@mondaydotcomorg/monday-authorization 3.5.1-fix-authorize-profile-picker-7481de0 → 3.5.3-feat-shaime-support-entity-attributes-in-authorization-sdk-e355942

package/dist/esm/authorization-attributes-sns-service.d.ts

@@ -0,0 +1,91 @@
+import { ResourceAttributeAssignment, ResourceAttributeOperation, EntityAttributeOperation } from './types/authorization-attributes-contracts';
+import { EntityAttributeAssignment } from './entity-attribute-assignment';
+import { Resource } from './types/general';
+import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
+import { EntityType } from './types/authorization-attributes-contracts';
+/**
+ * Service class for managing resource attributes asynchronously via SNS.
+ * Provides asynchronous operations to create/update and delete attributes on resources.
+ */
+export declare class AuthorizationAttributesSnsService implements IAuthorizationAttributesService {
+    private static LOG_TAG;
+    private resourceSnsArn;
+    private entitySnsArn;
+    /**
+     * Public constructor to create the AuthorizationAttributesSnsService instance.
+     */
+    constructor();
+    /**
+     * Async function to upsert resource attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
+     * @return Promise with array of sent operations
+     */
+    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[], appName?: string, callerActionIdentifier?: string): Promise<ResourceAttributeOperation[]>;
+    /**
+     * Async function to delete resource attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param resource The resource (resourceType, resourceId)
+     * @param attributeKeys Array of attribute keys to delete
+     * @return Promise with array of sent operations
+     */
+    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[], appName?: string, callerActionIdentifier?: string): Promise<ResourceAttributeOperation[]>;
+    /**
+     * Async function to upsert entity attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param entityAttributeAssignments Array of entity attribute assignments to upsert
+     * @return Promise with array of sent operations
+     */
+    upsertEntityAttributes(accountId: number, entityAttributeAssignments: EntityAttributeAssignment[], appName?: string, callerActionIdentifier?: string): Promise<EntityAttributeOperation[]>;
+    /**
+     * Async function to delete entity attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param entityType The entity type
+     * @param entityId The entity ID
+     * @param attributeKeys Array of attribute keys to delete
+     * @return Promise with array of sent operations
+     */
+    deleteEntityAttributes(accountId: number, entityType: EntityType | string, entityId: number, attributeKeys: string[], appName?: string, callerActionIdentifier?: string): Promise<EntityAttributeOperation[]>;
+    /**
+     *  Async function, this function only send the updates request to SNS and return before the change actually took place
+     * @param accountId
+     * @param appName - App name of the calling app
+     * @param callerActionIdentifier - action identifier
+     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
+     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
+     *  */
+    updateResourceAttributes(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributeOperation[]): Promise<ResourceAttributeOperation[]>;
+    /**
+     *  Async function, this function only send the updates request to SNS and return before the change actually took place
+     * @param accountId
+     * @param appName - App name of the calling app
+     * @param callerActionIdentifier - action identifier
+     * @param entityAttributeOperations - Array of operations to do on entity attributes.
+     * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
+     *  */
+    updateEntityAttributes(accountId: number, appName: string, callerActionIdentifier: string, entityAttributeOperations: EntityAttributeOperation[]): Promise<EntityAttributeOperation[]>;
+    private sendSingleSnsMessage;
+    private static getSnsTopicArn;
+    /**
+     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
+     * This function can be used as health check for services that updating resource attributes in async is crucial.
+     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
+     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
+     * However, this is the best we can do without actually push dummy messages to the SNS.
+     * @return {Promise<boolean>} - true if succeeded
+     */
+    asyncResourceAttributesHealthCheck(): Promise<boolean>;
+}
+//# sourceMappingURL=authorization-attributes-sns-service.d.ts.map

