBA,sCAiBC;AAED,8CAEC;AAED,0FAMC;AAED,4FAYC;AAjED,IAAI,UAAU,GAAQ,IAAI,CAAC;AAC3B,IAAI,mCAAmC,GAAQ,IAAI,CAAC;AACpD,IAAI,oCAAoC,GAAQ,IAAI,CAAC;AAExC,QAAA,OAAO,GAAG;IACrB,mBAAmB,EAAE,qBAAqB;IAC1C,gCAAgC,EAAE,kCAAkC;IACpE,iCAAiC,EAAE,mCAAmC;CACvE,CAAC;AAEF,MAAM,yCAAyC,GAAG;IAChD,IAAI,EAAE,eAAO,CAAC,gCAAgC;IAC9C,MAAM,EAAE,CAAC,gBAAgB,CAAC;IAC1B,WAAW,EAAE,0CAA0C;CACxD,CAAC;AAEF,MAAM,0CAA0C,GAAG;IACjD,IAAI,EAAE,eAAO,CAAC,iCAAiC;IAC/C,MAAM,EAAE,CAAC,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,CAAC;IACpE,WAAW,EAAE,2CAA2C;CACzD,CAAC;AAEF,SAAgB,aAAa,CAAC,gBAAgB;IAC5C,UAAU,GAAG,gBAAgB,CAAC;IAC9B,MAAM,EAAE,aAAa,EAAE,GAAG,UAAU,CAAC;IAErC,mCAAmC,GAAG,iBAAiB,EAAE,CAAC,SAAS,CACjE,aAAa,CAAC,OAAO,EACrB,yCAAyC,CAAC,IAAI,EAC9C,yCAAyC,CAAC,MAAM,EAChD,yCAAyC,CAAC,WAAW,CACtD,CAAC;IAEF,oCAAoC,GAAG,iBAAiB,EAAE,CAAC,SAAS,CAClE,aAAa,CAAC,OAAO,EACrB,0CAA0C,CAAC,IAAI,EAC/C,0CAA0C,CAAC,MAAM,EACjD,0CAA0C,CAAC,WAAW,CACvD,CAAC;AACJ,CAAC;AAED,SAAgB,iBAAiB;IAC/B,OAAO,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,cAAc,CAAC;AACpC,CAAC;AAED,SAAgB,uCAAuC,CAAC,cAAc,EAAE,4BAA4B;IAClG,IAAI,CAAC;QACH,IAAI,mCAAmC,EAAE,CAAC;YACxC,mCAAmC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;QACnG,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;AAChB,CAAC;AAED,SAAgB,wCAAwC,CACtD,YAAoB,EACpB,MAAc,EACd,YAAqB,EACrB,cAAsB,EACtB,IAAY;IAEZ,IAAI,CAAC;QACH,IAAI,oCAAoC,EAAE,CAAC;YACzC,oCAAoC,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAChH,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;AAChB,CAAC"}

package/dist/lib/testKit/index.d.ts DELETED Viewed

@@ -1,11 +0,0 @@
-import { NextFunction } from "express";
-import { Action, BaseRequest, BaseResponse, ContextGetter, Resource, ResourceGetter } from "../types/general";
-export type TestPermittedAction = {
-    accountId: number;
-    userId: number;
-    resources: Resource[];
-    action: Action;
-};
-export declare const addTestPermittedAction: (accountId: number, userId: number, resources: Resource[], action: Action) => void;
-export declare const clearTestPermittedActions: () => void;
-export declare const getTestAuthorizationMiddleware: (action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter) => (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;

package/dist/lib/testKit/index.js DELETED Viewed

@@ -1,59 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getTestAuthorizationMiddleware = exports.clearTestPermittedActions = exports.addTestPermittedAction = void 0;
-const authorization_middleware_1 = require("../authorization-middleware");
-const authorization_internal_service_1 = require("../authorization-internal-service");
-let testPermittedActions = [];
-const addTestPermittedAction = (accountId, userId, resources, action) => {
-    testPermittedActions.push({ accountId, userId, resources, action });
-};
-exports.addTestPermittedAction = addTestPermittedAction;
-const clearTestPermittedActions = () => {
-    testPermittedActions = [];
-};
-exports.clearTestPermittedActions = clearTestPermittedActions;
-const isActionAuthorized = (accountId, userId, resources, action) => {
-    return {
-        isAuthorized: resources.every(resource => {
-            return testPermittedActions.some(combination => {
-                return combination.accountId === accountId &&
-                    combination.userId === userId &&
-                    combination.action === action &&
-                    combination.resources.some(combinationResource => {
-                        return resources.some(resource => {
-                            return combinationResource.id === resource.id &&
-                                combinationResource.type === resource.type &&
-                                JSON.stringify(combinationResource.wrapperData) === JSON.stringify(resource.wrapperData);
-                        });
-                    });
-            });
-        })
-    };
-};
-const getTestAuthorizationMiddleware = (action, resourceGetter, contextGetter) => {
-    return function authorizationMiddleware(request, response, next) {
-        return __awaiter(this, void 0, void 0, function* () {
-            contextGetter || (contextGetter = authorization_middleware_1.defaultContextGetter);
-            const { userId, accountId } = contextGetter(request);
-            const resources = resourceGetter(request);
-            const { isAuthorized } = isActionAuthorized(accountId, userId, resources, action);
-            authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
-            if (!isAuthorized) {
-                response.status(403).json({ message: 'Access denied' });
-                return;
-            }
-            next();
-        });
-    };
-};
-exports.getTestAuthorizationMiddleware = getTestAuthorizationMiddleware;
-//# sourceMappingURL=index.js.map

