@mondaydotcomorg/monday-authorization 1.2.10 → 1.2.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (77) hide show
  1. package/README.md +25 -0
  2. package/dist/{lib/attributions-service.js → attributions-service.js} +11 -10
  3. package/dist/authorization-attributes-service.js +144 -0
  4. package/dist/{lib/authorization-internal-service.d.ts → authorization-internal-service.d.ts} +1 -1
  5. package/dist/authorization-internal-service.js +80 -0
  6. package/dist/{lib/authorization-middleware.d.ts → authorization-middleware.d.ts} +1 -1
  7. package/dist/authorization-middleware.js +48 -0
  8. package/dist/authorization-service.js +176 -0
  9. package/dist/constants/sns.js +9 -0
  10. package/dist/esm/attributions-service.d.ts +3 -0
  11. package/dist/esm/attributions-service.mjs +53 -0
  12. package/dist/esm/authorization-attributes-service.d.ts +44 -0
  13. package/dist/esm/authorization-attributes-service.mjs +138 -0
  14. package/dist/esm/authorization-internal-service.d.ts +13 -0
  15. package/dist/esm/authorization-internal-service.mjs +57 -0
  16. package/dist/esm/authorization-middleware.d.ts +6 -0
  17. package/dist/esm/authorization-middleware.mjs +39 -0
  18. package/dist/esm/authorization-service.d.ts +29 -0
  19. package/dist/esm/authorization-service.mjs +172 -0
  20. package/dist/esm/constants/sns.d.ts +3 -0
  21. package/dist/esm/constants/sns.mjs +5 -0
  22. package/dist/esm/index.d.ts +13 -0
  23. package/dist/esm/index.mjs +21 -0
  24. package/dist/esm/prometheus-service.mjs +49 -0
  25. package/dist/{lib → esm}/testKit/index.d.ts +2 -2
  26. package/dist/esm/testKit/index.mjs +44 -0
  27. package/dist/esm/types/authorization-attributes-contracts.mjs +7 -0
  28. package/dist/esm/types/express.mjs +1 -0
  29. package/dist/{lib → esm}/types/general.d.ts +6 -4
  30. package/dist/esm/types/general.mjs +1 -0
  31. package/dist/esm/types/scoped-actions-contracts.mjs +8 -0
  32. package/dist/index.d.ts +4 -4
  33. package/dist/index.js +19 -43
  34. package/dist/prometheus-service.d.ts +10 -0
  35. package/dist/{lib/prometheus-service.js → prometheus-service.js} +18 -14
  36. package/dist/testKit/index.d.ts +11 -0
  37. package/dist/testKit/index.js +48 -0
  38. package/dist/types/authorization-attributes-contracts.d.ts +27 -0
  39. package/dist/types/authorization-attributes-contracts.js +7 -0
  40. package/dist/types/express.d.ts +10 -0
  41. package/dist/types/express.js +1 -0
  42. package/dist/types/general.d.ts +32 -0
  43. package/dist/types/general.js +1 -0
  44. package/dist/types/scoped-actions-contracts.d.ts +38 -0
  45. package/dist/{lib/types → types}/scoped-actions-contracts.js +3 -5
  46. package/package.json +25 -28
  47. package/dist/index.js.map +0 -1
  48. package/dist/lib/attributions-service.js.map +0 -1
  49. package/dist/lib/authorization-attributes-service.js +0 -155
  50. package/dist/lib/authorization-attributes-service.js.map +0 -1
  51. package/dist/lib/authorization-internal-service.js +0 -79
  52. package/dist/lib/authorization-internal-service.js.map +0 -1
  53. package/dist/lib/authorization-middleware.js +0 -57
  54. package/dist/lib/authorization-middleware.js.map +0 -1
  55. package/dist/lib/authorization-service.js +0 -186
  56. package/dist/lib/authorization-service.js.map +0 -1
  57. package/dist/lib/constants/sns.js +0 -7
  58. package/dist/lib/constants/sns.js.map +0 -1
  59. package/dist/lib/prometheus-service.js.map +0 -1
  60. package/dist/lib/testKit/index.js +0 -59
  61. package/dist/lib/testKit/index.js.map +0 -1
  62. package/dist/lib/types/authorization-attributes-contracts.js +0 -9
  63. package/dist/lib/types/authorization-attributes-contracts.js.map +0 -1
  64. package/dist/lib/types/express.js +0 -2
  65. package/dist/lib/types/express.js.map +0 -1
  66. package/dist/lib/types/general.js +0 -3
  67. package/dist/lib/types/general.js.map +0 -1
  68. package/dist/lib/types/scoped-actions-contracts.js.map +0 -1
  69. package/dist/tsconfig.tsbuildinfo +0 -1
  70. package/dist/{lib/attributions-service.d.ts → attributions-service.d.ts} +0 -0
  71. package/dist/{lib/authorization-attributes-service.d.ts → authorization-attributes-service.d.ts} +0 -0
  72. package/dist/{lib/authorization-service.d.ts → authorization-service.d.ts} +1 -1
  73. /package/dist/{lib/constants → constants}/sns.d.ts +0 -0
  74. /package/dist/{lib → esm}/prometheus-service.d.ts +0 -0
  75. /package/dist/{lib → esm}/types/authorization-attributes-contracts.d.ts +0 -0
  76. /package/dist/{lib → esm}/types/express.d.ts +0 -0
  77. /package/dist/{lib → esm}/types/scoped-actions-contracts.d.ts +0 -0
package/dist/lib/authorization-attributes-service.js DELETED
@@ -1,155 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- var __importDefault = (this && this.__importDefault) || function (mod) {
12
- return (mod && mod.__esModule) ? mod : { "default": mod };
13
- };
14
- Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.AuthorizationAttributesService = void 0;
16
- const chunk_1 = __importDefault(require("lodash/chunk"));
17
- const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
18
- const authorization_internal_service_1 = require("./authorization-internal-service");
19
- const attributions_service_1 = require("./attributions-service");
20
- const trident_backend_api_1 = require("@mondaydotcomorg/trident-backend-api");
21
- const monday_sns_1 = require("@mondaydotcomorg/monday-sns");
22
- const sns_1 = require("./constants/sns");
23
- class AuthorizationAttributesService {
24
- /**
25
- * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
26
- * @param accountId
27
- * @param userId
28
- * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
29
- * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
30
- * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
31
- */
32
- static upsertResourceAttributes(accountId, userId, resourceAttributeAssignments) {
33
- return __awaiter(this, void 0, void 0, function* () {
34
- const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
35
- const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
36
- const response = yield (0, monday_fetch_1.fetch)(this.getResourceAttributesUrl(accountId), {
37
- method: 'POST',
38
- headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
39
- timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
40
- body: JSON.stringify({ resourceAttributeAssignments }),
41
- }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
42
- const responseBody = yield response.json();
43
- authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'upsertResourceAttributesSync');
44
- return { attributes: responseBody['attributes'] };
45
- });
46
- }
47
- /**
48
- * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
49
- * @param accountId
50
- * @param userId
51
- * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
52
- * @param attributeKeys - Array of attribute keys to delete for the resource.