package/dist/esm/authorization-attributes-sns-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization-attributes-sns-service.d.ts","sourceRoot":"","sources":["../../src/authorization-attributes-sns-service.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,2BAA2B,EAC3B,0BAA0B,EAC1B,wBAAwB,EACzB,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAe3C,OAAO,EAAE,+BAA+B,EAAE,MAAM,oDAAoD,CAAC;AACrG,OAAO,EAAE,UAAU,EAAE,MAAM,4CAA4C,CAAC;AAExE;;;GAGG;AACH,qBAAa,iCAAkC,YAAW,+BAA+B;IACvF,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,YAAY,CAAS;IAE7B;;OAEG;;IAMH;;;;;;;;OAQG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,EAC3D,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAWxC;;;;;;;;;OASG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAgBxC;;;;;;;;OAQG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,yBAAyB,EAAE,EACvD,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAgBtC;;;;;;;;;;OAUG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,UAAU,GAAG,MAAM,EAC/B,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAgBtC;;;;;;;UAOM;IACA,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,0BAA0B,EAAE,GACxD,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAoBxC;;;;;;;UAOM;IACA,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,yBAAyB,EAAE,wBAAwB,EAAE,GACpD,OAAO,CAAC,wBAAwB,EAAE,CAAC;YAoBxB,oBAAoB;IA2BlC,OAAO,CAAC,MAAM,CAAC,cAAc;IA0B7B;;;;;;;OAOG;IACG,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAoB7D"}