package/dist/lib/testKit/index.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../lib/testKit/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,0EAAiE;AACjE,sFAA+E;AAS/E,IAAI,oBAAoB,GAA0B,EAAE,CAAC;AAC9C,MAAM,sBAAsB,GAAG,CAAC,SAAiB,EAAE,MAAc,EAAE,SAAqB,EAAE,MAAc,EAAE,EAAE;IACjH,oBAAoB,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;AACtE,CAAC,CAAA;AAFY,QAAA,sBAAsB,0BAElC;AAEM,MAAM,yBAAyB,GAAG,GAAG,EAAE;IAC5C,oBAAoB,GAAG,EAAE,CAAC;AAC5B,CAAC,CAAA;AAFY,QAAA,yBAAyB,6BAErC;AAED,MAAM,kBAAkB,GAAG,CAAC,SAAiB,EACnB,MAAc,EACd,SAAqB,EACrB,MAAc,EAAE,EAAE;IAC1C,OAAO;QACL,YAAY,EAAE,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE;YACvC,OAAO,oBAAoB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE;gBAC7C,OAAO,WAAW,CAAC,SAAS,KAAK,SAAS;oBACxC,WAAW,CAAC,MAAM,KAAK,MAAM;oBAC7B,WAAW,CAAC,MAAM,KAAK,MAAM;oBAC7B,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE;wBAC/C,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;4BAC/B,OAAO,mBAAmB,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE;gCAC3C,mBAAmB,CAAC,IAAI,KAAK,QAAQ,CAAC,IAAI;gCAC1C,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;wBAC7F,CAAC,CAAC,CAAC;oBACL,CAAC,CAAC,CAAC;YACP,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;KACH,CAAA;AACH,CAAC,CAAA;AAEM,MAAM,8BAA8B,GAAG,CAAC,MAAc,EACd,cAA8B,EAC9B,aAA6B,EAAE,EAAE;IAE9E,OAAO,SAAe,uBAAuB,CAC3C,OAAoB,EACpB,QAAsB,EACtB,IAAkB;;YAGlB,aAAa,KAAb,aAAa,GAAK,+CAAoB,EAAC;YACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YAClF,6DAA4B,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;gBACxD,OAAO;YACT,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC;KAAA,CAAC;AACJ,CAAC,CAAC;AArBW,QAAA,8BAA8B,kCAqBzC"}

package/dist/lib/types/authorization-attributes-contracts.d.ts DELETED Viewed

@@ -1,27 +0,0 @@
-import { Resource } from './general';
-export interface ResourceAttributeAssignment {
-    resourceType: Resource['type'];
-    resourceId: Resource['id'];
-    key: string;
-    value: string;
-}
-export interface ResourceAttributeResponse {
-    attributes: ResourceAttributeAssignment[];
-}
-export interface ResourceAttributeDelete {
-    resourceType: Resource['type'];
-    resourceId: Resource['id'];
-    key: string;
-}
-export declare enum ResourceAttributeOperationEnum {
-    UPSERT = "upsert",
-    DELETE = "delete"
-}
-interface UpsertResourceAttributeOperation extends ResourceAttributeAssignment {
-    operationType: ResourceAttributeOperationEnum.UPSERT;
-}
-interface DeleteResourceAttributeOperation extends ResourceAttributeDelete {
-    operationType: ResourceAttributeOperationEnum.DELETE;
-}
-export type ResourceAttributesOperation = UpsertResourceAttributeOperation | DeleteResourceAttributeOperation;
-export {};

package/dist/lib/types/authorization-attributes-contracts.js DELETED Viewed

@@ -1,9 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ResourceAttributeOperationEnum = void 0;
-var ResourceAttributeOperationEnum;
-(function (ResourceAttributeOperationEnum) {
-    ResourceAttributeOperationEnum["UPSERT"] = "upsert";
-    ResourceAttributeOperationEnum["DELETE"] = "delete";
-})(ResourceAttributeOperationEnum || (exports.ResourceAttributeOperationEnum = ResourceAttributeOperationEnum = {}));
-//# sourceMappingURL=authorization-attributes-contracts.js.map

package/dist/lib/types/authorization-attributes-contracts.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"authorization-attributes-contracts.js","sourceRoot":"","sources":["../../../lib/types/authorization-attributes-contracts.ts"],"names":[],"mappings":";;;AAoBA,IAAY,8BAGX;AAHD,WAAY,8BAA8B;IACxC,mDAAiB,CAAA;IACjB,mDAAiB,CAAA;AACnB,CAAC,EAHW,8BAA8B,8CAA9B,8BAA8B,QAGzC"}