53
- * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
54
- */
55
- static deleteResourceAttributes(accountId, userId, resource, attributeKeys) {
56
- return __awaiter(this, void 0, void 0, function* () {
57
- const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
58
- const url = `${this.getResourceAttributesUrl(accountId)}/${resource.type}/${resource.id}`;
59
- const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
60
- const response = yield (0, monday_fetch_1.fetch)(url, {
61
- method: 'DELETE',
62
- headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
63
- timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
64
- body: JSON.stringify({ keys: attributeKeys }),
65
- }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
66
- const responseBody = yield response.json();
67
- authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'deleteResourceAttributesSync');
68
- return { attributes: responseBody['attributes'] };
69
- });
70
- }
71
- /**
72
- * Async function, this function only send the updates request to SNS and return before the change actually took place
73
- * @param accountId
74
- * @param appName - App name of the calling app
75
- * @param callerActionIdentifier - action identifier
76
- * @param resourceAttributeOperations - Array of operations to do on resource attributes.
77
- * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
78
- * */
79
- static updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
80
- return __awaiter(this, void 0, void 0, function* () {
81
- const topicArn = this.getSnsTopicArn();
82
- const sendToSnsPromises = [];
83
- const operationChucks = (0, chunk_1.default)(resourceAttributeOperations, sns_1.ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
84
- for (const operationsChunk of operationChucks) {
85
- sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk));
86
- }
87
- return (yield Promise.all(sendToSnsPromises)).flat();
88
- });
89
- }
90
- static sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
91
- return __awaiter(this, void 0, void 0, function* () {
92
- const payload = {
93
- kind: sns_1.RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
94
- payload: {
95
- accountId: accountId,
96
- callerAppName: appName,
97
- callerActionIdentifier: callerActionIdentifier,
98
- operations: operations,
99
- }
100
- };
101
- try {
102
- yield (0, monday_sns_1.sendToSns)(payload, topicArn);
103
- return operations;
104
- }
105
- catch (error) {
106
- authorization_internal_service_1.logger.error({ error, tag: this.LOG_TAG }, "Authorization resource attributes async update: failed to send operations to SNS");
107
- return [];
108
- }
109
- });
110
- }
111
- static getSnsTopicArn() {
112
- var _a;
113
- const arnFromApi = (_a = trident_backend_api_1.Api.getPart('configurationVariables')) === null || _a === void 0 ? void 0 : _a.get(sns_1.RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME).arn;
114
- if (arnFromApi) {
115
- return arnFromApi;
116
- }
117
- const jsonArnFromEnv = process.env[sns_1.RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME];
118
- const arnFromEnv = JSON.parse(jsonArnFromEnv).arn;
119
- if (arnFromEnv) {
120
- return arnFromEnv;
121
- }
122
- throw new Error('Unable to get sns topic arn from env variable');
123
- }
124
- static getResourceAttributesUrl(accountId) {
125
- return `${process.env.AUTHORIZATION_URL}/attributes/${accountId}/resource`;
126
- }
127
- /**
128
- * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
129
- * This function can be used as health check for services that updating resource attributes in async is crucial.
130
- * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
131
- * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
132
- * However, this is the best we can do without actually push dummy messages to the SNS.
133
- * @return {Promise<boolean>} - true if succeeded
134
- */
135
- static asyncResourceAttributesHealthCheck() {
136
- return __awaiter(this, void 0, void 0, function* () {
137
- try {
138
- const requestedTopicArn = this.getSnsTopicArn();
139
- const attributes = yield (0, monday_sns_1.getTopicAttributes)(requestedTopicArn);
140
- const isHealthy = !(!attributes || !("TopicArn" in attributes) || attributes.TopicArn !== requestedTopicArn);
141
- if (!isHealthy) {
142
- authorization_internal_service_1.logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: this.LOG_TAG }, "authorization-attributes-service failed in health check");
143
- }
144
- return isHealthy;
145
- }
146
- catch (error) {
147
- authorization_internal_service_1.logger.error({ error, tag: this.LOG_TAG }, "authorization-attributes-service got error during health check");
148
- return false;
149
- }
150
- });
151
- }
152
- }
153
- exports.AuthorizationAttributesService = AuthorizationAttributesService;
154
- AuthorizationAttributesService.LOG_TAG = "authorization_attributes";
155
- //# sourceMappingURL=authorization-attributes-service.js.map
package/dist/lib/authorization-attributes-service.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization-attributes-service.js","sourceRoot":"","sources":["../../lib/authorization-attributes-service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,yDAAiC;AAOjC,gEAAsD;AACtD,qFAAwF;AACxF,iEAAgE;AAChE,8EAA2D;AAC3D,4DAA4E;AAE5E,yCAIyB;AAEzB,MAAa,8BAA8B;IAEzC;;;;;;;OAOG;IACH,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,4BAA2D;;YAE3D,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,EACxC;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,4BAA4B,EAAE,CAAC;aACvD,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,8BAA8B,CAAC,CAAC;YAEhG,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACpD,CAAC;KAAA;IAED;;;;;;;OAOG;IACH,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,QAAkB,EAClB,aAAuB;;YAEvB,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAC1F,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,GAAG,EACH;gBACE,MAAM,EAAE,QAAQ;gBAChB,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