package/dist/esm/authorization-attributes-sns-service.mjs

@@ -0,0 +1,211 @@
+import chunk from 'lodash/chunk.js';
+import { sendToSns, getTopicAttributes } from '@mondaydotcomorg/monday-sns';
+import { logger } from './authorization-internal-service.mjs';
+import { SnsTopicType, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, RESOURCE_SNS_ARN_ENV_VAR_NAME, RESOURCE_SNS_DEV_TEST_NAME, ENTITY_SNS_ARN_ENV_VAR_NAME, ENTITY_SNS_DEV_TEST_NAME } from './constants/sns.mjs';
+import { AttributeOperation } from './types/authorization-attributes-contracts.mjs';
+
+/**
+ * Service class for managing resource attributes asynchronously via SNS.
+ * Provides asynchronous operations to create/update and delete attributes on resources.
+ */
+class AuthorizationAttributesSnsService {
+    static LOG_TAG = 'authorization_attributes';
+    resourceSnsArn;
+    entitySnsArn;
+    /**
+     * Public constructor to create the AuthorizationAttributesSnsService instance.
+     */
+    constructor() {
+        this.resourceSnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.RESOURCE);
+        this.entitySnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.ENTITY);
+    }
+    /**
+     * Async function to upsert resource attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
+     * @return Promise with array of sent operations
+     */
+    async upsertResourceAttributes(accountId, resourceAttributeAssignments, appName, callerActionIdentifier) {
+        if (!appName || !callerActionIdentifier) {
+            throw new Error('appName and callerActionIdentifier are required for SNS service');
+        }
+        const operations = resourceAttributeAssignments.map(assignment => ({
+            ...assignment,
+            operationType: AttributeOperation.UPSERT,
+        }));
+        return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
+    }
+    /**
+     * Async function to delete resource attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param resource The resource (resourceType, resourceId)
+     * @param attributeKeys Array of attribute keys to delete
+     * @return Promise with array of sent operations
+     */
+    async deleteResourceAttributes(accountId, resource, attributeKeys, appName, callerActionIdentifier) {
+        if (!appName || !callerActionIdentifier) {
+            throw new Error('appName and callerActionIdentifier are required for SNS service');
+        }
+        const operations = attributeKeys.map(key => ({
+            resourceType: resource.type,
+            resourceId: resource.id,
+            key,
+            operationType: AttributeOperation.DELETE,
+        }));
+        return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
+    }
+    /**
+     * Async function to upsert entity attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param entityAttributeAssignments Array of entity attribute assignments to upsert
+     * @return Promise with array of sent operations
+     */
+    async upsertEntityAttributes(accountId, entityAttributeAssignments, appName, callerActionIdentifier) {
+        if (!appName || !callerActionIdentifier) {
+            throw new Error('appName and callerActionIdentifier are required for SNS service');
+        }
+        const operations = entityAttributeAssignments.map(assignment => {
+            return {
+                entityId: assignment.entityId,
+                entityType: assignment.entityType,
+                key: assignment.attributeKey,
+                value: assignment.attributeValue,
+                operationType: AttributeOperation.UPSERT,
+            };
+        });
+        return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
+    }
+    /**
+     * Async function to delete entity attributes using SNS.
+     * Sends the updates request to SNS and returns before the change actually took place.
+     * @param accountId The account ID
+     * @param appName App name of the calling app
+     * @param callerActionIdentifier Action identifier
+     * @param entityType The entity type
+     * @param entityId The entity ID
+     * @param attributeKeys Array of attribute keys to delete
+     * @return Promise with array of sent operations
+     */
+    async deleteEntityAttributes(accountId, entityType, entityId, attributeKeys, appName, callerActionIdentifier) {
+        if (!appName || !callerActionIdentifier) {
+            throw new Error('appName and callerActionIdentifier are required for SNS service');
+        }
+        const operations = attributeKeys.map(key => ({
+            entityType: entityType,
+            entityId,
+            key,
+            operationType: AttributeOperation.DELETE,
+        }));
+        return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
+    }
+    /**
+     *  Async function, this function only send the updates request to SNS and return before the change actually took place
+     * @param accountId
+     * @param appName - App name of the calling app
+     * @param callerActionIdentifier - action identifier
+     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
+     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
+     *  */
+    async updateResourceAttributes(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
+        const topicArn = this.resourceSnsArn;
+        const sendToSnsPromises = [];
+        const operationChucks = chunk(resourceAttributeOperations, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
+        for (const operationsChunk of operationChucks) {
+            sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, 'Authorization resource attributes async update: failed to send operations to SNS'));
+        }
+        return (await Promise.all(sendToSnsPromises)).flat();
+    }
+    /**
+     *  Async function, this function only send the updates request to SNS and return before the change actually took place
+     * @param accountId
+     * @param appName - App name of the calling app
+     * @param callerActionIdentifier - action identifier
+     * @param entityAttributeOperations - Array of operations to do on entity attributes.
+     * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
+     *  */
+    async updateEntityAttributes(accountId, appName, callerActionIdentifier, entityAttributeOperations) {
+        const topicArn = this.entitySnsArn;
+        const sendToSnsPromises = [];
+        const operationChucks = chunk(entityAttributeOperations, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
+        for (const operationsChunk of operationChucks) {
+            sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk, ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, 'Authorization entity attributes async update: failed to send operations to SNS'));
+        }
+        return (await Promise.all(sendToSnsPromises)).flat();
+    }
+    async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations, kind, errorLogMessage) {
+        const payload = {
+            kind,
+            payload: {
+                accountId: accountId,
+                callerAppName: appName,
+                callerActionIdentifier: callerActionIdentifier,
+                operations: operations,
+            },
+        };
+        try {
+            await sendToSns(payload, topicArn);
+            return operations;
+        }
+        catch (error) {
+            logger.error({ error, tag: AuthorizationAttributesSnsService.LOG_TAG }, errorLogMessage);
+            return [];
+        }
+    }
+    static getSnsTopicArn(type) {
+        let envVarName;
+        let devTestName;
+        switch (type) {
+            case SnsTopicType.ENTITY:
+                envVarName = ENTITY_SNS_ARN_ENV_VAR_NAME;
+                devTestName = ENTITY_SNS_DEV_TEST_NAME;
+                break;
+            default:
+                // Default to resource SNS constants
+                envVarName = RESOURCE_SNS_ARN_ENV_VAR_NAME;
+                devTestName = RESOURCE_SNS_DEV_TEST_NAME;
+                break;
+        }
+        const arnFromEnv = process.env[envVarName];
+        if (arnFromEnv) {
+            return arnFromEnv;
+        }
+        if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
+            return devTestName;
+        }
+        throw new Error(`Unable to get ${type} sns topic arn from env variable`);
+    }
+    /**
+     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
+     * This function can be used as health check for services that updating resource attributes in async is crucial.
+     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
+     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
+     * However, this is the best we can do without actually push dummy messages to the SNS.
+     * @return {Promise<boolean>} - true if succeeded
+     */
+    async asyncResourceAttributesHealthCheck() {
+        try {
+            const requestedTopicArn = this.resourceSnsArn;
+            const attributes = await getTopicAttributes(requestedTopicArn);
+            const isHealthy = !(!attributes || !('TopicArn' in attributes) || attributes.TopicArn !== requestedTopicArn);
+            if (!isHealthy) {
+                logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: AuthorizationAttributesSnsService.LOG_TAG }, 'authorization-attributes-service failed in health check');
+            }
+            return isHealthy;
+        }
+        catch (error) {
+            logger.error({ error, tag: AuthorizationAttributesSnsService.LOG_TAG }, 'authorization-attributes-service got error during health check');
+            return false;
+        }
+    }
+}
+
+export { AuthorizationAttributesSnsService };