package/dist/lib/types/express.d.ts DELETED Viewed

@@ -1,10 +0,0 @@
-declare namespace Express {
-    interface Request {
-        payload: {
-            accountId: number;
-            userId: number;
-        };
-        authorizationCheckPerformed: boolean;
-        authorizationSkipPerformed: boolean;
-    }
-}

package/dist/lib/types/express.js DELETED Viewed

	@@ -1,2 +0,0 @@
1	- "use strict";
2	- //# sourceMappingURL=express.js.map

package/dist/lib/types/express.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"express.js","sourceRoot":"","sources":["../../../lib/types/express.ts"],"names":[],"mappings":""}

package/dist/lib/types/general.d.ts DELETED Viewed

@@ -1,30 +0,0 @@
-import { Request, Response } from 'express';
-export interface Resource {
-    id?: number;
-    type: string;
-    wrapperData?: object;
-}
-export type Action = string;
-export type ResourceGetter = (request: BaseRequest) => Resource[];
-export interface Context {
-    accountId: number;
-    userId: number;
-}
-export type ContextGetter = (request: BaseRequest) => Context;
-export interface AuthorizationObject {
-    resource_id?: Resource['id'];
-    resource_type: Resource['type'];
-    wrapper_data?: Resource['wrapperData'];
-    action: Action;
-}
-export interface AuthorizationParams {
-    authorizationObjects: AuthorizationObject[];
-}
-type BasicObject = {};
-export type BaseParameters = BasicObject;
-export type BaseResponseBody = BasicObject;
-export type BaseBodyParameters = BasicObject;
-export type BaseQueryParameters = BasicObject;
-export type BaseRequest = Request<BaseParameters, BaseResponseBody, BaseBodyParameters, BaseQueryParameters>;
-export type BaseResponse = Response<BaseResponseBody>;
-export {};

package/dist/lib/types/general.js DELETED Viewed

@@ -1,3 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=general.js.map

package/dist/lib/types/general.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"general.js","sourceRoot":"","sources":["../../../lib/types/general.ts"],"names":[],"mappings":""}

package/dist/lib/types/scoped-actions-contracts.d.ts DELETED Viewed

@@ -1,38 +0,0 @@
-export interface WorkspaceScope {
-    workspaceId: number;
-}
-export interface BoardScope {
-    boardId: number;
-}
-export interface PulseScope {
-    pulseId: number;
-}
-export interface AccountProductScope {
-    accountProductId: number;
-}
-export interface AccountScope {
-    accountId: number;
-}
-export type ScopeOptions = WorkspaceScope | BoardScope | PulseScope | AccountProductScope | AccountScope;
-export interface Translation {
-    key: string;
-    [option: string]: string;
-}
-export declare enum PermitTechnicalReason {
-    NO_REASON = 0,
-    NOT_ELIGIBLE = 1,
-    BY_ROLE_IN_SCOPE = 2
-}
-export interface ScopedActionPermit {
-    can: boolean;
-    reason: Translation;
-    technicalReason: PermitTechnicalReason;
-}
-export interface ScopedAction {
-    action: string;
-    scope: ScopeOptions;
-}
-export interface ScopedActionResponseObject {
-    scopedAction: ScopedAction;
-    permit: ScopedActionPermit;
-}

package/dist/lib/types/scoped-actions-contracts.js DELETED Viewed

@@ -1,10 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PermitTechnicalReason = void 0;
-var PermitTechnicalReason;
-(function (PermitTechnicalReason) {
-    PermitTechnicalReason[PermitTechnicalReason["NO_REASON"] = 0] = "NO_REASON";
-    PermitTechnicalReason[PermitTechnicalReason["NOT_ELIGIBLE"] = 1] = "NOT_ELIGIBLE";
-    PermitTechnicalReason[PermitTechnicalReason["BY_ROLE_IN_SCOPE"] = 2] = "BY_ROLE_IN_SCOPE";
-})(PermitTechnicalReason || (exports.PermitTechnicalReason = PermitTechnicalReason = {}));
-//# sourceMappingURL=scoped-actions-contracts.js.map

package/dist/lib/types/scoped-actions-contracts.js.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"scoped-actions-contracts.js","sourceRoot":"","sources":["../../../lib/types/scoped-actions-contracts.ts"],"names":[],"mappings":";;;AA2BA,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,2EAAa,CAAA;IACb,iFAAgB,CAAA;IAChB,yFAAoB,CAAA;AACtB,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC"}

package/dist/tsconfig.tsbuildinfo DELETED Viewed

@@ -1 +0,0 @@

- {"root":["../index.ts","../lib/attributions-service.ts","../lib/authorization-attributes-service.ts","../lib/authorization-internal-service.ts","../lib/authorization-middleware.ts","../lib/authorization-service.ts","../lib/prometheus-service.ts","../lib/constants/sns.ts","../lib/testKit/index.ts","../lib/types/authorization-attributes-contracts.ts","../lib/types/express.ts","../lib/types/general.ts","../lib/types/scoped-actions-contracts.ts"],"version":"5.6.3"}