;aAC9C,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,8BAA8B,CAAC,CAAC;YAEhG,OAAO,EAAE,UAAU,EAAE,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACpD,CAAC;KAAA;IAED;;;;;;;UAOM;IACN,MAAM,CAAO,6BAA6B,CAAC,SAAiB,EAAE,OAAe,EAAE,sBAA8B,EAClE,2BAA0D;;YACnG,MAAM,QAAQ,GAAW,IAAI,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,iBAAiB,GAA6C,EAAE,CAAC;YACvE,MAAM,eAAe,GAAG,IAAA,eAAK,EAAC,2BAA2B,EAAE,0DAAoD,CAAC,CAAC;YACjH,KAAK,MAAM,eAAe,IAAI,eAAe,EAAE,CAAC;gBAC9C,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,sBAAsB,EAAE,eAAe,CAAC,CAAC,CAAC;YAC3H,CAAC;YACD,OAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACtD,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CAAC,QAAgB,EAAE,SAAiB,EAAE,OAAe,EAAE,sBAA8B,EAAE,UAAyC;;YAEvK,MAAM,OAAO,GAAG;gBACd,IAAI,EAAE,2DAAqD;gBAC3D,OAAO,EAAE;oBACP,SAAS,EAAE,SAAS;oBACpB,aAAa,EAAE,OAAO;oBACtB,sBAAsB,EAAE,sBAAsB;oBAC9C,UAAU,EAAE,UAAU;iBACvB;aACF,CAAA;YACD,IAAI,CAAC;gBACH,MAAM,IAAA,sBAAS,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;gBACnC,OAAO,UAAU,CAAC;YACpB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,uCAAM,CAAC,KAAK,CAAC,EAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,EAAC,EAAE,kFAAkF,CAAC,CAAA;gBAC5H,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;KAAA;IAEO,MAAM,CAAC,cAAc;;QAC3B,MAAM,UAAU,GAAuB,MAAA,yBAAG,CAAC,OAAO,CAAC,wBAAwB,CAAC,0CAAE,GAAG,CAAC,6CAAuC,EAAE,GAAG,CAAA;QAC9H,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,MAAM,cAAc,GAAW,OAAO,CAAC,GAAG,CAAC,6CAAuC,CAAE,CAAC;QACrF,MAAM,UAAU,GAAuB,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC;QACtE,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAEO,MAAM,CAAC,wBAAwB,CAAC,SAAiB;QACvD,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,eAAe,SAAS,WAAW,CAAC;IAC7E,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAO,kCAAkC;;YAC7C,IAAI,CAAC;gBACH,MAAM,iBAAiB,GAAW,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxD,MAAM,UAAU,GAAuB,MAAM,IAAA,+BAAkB,EAAC,iBAAiB,CAAC,CAAC;gBACnF,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,UAAU,CAAC,QAAQ,KAAK,iBAAiB,CAAC,CAAC;gBAC7G,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,uCAAM,CAAC,KAAK,CAAC,EAAC,iBAAiB,EAAE,qBAAqB,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,EAAC,EACpF,yDAAyD,CAAC,CAAA;gBAC9D,CAAC;gBACD,OAAO,SAAS,CAAA;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,uCAAM,CAAC,KAAK,CAAC,EAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,OAAO,EAAC,EACrC,gEAAgE,CAAC,CAAA;gBACnE,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KAAA;;AA3JH,wEA4JC;AA3JgB,sCAAO,GAAG,0BAA0B,CAAA"}
package/dist/lib/authorization-internal-service.js DELETED
@@ -1,79 +0,0 @@
1
- "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- var desc = Object.getOwnPropertyDescriptor(m, k);
5
- if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
- desc = { enumerable: true, get: function() { return m[k]; } };
7
- }
8
- Object.defineProperty(o, k2, desc);
9
- }) : (function(o, m, k, k2) {
10
- if (k2 === undefined) k2 = k;
11
- o[k2] = m[k];
12
- }));
13
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
- Object.defineProperty(o, "default", { enumerable: true, value: v });
15
- }) : function(o, v) {
16
- o["default"] = v;
17
- });
18
- var __importStar = (this && this.__importStar) || function (mod) {
19
- if (mod && mod.__esModule) return mod;
20
- var result = {};
21
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
- __setModuleDefault(result, mod);
23
- return result;
24
- };
25
- Object.defineProperty(exports, "__esModule", { value: true });
26
- exports.AuthorizationInternalService = exports.logger = void 0;
27
- const monday_jwt_1 = require("@mondaydotcomorg/monday-jwt");
28
- const MondayLogger = __importStar(require("@mondaydotcomorg/monday-logger"));
29
- const INTERNAL_APP_NAME = 'internal_ms';
30
- const defaultMondayFetchOptions = {
31
- retries: 3,
32
- callback: logOnFetchFail,
33
- };
34
- function logOnFetchFail(retriesLeft, error) {
35
- if (retriesLeft == 0) {
36
- exports.logger.error({ retriesLeft, error }, 'Authorization attempt failed due to network issues');
37
- }
38
- else {
39
- exports.logger.info({ retriesLeft, error }, 'Authorization attempt failed due to network issues, trying again');
40
- }
41
- }
42
- let mondayFetchOptions = defaultMondayFetchOptions;
43
- exports.logger = MondayLogger.getLogger();
44
- class AuthorizationInternalService {
45
- static skipAuthorization(requset) {
46
- requset.authorizationSkipPerformed = true;
47
- }
48
- static markAuthorized(request) {
49
- request.authorizationCheckPerformed = true;
50
- }
51
- static failIfNotCoveredByAuthorization(request) {
52
- if (!request.authorizationCheckPerformed && !request.authorizationSkipPerformed) {
53
- throw 'Endpoint is not covered by authorization check';
54
- }
55
- }
56
- static throwOnHttpErrorIfNeeded(response, placement) {
57
- if (response.ok) {
58
- return;
59
- }
60
- const status = response.status;
61
- exports.logger.error({ tag: 'authorization-service', placement, status }, 'AuthorizationService: authorization request failed');
62
- throw new Error(`AuthorizationService: [${placement}] authorization request failed with status ${status}`);
63
- }
64
- static generateInternalAuthToken(accountId, userId) {
65
- return (0, monday_jwt_1.signAuthorizationHeader)({ appName: INTERNAL_APP_NAME, accountId, userId });
66
- }
67
- static setRequestFetchOptions(customMondayFetchOptions) {
68
- mondayFetchOptions = Object.assign(Object.assign({}, defaultMondayFetchOptions), customMondayFetchOptions);
69
- }
70
- static getRequestFetchOptions() {
71
- return mondayFetchOptions;
72
- }
73
- static getRequestTimeout() {
74
- const isDevEnv = process.env.NODE_ENV === 'development';
75
- return isDevEnv ? 60000 : 2000;
76
- }
77
- }
78
- exports.AuthorizationInternalService = AuthorizationInternalService;
79
- //# sourceMappingURL=authorization-internal-service.js.map