package/dist/esm/authorization-middleware.d.ts

@@ -1,6 +1,6 @@
-import { Action, BaseRequest, BaseResponse, Context, ContextGetter, ResourceGetter } from './types/general';
+import { BaseRequest, BaseResponse, Context, ContextGetter, ResourceGetter } from './types/general';
 import type { NextFunction } from 'express';
-export declare function getAuthorizationMiddleware(action: Action, resourceGetter: ResourceGetter, contextGetter?: ContextGetter): (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
+export declare function getAuthorizationMiddleware(action: string, resourceGetter: ResourceGetter, contextGetter?: ContextGetter): (request: BaseRequest, response: BaseResponse, next: NextFunction) => Promise<void>;
 export declare function skipAuthorizationMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
 export declare function authorizationCheckMiddleware(request: BaseRequest, response: BaseResponse, next: NextFunction): void;
 export declare function defaultContextGetter(request: BaseRequest): Context;

package/dist/esm/authorization-middleware.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorization-middleware.d.ts","sourceRoot":"","sources":["../../src/authorization-middleware.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAI5C,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,cAAc,EAC9B,aAAa,CAAC,EAAE,aAAa,IAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAajB;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CAGlH;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CASnH;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAElE"}
+{"version":3,"file":"authorization-middleware.d.ts","sourceRoot":"","sources":["../../src/authorization-middleware.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACpG,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAI5C,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,cAAc,EAAE,cAAc,EAC9B,aAAa,CAAC,EAAE,aAAa,IAG3B,SAAS,WAAW,EACpB,UAAU,YAAY,EACtB,MAAM,YAAY,KACjB,OAAO,CAAC,IAAI,CAAC,CAajB;AAED,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CAGlH;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,IAAI,CASnH;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAElE"}

package/dist/esm/authorization-service.d.ts

@@ -1,6 +1,6 @@
 import { MondayFetchOptions } from '@mondaydotcomorg/monday-fetch';
 import { IgniteClient } from '@mondaydotcomorg/ignite-sdk';
-import { Action, AuthorizationObject, AuthorizationParams, Resource } from './types/general';
+import { AuthorizationObject, AuthorizationParams, Resource } from './types/general';
 import { ScopedAction, ScopedActionPermit, ScopedActionResponseObject, ScopeOptions } from './types/scoped-actions-contracts';
 export interface AuthorizeResponse {
     isAuthorized: boolean;
@@ -21,7 +21,7 @@ export declare class AuthorizationService {
      * @deprecated use the second form with authorizationRequestObjects instead,
      * support of this function will be dropped gradually
      */
-    static isAuthorized(accountId: number, userId: number, resources: Resource[], action: Action): Promise<AuthorizeResponse>;
+    static isAuthorized(accountId: number, userId: number, resources: Resource[], action: string): Promise<AuthorizeResponse>;
     static isAuthorized(accountId: number, userId: number, authorizationRequestObjects: AuthorizationObject[]): Promise<AuthorizeResponse>;
     /**
      * @deprecated - Please use Ignite instead: https://github.com/DaPulse/ignite-monorepo/blob/master/packages/ignite-sdk/README.md
@@ -40,5 +40,5 @@ export declare class AuthorizationService {
 }
 export declare function setRedisClient(client: any, grantedFeatureRedisExpirationInSeconds?: number): void;
 export declare function setIgniteClient(): Promise<void>;
-export declare function createAuthorizationParams(resources: Resource[], action: Action): AuthorizationParams;
+export declare function createAuthorizationParams(resources: Resource[], action: string): AuthorizationParams;
 //# sourceMappingURL=authorization-service.d.ts.map