package/dist/lib/authorization-internal-service.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization-internal-service.js","sourceRoot":"","sources":["../../lib/authorization-internal-service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AACA,4DAAsE;AAEtE,6EAA+D;AAE/D,MAAM,iBAAiB,GAAG,aAAa,CAAC;AAExC,MAAM,yBAAyB,GAAuB;IACpD,OAAO,EAAE,CAAC;IACV,QAAQ,EAAE,cAAc;CACzB,CAAC;AAEF,SAAS,cAAc,CAAC,WAAmB,EAAE,KAAY;IACvD,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;QACrB,cAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,oDAAoD,CAAC,CAAC;IAC7F,CAAC;SAAM,CAAC;QACN,cAAM,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,EAAE,kEAAkE,CAAC,CAAC;IAC1G,CAAC;AACH,CAAC;AAED,IAAI,kBAAkB,GAAuB,yBAAyB,CAAC;AAE1D,QAAA,MAAM,GAAG,YAAY,CAAC,SAAS,EAAE,CAAC;AAE/C,MAAa,4BAA4B;IACvC,MAAM,CAAC,iBAAiB,CAAC,OAAgB;QACvC,OAAO,CAAC,0BAA0B,GAAG,IAAI,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,cAAc,CAAC,OAAgB;QACpC,OAAO,CAAC,2BAA2B,GAAG,IAAI,CAAC;IAC7C,CAAC;IAED,MAAM,CAAC,+BAA+B,CAAC,OAAgB;QACrD,IAAI,CAAC,OAAO,CAAC,2BAA2B,IAAI,CAAC,OAAO,CAAC,0BAA0B,EAAE,CAAC;YAChF,MAAM,gDAAgD,CAAC;QACzD,CAAC;IACH,CAAC;IAED,MAAM,CAAC,wBAAwB,CAAC,QAA2C,EAAE,SAAiB;QAC5F,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC/B,cAAM,CAAC,KAAK,CACV,EAAE,GAAG,EAAE,uBAAuB,EAAE,SAAS,EAAE,MAAM,EAAE,EACnD,oDAAoD,CACrD,CAAC;QAEF,MAAM,IAAI,KAAK,CAAC,0BAA0B,SAAS,8CAA8C,MAAM,EAAE,CAAC,CAAC;IAC7G,CAAC;IAED,MAAM,CAAC,yBAAyB,CAAC,SAAiB,EAAE,MAAc;QAChE,OAAO,IAAA,oCAAuB,EAAC,EAAE,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;IACpF,CAAC;IAED,MAAM,CAAC,sBAAsB,CAAC,wBAA4C;QACxE,kBAAkB,mCACb,yBAAyB,GACzB,wBAAwB,CAC5B,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,sBAAsB;QAC3B,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,MAAM,CAAC,iBAAiB;QACtB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC;QACxD,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;CACF;AAhDD,oEAgDC"}
package/dist/lib/authorization-middleware.js DELETED
@@ -1,57 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- var __importDefault = (this && this.__importDefault) || function (mod) {
12
- return (mod && mod.__esModule) ? mod : { "default": mod };
13
- };
14
- Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.getAuthorizationMiddleware = getAuthorizationMiddleware;
16
- exports.skipAuthorizationMiddleware = skipAuthorizationMiddleware;
17
- exports.authorizationCheckMiddleware = authorizationCheckMiddleware;
18
- exports.defaultContextGetter = defaultContextGetter;
19
- const on_headers_1 = __importDefault(require("on-headers"));
20
- const authorization_internal_service_1 = require("./authorization-internal-service");
21
- const authorization_service_1 = require("./authorization-service");
22
- // getAuthorizationMiddleware is duplicated in testKit/index.ts
23
- // If you are making changes to this function, please make sure to update the other file as well
24
- function getAuthorizationMiddleware(action, resourceGetter, contextGetter) {
25
- return function authorizationMiddleware(request, response, next) {
26
- return __awaiter(this, void 0, void 0, function* () {
27
- contextGetter || (contextGetter = defaultContextGetter);
28
- const { userId, accountId } = contextGetter(request);
29
- const resources = resourceGetter(request);
30
- const { isAuthorized } = yield authorization_service_1.AuthorizationService.isAuthorized(accountId, userId, resources, action);
31
- authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
32
- if (!isAuthorized) {
33
- response.status(403).json({ message: 'Access denied' });
34
- return;
35
- }
36
- next();
37
- });
38
- };
39
- }
40
- function skipAuthorizationMiddleware(request, response, next) {
41
- authorization_internal_service_1.AuthorizationInternalService.skipAuthorization(request);
42
- next();
43
- }
44
- function authorizationCheckMiddleware(request, response, next) {
45
- if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
46
- (0, on_headers_1.default)(response, function () {
47
- if (response.statusCode < 400) {
48
- authorization_internal_service_1.AuthorizationInternalService.failIfNotCoveredByAuthorization(request);
49
- }
50
- });
51
- }
52
- next();
53
- }
54
- function defaultContextGetter(request) {
55
- return request.payload;
56
- }
57
- //# sourceMappingURL=authorization-middleware.js.map
package/dist/lib/authorization-middleware.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization-middleware.js","sourceRoot":"","sources":["../../lib/authorization-middleware.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AAQA,gEAqBC;AAED,kEAGC;AAED,oEASC;AAED,oDAEC;AAhDD,4DAAmC;AACnC,qFAAgF;AAChF,mEAA+D;AAG/D,+DAA+D;AAC/D,gGAAgG;AAChG,SAAgB,0BAA0B,CACxC,MAAc,EACd,cAA8B,EAC9B,aAA6B;IAE7B,OAAO,SAAe,uBAAuB,CAC3C,OAAoB,EACpB,QAAsB,EACtB,IAAkB;;YAElB,aAAa,KAAb,aAAa,GAAK,oBAAoB,EAAC;YACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,4CAAoB,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YACvG,6DAA4B,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;gBACxD,OAAO;YACT,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC;KAAA,CAAC;AACJ,CAAC;AAED,SAAgB,2BAA2B,CAAC,OAAoB,EAAE,QAAsB,EAAE,IAAkB;IAC1G,6DAA4B,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACxD,IAAI,EAAE,CAAC;AACT,CAAC;AAED,SAAgB,4BAA4B,CAAC,OAAoB,EAAE,QAAsB,EAAE,IAAkB;IAC3G,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC9E,IAAA,oBAAS,EAAC,QAAQ,EAAE;YAClB,IAAI,QAAQ,CAAC,UAAU,GAAG,GAAG,EAAE,CAAC;gBAC9B,6DAA4B,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC;YACxE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IACD,IAAI,EAAE,CAAC;AACT,CAAC;AAED,SAAgB,oBAAoB,CAAC,OAAoB;IACvD,OAAO,OAAO,CAAC,OAAO,CAAC;AACzB,CAAC"}
package/dist/lib/authorization-service.js DELETED
@@ -1,186 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.AuthorizationService = void 0;
13
- exports.setRequestFetchOptions = setRequestFetchOptions;
14
- exports.setRedisClient = setRedisClient;
15
- const lodash_1 = require("lodash");
16
- const perf_hooks_1 = require("perf_hooks");
17
- const monday_fetch_1 = require("@mondaydotcomorg/monday-fetch");
18
- const prometheus_service_1 = require("./prometheus-service");
19
- const authorization_internal_service_1 = require("./authorization-internal-service");
20
- const attributions_service_1 = require("./attributions-service");
21
- const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
22
- function setRequestFetchOptions(customMondayFetchOptions) {
23
- authorization_internal_service_1.AuthorizationInternalService.setRequestFetchOptions(customMondayFetchOptions);
24
- }
25
- function setRedisClient(client, grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS) {
26
- AuthorizationService.redisClient = client;
27
- if (grantedFeatureRedisExpirationInSeconds && grantedFeatureRedisExpirationInSeconds > 0) {
28
- AuthorizationService.grantedFeatureRedisExpirationInSeconds = grantedFeatureRedisExpirationInSeconds;
29
- }
30
- else {
31
- authorization_internal_service_1.logger.warn({ grantedFeatureRedisExpirationInSeconds }, 'Invalid input for grantedFeatureRedisExpirationInSeconds, must be positive number. using default ttl.');
32
- AuthorizationService.grantedFeatureRedisExpirationInSeconds = GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS;
33
- }
34
- }
35
- class AuthorizationService {
36
- static isAuthorized(...args) {
37
- return __awaiter(this, void 0, void 0, function* () {
38
- if (args.length === 3) {
39
- return this.isAuthorizedMultiple(args[0], args[1], args[2]);
40
- }
41
- else if (args.length == 4) {
42
- return this.isAuthorizedSingular(args[0], args[1], args[2], args[3]);
43
- }
44
- else {
45
- throw new Error('isAuthorized accepts either 3 or 4 arguments');
46
- }
47
- });
48
- }
49
- static isUserGrantedWithFeature(accountId_1, userId_1, featureName_1) {
50
- return __awaiter(this, arguments, void 0, function* (accountId, userId, featureName, options = {}) {
51
- var _a;
52
- let cachedKey = this.getCachedKeyName(userId, featureName);
53
- const shouldSkipCache = (_a = options.shouldSkipCache) !== null && _a !== void 0 ? _a : false;
54
- if (this.redisClient && !shouldSkipCache) {
55
- let grantedFeatureValue = yield this.redisClient.get(cachedKey);
56
- if (!(grantedFeatureValue === undefined || grantedFeatureValue === null)) {
57
- // redis returns the value as string
58
- return grantedFeatureValue === 'true';
59
- }
60
- }
61
- let grantedFeatureValue = yield this.fetchIsUserGrantedWithFeature(featureName, accountId, userId);
62
- if (this.redisClient) {
63
- yield this.redisClient.set(cachedKey, grantedFeatureValue, 'EX', this.grantedFeatureRedisExpirationInSeconds);
64
- }
65
- return grantedFeatureValue;
66
- });
67
- }
68
- static fetchIsUserGrantedWithFeature(featureName, accountId, userId) {
69
- return __awaiter(this, void 0, void 0, function* () {
70
- let authorizationObject = {
71
- action: featureName,
72
- resource_type: 'feature',
73
- };
74
- let authorizeResponsePromise = yield this.isAuthorized(accountId, userId, [authorizationObject]);
75
- return authorizeResponsePromise.isAuthorized;
76
- });
77
- }
78
- static getCachedKeyName(userId, featureName) {
79
- return `granted-feature-${featureName}-${userId}`;
80
- }
81
- static canActionInScope(accountId, userId, action, scope) {
82
- return __awaiter(this, void 0, void 0, function* () {
83
- const scopedActions = [{ action, scope }];
84
- const scopedActionResponseObjects = yield this.canActionInScopeMultiple(accountId, userId, scopedActions);
85
- return scopedActionResponseObjects[0].permit;
86
- });
87
- }
88
- static canActionInScopeMultiple(accountId, userId, scopedActions) {
89
- return __awaiter(this, void 0, void 0, function* () {
90
- const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
91
- const scopedActionsPayload = scopedActions.map(scopedAction => {
92
- return Object.assign(Object.assign({}, scopedAction), { scope: (0, lodash_1.mapKeys)(scopedAction.scope, (_, key) => (0, lodash_1.snakeCase)(key)) }); // for example: { workspaceId: 1 } => { workspace_id: 1 }
93
- });
94
- const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
95
- const response = yield (0, monday_fetch_1.fetch)(getCanActionsInScopesUrl(), {
96
- method: 'POST',
97
- headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
98
- timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
99
- body: JSON.stringify({
100
- user_id: userId,
101
- scoped_actions: scopedActionsPayload,
102
- }),
103
- }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
104
- authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'canActionInScopeMultiple');
105
- const responseBody = yield response.json();
106
- const camelCaseKeys = obj => Object.fromEntries(Object.entries(obj).map(([key, value]) => [(0, lodash_1.camelCase)(key), value]));
107
- const scopedActionsResponseObjects = responseBody.result.map(responseObject => {
108
- const { scopedAction, permit } = responseObject;
109
- const { scope } = scopedAction;
110
- const transformKeys = obj => camelCaseKeys(obj);
111
- return Object.assign(Object.assign({}, responseObject), { scopedAction: Object.assign(Object.assign({}, scopedAction), { scope: transformKeys(scope) }), permit: transformKeys(permit) });
112
- });
113
- return scopedActionsResponseObjects;
114
- });
115
- }
116
- static isAuthorizedSingular(accountId, userId, resources, action) {
117
- return __awaiter(this, void 0, void 0, function* () {
118
- const { authorizationObjects } = createAuthorizationParams(resources, action);
119
- return this.isAuthorizedMultiple(accountId, userId, authorizationObjects);
120
- });
121
- }
122
- static isAuthorizedMultiple(accountId, userId, authorizationRequestObjects) {
123
- return __awaiter(this, void 0, void 0, function* () {
124
- const internalAuthToken = authorization_internal_service_1.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
125
- const startTime = perf_hooks_1.performance.now();
126
- const attributionHeaders = (0, attributions_service_1.getAttributionsFromApi)();
127
- const response = yield (0, monday_fetch_1.fetch)(getAuthorizeUrl(), {
128
- method: 'POST',
129
- headers: Object.assign({ Authorization: internalAuthToken, 'Content-Type': 'application/json' }, attributionHeaders),
130
- timeout: authorization_internal_service_1.AuthorizationInternalService.getRequestTimeout(),
131
- body: JSON.stringify({
132
- user_id: userId,
133
- authorize_request_objects: authorizationRequestObjects,
134
- }),
135
- }, authorization_internal_service_1.AuthorizationInternalService.getRequestFetchOptions());
136
- const endTime = perf_hooks_1.performance.now();
137
- const time = endTime - startTime;
138
- const responseStatus = response.status;
139
- (0, prometheus_service_1.sendAuthorizationChecksPerRequestMetric)(responseStatus, authorizationRequestObjects.length);
140
- authorization_internal_service_1.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'isAuthorizedMultiple');
141
- const responseBody = yield response.json();
142
- const unauthorizedObjects = [];
143
- responseBody.result.forEach(function (isAuthorized, index) {
144
- const authorizationObject = authorizationRequestObjects[index];
145
- if (!isAuthorized) {
146
- unauthorizedObjects.push(authorizationObject);
147
- }
148
- (0, prometheus_service_1.sendAuthorizationCheckResponseTimeMetric)(authorizationObject.resource_type, authorizationObject.action, isAuthorized, responseStatus, time);
149
- });
150
- if (unauthorizedObjects.length > 0) {
151
- authorization_internal_service_1.logger.info({
152
- resources: JSON.stringify(unauthorizedObjects),
153
- }, 'AuthorizationService: resource is unauthorized');
154
- const unauthorizedIds = unauthorizedObjects
155
- .filter(obj => !!obj.resource_id)
156
- .map(obj => obj.resource_id);
157
- return { isAuthorized: false, unauthorizedIds, unauthorizedObjects };
158
- }
159
- return { isAuthorized: true };
160
- });
161
- }
162
- }
163
- exports.AuthorizationService = AuthorizationService;
164
- function createAuthorizationParams(resources, action) {
165
- const params = {
166
- authorizationObjects: resources.map((resource) => {
167
- const authorizationObject = {
168
- resource_id: resource.id,
169
- resource_type: resource.type,
170
- action,
171
- };
172
- if (resource.wrapperData) {
173
- authorizationObject.wrapper_data = resource.wrapperData;
174
- }
175
- return authorizationObject;
176
- }),
177
- };
178
- return params;
179
- }
180
- function getAuthorizeUrl() {
181
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/authorize`;
182
- }
183
- function getCanActionsInScopesUrl() {
184
- return `${process.env.MONDAY_INTERNAL_URL}/internal_ms/authorization/can_actions_in_scopes`;
185
- }
186
- //# sourceMappingURL=authorization-service.js.map
package/dist/lib/authorization-service.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization-service.js","sourceRoot":"","sources":["../../lib/authorization-service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAyBA,wDAEC;AAED,wCAcC;AA3CD,mCAAuD;AACvD,2CAAyC;AACzC,gEAA0E;AAE1E,6DAG8B;AAO9B,qFAAwF;AACxF,iEAAgE;AAEhE,MAAM,wCAAwC,GAAG,CAAC,GAAG,EAAE,CAAC;AAQxD,SAAgB,sBAAsB,CAAC,wBAA4C;IACjF,6DAA4B,CAAC,sBAAsB,CAAC,wBAAwB,CAAC,CAAC;AAChF,CAAC;AAED,SAAgB,cAAc,CAC5B,MAAM,EACN,yCAAiD,wCAAwC;IAEzF,oBAAoB,CAAC,WAAW,GAAG,MAAM,CAAC;IAC1C,IAAI,sCAAsC,IAAI,sCAAsC,GAAG,CAAC,EAAE,CAAC;QACzF,oBAAoB,CAAC,sCAAsC,GAAG,sCAAsC,CAAC;IACvG,CAAC;SAAM,CAAC;QACN,uCAAM,CAAC,IAAI,CACT,EAAE,sCAAsC,EAAE,EAC1C,uGAAuG,CACxG,CAAC;QACF,oBAAoB,CAAC,sCAAsC,GAAG,wCAAwC,CAAC;IACzG,CAAC;AACH,CAAC;AAED,MAAa,oBAAoB;IAqB/B,MAAM,CAAO,YAAY,CAAC,GAAG,IAAW;;YACtC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBAC5B,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACvE,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;KAAA;IAED,MAAM,CAAO,wBAAwB;6DACnC,SAAiB,EACjB,MAAc,EACd,WAAmB,EACnB,UAAyC,EAAE;;YAE3C,IAAI,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;YAC3D,MAAM,eAAe,GAAG,MAAA,OAAO,CAAC,eAAe,mCAAI,KAAK,CAAC;YACzD,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,eAAe,EAAE,CAAC;gBACzC,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAChE,IAAI,CAAC,CAAC,mBAAmB,KAAK,SAAS,IAAI,mBAAmB,KAAK,IAAI,CAAC,EAAE,CAAC;oBACzE,oCAAoC;oBACpC,OAAO,mBAAmB,KAAK,MAAM,CAAC;gBACxC,CAAC;YACH,CAAC;YAED,IAAI,mBAAmB,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YACnG,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACrB,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,mBAAmB,EAAE,IAAI,EAAE,IAAI,CAAC,sCAAsC,CAAC,CAAC;YAChH,CAAC;YACD,OAAO,mBAAmB,CAAC;QAC7B,CAAC;KAAA;IAEO,MAAM,CAAO,6BAA6B,CAChD,WAAmB,EACnB,SAAiB,EACjB,MAAc;;YAEd,IAAI,mBAAmB,GAAwB;gBAC7C,MAAM,EAAE,WAAW;gBACnB,aAAa,EAAE,SAAS;aACzB,CAAC;YAEF,IAAI,wBAAwB,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC,mBAAmB,CAAC,CAAC,CAAC;YACjG,OAAO,wBAAwB,CAAC,YAAY,CAAC;QAC/C,CAAC;KAAA;IAEO,MAAM,CAAC,gBAAgB,CAAC,MAAc,EAAE,WAAmB;QACjE,OAAO,mBAAmB,WAAW,IAAI,MAAM,EAAE,CAAC;IACpD,CAAC;IAED,MAAM,CAAO,gBAAgB,CAC3B,SAAiB,EACjB,MAAc,EACd,MAAc,EACd,KAAmB;;YAEnB,MAAM,aAAa,GAAG,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1C,MAAM,2BAA2B,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;YAC1G,OAAO,2BAA2B,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC/C,CAAC;KAAA;IAED,MAAM,CAAO,wBAAwB,CACnC,SAAiB,EACjB,MAAc,EACd,aAA6B;;YAE7B,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,oBAAoB,GAAG,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;gBAC5D,uCAAY,YAAY,KAAE,KAAK,EAAE,IAAA,gBAAO,EAAC,YAAY,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,CAAC,IAAG,CAAC,yDAAyD;YACvJ,CAAC,CAAC,CAAC;YACH,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,wBAAwB,EAAE,EAC1B;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM;oBACf,cAAc,EAAE,oBAAoB;iBACrC,CAAC;aACH,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YAEF,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,0BAA0B,CAAC,CAAC;YAE5F,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,aAAa,GAAG,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,kBAAS,EAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YAEpH,MAAM,4BAA4B,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE;gBAC5E,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,cAAc,CAAC;gBAChD,MAAM,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC;gBAC/B,MAAM,aAAa,GAAG,GAAG,CAAC,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;gBAEhD,uCACK,cAAc,KACjB,YAAY,kCAAO,YAAY,KAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,KAC5D,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,IAC7B;YACJ,CAAC,CAAC,CAAC;YAEH,OAAO,4BAA4B,CAAC;QACtC,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CACvC,SAAiB,EACjB,MAAc,EACd,SAAqB,EACrB,MAAc;;YAEd,MAAM,EAAE,oBAAoB,EAAE,GAAG,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YAC9E,OAAO,IAAI,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,oBAAoB,CAAC,CAAC;QAC5E,CAAC;KAAA;IAEO,MAAM,CAAO,oBAAoB,CACvC,SAAiB,EACjB,MAAc,EACd,2BAAkD;;YAElD,MAAM,iBAAiB,GAAG,6DAA4B,CAAC,yBAAyB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACpG,MAAM,SAAS,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YACpC,MAAM,kBAAkB,GAAG,IAAA,6CAAsB,GAAE,CAAC;YACpD,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAK,EAC1B,eAAe,EAAE,EACjB;gBACE,MAAM,EAAE,MAAM;gBACd,OAAO,kBACL,aAAa,EAAE,iBAAiB,EAChC,cAAc,EAAE,kBAAkB,IAC/B,kBAAkB,CACtB;gBACD,OAAO,EAAE,6DAA4B,CAAC,iBAAiB,EAAE;gBACzD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM;oBACf,yBAAyB,EAAE,2BAA2B;iBACvD,CAAC;aACH,EACD,6DAA4B,CAAC,sBAAsB,EAAE,CACtD,CAAC;YACF,MAAM,OAAO,GAAG,wBAAW,CAAC,GAAG,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,OAAO,GAAG,SAAS,CAAC;YAEjC,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC;YACvC,IAAA,4DAAuC,EAAC,cAAc,EAAE,2BAA2B,CAAC,MAAM,CAAC,CAAC;YAE5F,6DAA4B,CAAC,wBAAwB,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;YAExF,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,mBAAmB,GAA0B,EAAE,CAAC;YACtD,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,YAAqB,EAAE,KAAa;gBACxE,MAAM,mBAAmB,GAAG,2BAA2B,CAAC,KAAK,CAAC,CAAC;gBAC/D,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,mBAAmB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAChD,CAAC;gBAED,IAAA,6DAAwC,EACtC,mBAAmB,CAAC,aAAa,EACjC,mBAAmB,CAAC,MAAM,EAC1B,YAAY,EACZ,cAAc,EACd,IAAI,CACL,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACnC,uCAAM,CAAC,IAAI,CACT;oBACE,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC;iBAC/C,EACD,gDAAgD,CACjD,CAAC;gBACF,MAAM,eAAe,GAAG,mBAAmB;qBACxC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC;qBAChC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,CAAa,CAAC;gBAC3C,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,mBAAmB,EAAE,CAAC;YACvE,CAAC;YAED,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;QAChC,CAAC;KAAA;CACF;AA9MD,oDA8MC;AAED,SAAS,yBAAyB,CAAC,SAAqB,EAAE,MAAc;IACtE,MAAM,MAAM,GAAG;QACb,oBAAoB,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,QAAkB,EAAE,EAAE;YACzD,MAAM,mBAAmB,GAAwB;gBAC/C,WAAW,EAAE,QAAQ,CAAC,EAAE;gBACxB,aAAa,EAAE,QAAQ,CAAC,IAAI;gBAC5B,MAAM;aACP,CAAC;YACF,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACzB,mBAAmB,CAAC,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC;YAC1D,CAAC;YACD,OAAO,mBAAmB,CAAC;QAC7B,CAAC,CAAC;KACH,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe;IACtB,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,sCAAsC,CAAC;AAClF,CAAC;AAED,SAAS,wBAAwB;IAC/B,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,kDAAkD,CAAC;AAC9F,CAAC"}
package/dist/lib/constants/sns.js DELETED
@@ -1,7 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = exports.RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = exports.RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME = void 0;
4
- exports.RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME = 'AUTHORIZATION_RESOURCE_ATTRIBUTES_SNS_TOPIC';
5
- exports.RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = 'resourceAttributeModification';
6
- exports.ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
7
- //# sourceMappingURL=sns.js.map
package/dist/lib/constants/sns.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"sns.js","sourceRoot":"","sources":["../../../lib/constants/sns.ts"],"names":[],"mappings":";;;AAAa,QAAA,uCAAuC,GAAG,6CAA6C,CAAA;AACvF,QAAA,qDAAqD,GAAG,+BAA+B,CAAC;AACxF,QAAA,oDAAoD,GAAG,GAAG,CAAC"}
package/dist/lib/prometheus-service.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"prometheus-service.js","sourceRoot":"","sources":["../../lib/prometheus-service.ts"],"names":[],"mappings":";;;AAwBA,sCAiBC;AAED,8CAEC;AAED,0FAMC;AAED,4FAYC;AAjED,IAAI,UAAU,GAAQ,IAAI,CAAC;AAC3B,IAAI,mCAAmC,GAAQ,IAAI,CAAC;AACpD,IAAI,oCAAoC,GAAQ,IAAI,CAAC;AAExC,QAAA,OAAO,GAAG;IACrB,mBAAmB,EAAE,qBAAqB;IAC1C,gCAAgC,EAAE,kCAAkC;IACpE,iCAAiC,EAAE,mCAAmC;CACvE,CAAC;AAEF,MAAM,yCAAyC,GAAG;IAChD,IAAI,EAAE,eAAO,CAAC,gCAAgC;IAC9C,MAAM,EAAE,CAAC,gBAAgB,CAAC;IAC1B,WAAW,EAAE,0CAA0C;CACxD,CAAC;AAEF,MAAM,0CAA0C,GAAG;IACjD,IAAI,EAAE,eAAO,CAAC,iCAAiC;IAC/C,MAAM,EAAE,CAAC,cAAc,EAAE,QAAQ,EAAE,cAAc,EAAE,gBAAgB,CAAC;IACpE,WAAW,EAAE,2CAA2C;CACzD,CAAC;AAEF,SAAgB,aAAa,CAAC,gBAAgB;IAC5C,UAAU,GAAG,gBAAgB,CAAC;IAC9B,MAAM,EAAE,aAAa,EAAE,GAAG,UAAU,CAAC;IAErC,mCAAmC,GAAG,iBAAiB,EAAE,CAAC,SAAS,CACjE,aAAa,CAAC,OAAO,EACrB,yCAAyC,CAAC,IAAI,EAC9C,yCAAyC,CAAC,MAAM,EAChD,yCAAyC,CAAC,WAAW,CACtD,CAAC;IAEF,oCAAoC,GAAG,iBAAiB,EAAE,CAAC,SAAS,CAClE,aAAa,CAAC,OAAO,EACrB,0CAA0C,CAAC,IAAI,EAC/C,0CAA0C,CAAC,MAAM,EACjD,0CAA0C,CAAC,WAAW,CACvD,CAAC;AACJ,CAAC;AAED,SAAgB,iBAAiB;IAC/B,OAAO,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,cAAc,CAAC;AACpC,CAAC;AAED,SAAgB,uCAAuC,CAAC,cAAc,EAAE,4BAA4B;IAClG,IAAI,CAAC;QACH,IAAI,mCAAmC,EAAE,CAAC;YACxC,mCAAmC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;QACnG,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;AAChB,CAAC;AAED,SAAgB,wCAAwC,CACtD,YAAoB,EACpB,MAAc,EACd,YAAqB,EACrB,cAAsB,EACtB,IAAY;IAEZ,IAAI,CAAC;QACH,IAAI,oCAAoC,EAAE,CAAC;YACzC,oCAAoC,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAChH,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;AAChB,CAAC"}
package/dist/lib/testKit/index.js DELETED
@@ -1,59 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.getTestAuthorizationMiddleware = exports.clearTestPermittedActions = exports.addTestPermittedAction = void 0;
13
- const authorization_middleware_1 = require("../authorization-middleware");
14
- const authorization_internal_service_1 = require("../authorization-internal-service");
15
- let testPermittedActions = [];
16
- const addTestPermittedAction = (accountId, userId, resources, action) => {
17
- testPermittedActions.push({ accountId, userId, resources, action });
18
- };
19
- exports.addTestPermittedAction = addTestPermittedAction;
20
- const clearTestPermittedActions = () => {
21
- testPermittedActions = [];
22
- };
23
- exports.clearTestPermittedActions = clearTestPermittedActions;
24
- const isActionAuthorized = (accountId, userId, resources, action) => {
25
- return {
26
- isAuthorized: resources.every(resource => {
27
- return testPermittedActions.some(combination => {
28
- return combination.accountId === accountId &&
29
- combination.userId === userId &&
30
- combination.action === action &&
31
- combination.resources.some(combinationResource => {
32
- return resources.some(resource => {
33
- return combinationResource.id === resource.id &&
34
- combinationResource.type === resource.type &&
35
- JSON.stringify(combinationResource.wrapperData) === JSON.stringify(resource.wrapperData);
36
- });
37
- });
38
- });
39
- })
40
- };
41
- };
42
- const getTestAuthorizationMiddleware = (action, resourceGetter, contextGetter) => {
43
- return function authorizationMiddleware(request, response, next) {
44
- return __awaiter(this, void 0, void 0, function* () {
45
- contextGetter || (contextGetter = authorization_middleware_1.defaultContextGetter);
46
- const { userId, accountId } = contextGetter(request);
47
- const resources = resourceGetter(request);
48
- const { isAuthorized } = isActionAuthorized(accountId, userId, resources, action);
49
- authorization_internal_service_1.AuthorizationInternalService.markAuthorized(request);
50
- if (!isAuthorized) {
51
- response.status(403).json({ message: 'Access denied' });
52
- return;
53
- }
54
- next();
55
- });
56
- };
57
- };
58
- exports.getTestAuthorizationMiddleware = getTestAuthorizationMiddleware;
59
- //# sourceMappingURL=index.js.map
package/dist/lib/testKit/index.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../lib/testKit/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,0EAAiE;AACjE,sFAA+E;AAS/E,IAAI,oBAAoB,GAA0B,EAAE,CAAC;AAC9C,MAAM,sBAAsB,GAAG,CAAC,SAAiB,EAAE,MAAc,EAAE,SAAqB,EAAE,MAAc,EAAE,EAAE;IACjH,oBAAoB,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;AACtE,CAAC,CAAA;AAFY,QAAA,sBAAsB,0BAElC;AAEM,MAAM,yBAAyB,GAAG,GAAG,EAAE;IAC5C,oBAAoB,GAAG,EAAE,CAAC;AAC5B,CAAC,CAAA;AAFY,QAAA,yBAAyB,6BAErC;AAED,MAAM,kBAAkB,GAAG,CAAC,SAAiB,EACnB,MAAc,EACd,SAAqB,EACrB,MAAc,EAAE,EAAE;IAC1C,OAAO;QACL,YAAY,EAAE,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE;YACvC,OAAO,oBAAoB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE;gBAC7C,OAAO,WAAW,CAAC,SAAS,KAAK,SAAS;oBACxC,WAAW,CAAC,MAAM,KAAK,MAAM;oBAC7B,WAAW,CAAC,MAAM,KAAK,MAAM;oBAC7B,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE;wBAC/C,OAAO,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;4BAC/B,OAAO,mBAAmB,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE;gCAC3C,mBAAmB,CAAC,IAAI,KAAK,QAAQ,CAAC,IAAI;gCAC1C,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;wBAC7F,CAAC,CAAC,CAAC;oBACL,CAAC,CAAC,CAAC;YACP,CAAC,CAAC,CAAC;QACL,CAAC,CAAC;KACH,CAAA;AACH,CAAC,CAAA;AAEM,MAAM,8BAA8B,GAAG,CAAC,MAAc,EACd,cAA8B,EAC9B,aAA6B,EAAE,EAAE;IAE9E,OAAO,SAAe,uBAAuB,CAC3C,OAAoB,EACpB,QAAsB,EACtB,IAAkB;;YAGlB,aAAa,KAAb,aAAa,GAAK,+CAAoB,EAAC;YACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,EAAE,YAAY,EAAE,GAAG,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;YAClF,6DAA4B,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACrD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC,CAAC;gBACxD,OAAO;YACT,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC;KAAA,CAAC;AACJ,CAAC,CAAC;AArBW,QAAA,8BAA8B,kCAqBzC"}
package/dist/lib/types/authorization-attributes-contracts.js DELETED
@@ -1,9 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.ResourceAttributeOperationEnum = void 0;
4
- var ResourceAttributeOperationEnum;
5
- (function (ResourceAttributeOperationEnum) {
6
- ResourceAttributeOperationEnum["UPSERT"] = "upsert";
7
- ResourceAttributeOperationEnum["DELETE"] = "delete";
8
- })(ResourceAttributeOperationEnum || (exports.ResourceAttributeOperationEnum = ResourceAttributeOperationEnum = {}));
9
- //# sourceMappingURL=authorization-attributes-contracts.js.map
package/dist/lib/types/authorization-attributes-contracts.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"authorization-attributes-contracts.js","sourceRoot":"","sources":["../../../lib/types/authorization-attributes-contracts.ts"],"names":[],"mappings":";;;AAoBA,IAAY,8BAGX;AAHD,WAAY,8BAA8B;IACxC,mDAAiB,CAAA;IACjB,mDAAiB,CAAA;AACnB,CAAC,EAHW,8BAA8B,8CAA9B,8BAA8B,QAGzC"}
package/dist/lib/types/express.js DELETED
@@ -1,2 +0,0 @@
1
- "use strict";
2
- //# sourceMappingURL=express.js.map
package/dist/lib/types/express.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"express.js","sourceRoot":"","sources":["../../../lib/types/express.ts"],"names":[],"mappings":""}
package/dist/lib/types/general.js DELETED
@@ -1,3 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- //# sourceMappingURL=general.js.map
package/dist/lib/types/general.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"general.js","sourceRoot":"","sources":["../../../lib/types/general.ts"],"names":[],"mappings":""}
package/dist/lib/types/scoped-actions-contracts.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"scoped-actions-contracts.js","sourceRoot":"","sources":["../../../lib/types/scoped-actions-contracts.ts"],"names":[],"mappings":";;;AA2BA,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,2EAAa,CAAA;IACb,iFAAgB,CAAA;IAChB,yFAAoB,CAAA;AACtB,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC"}