package/dist/esm/authorization-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAG7F,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAe1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;IAM9B,OAAO,CAAC,MAAM,CAAC,UAAU;WA+DZ,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA+DnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAepG"}
+{"version":3,"file":"authorization-service.d.ts","sourceRoot":"","sources":["../../src/authorization-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAGnE,OAAO,EAAmB,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAGrF,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,0BAA0B,EAC1B,YAAY,EACb,MAAM,kCAAkC,CAAC;AAe1C,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,mBAAmB,EAAE,CAAC;CAC7C;AAED,wBAAgB,sBAAsB,CAAC,wBAAwB,EAAE,kBAAkB,QAElF;AAMD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,MAAM,KAAK,QAAQ,GAK1B;IACD,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAW;IAEpC,OAAO,CAAC,MAAM,KAAK,WAAW,GAK7B;IACD,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAc;IAE1C,MAAM,CAAC,eAAe,IAAI,IAAI;IAK9B,MAAM,CAAC,WAAW,CAAC,MAAC;IACpB,MAAM,CAAC,sCAAsC,CAAC,EAAE,MAAM,CAAC;IACvD,MAAM,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;IAEnC;;;OAGG;WACU,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,EACrB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,iBAAiB,CAAC;WAEhB,YAAY,CACvB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,2BAA2B,EAAE,mBAAmB,EAAE,GACjD,OAAO,CAAC,iBAAiB,CAAC;IAY7B;;;OAGG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAO,GAC1C,OAAO,CAAC,OAAO,CAAC;mBAkBE,6BAA6B;IAclD,OAAO,CAAC,MAAM,CAAC,gBAAgB;WAIlB,gBAAgB,CAC3B,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,kBAAkB,CAAC;IAM9B,OAAO,CAAC,MAAM,CAAC,UAAU;WAsBZ,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;mBA4CnB,oBAAoB;mBAUpB,oBAAoB;CAmF1C;AAED,wBAAgB,cAAc,CAC5B,MAAM,KAAA,EACN,sCAAsC,GAAE,MAAiD,QAY1F;AAED,wBAAsB,eAAe,kBAMpC;AAED,wBAAgB,yBAAyB,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,CAepG"}

package/dist/esm/authorization-service.mjs

@@ -94,33 +94,15 @@ class AuthorizationService {
             logger.error({ tag: 'authorization-service' }, 'AuthorizationService: igniteClient is not set, failing request');
             throw new Error('AuthorizationService: igniteClient is not set, failing request');
         }
-        const allowedProfiles = this.igniteClient.configuration.getObjectValue(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []);
-        const isAllowedProfile = allowedProfiles.includes(appName);
-        logger.error({ tag: 'auth-debug', accountId, userId, appName, allowedProfiles, isAllowedProfile }, 'AuthorizationService.getProfile: checking allowed profiles');
-        if (isAllowedProfile) {
-            const profile = getProfile();
-            logger.error({ tag: 'auth-debug', accountId, userId, appName, profile }, 'AuthorizationService.getProfile: selected profile via allowed profiles');
-            return profile;
+        if (this.igniteClient.configuration.getObjectValue(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []).includes(appName)) {
+            return getProfile();
         }
-        const inReleaseProfiles = this.igniteClient.configuration.getObjectValue(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, []);
-        const isInReleaseProfile = inReleaseProfiles.includes(appName);
-        const isFeatureFlagReleased = this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId });
-        logger.error({
-            tag: 'auth-debug',
-            accountId,
-            userId,
-            appName,
-            inReleaseProfiles,
-            isInReleaseProfile,
-            isFeatureFlagReleased,
-            featureFlag: PLATFORM_PROFILE_RELEASE_FF,
-        }, 'AuthorizationService.getProfile: checking feature flag release');
-        if (isInReleaseProfile && isFeatureFlagReleased) {
-            const profile = getProfile();
-            logger.error({ tag: 'auth-debug', accountId, userId, appName, profile }, 'AuthorizationService.getProfile: selected profile via feature flag release');
-            return profile;
+        if (this.igniteClient.configuration
+            .getObjectValue(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, [])
+            .includes(appName) &&
+            this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId })) {
+            return getProfile();
         }
-        logger.error({ tag: 'auth-debug', accountId, userId, appName, profile: PlatformProfile.APP }, 'AuthorizationService.getProfile: selected default APP profile');
         return PlatformProfile.APP;
     }
     static async canActionInScopeMultiple(accountId, userId, scopedActions) {
@@ -128,24 +110,15 @@ class AuthorizationService {
             return [];
         }
         const shouldNavigateToGraph = Boolean(this.igniteClient?.isReleased(NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF, { accountId, userId }));
-        logger.error({
-            tag: 'auth-debug',
-            accountId,
-            userId,
-            shouldNavigateToGraph,
-            featureFlag: NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF,
-        }, 'AuthorizationService.canActionInScopeMultiple: determining which API flow to use');
         const startTime = performance.now();
         let scopedActionResponseObjects;
         let apiType;
         if (shouldNavigateToGraph) {
             apiType = 'graph';
-            logger.error({ tag: 'auth-debug', accountId, userId, apiType }, 'AuthorizationService.canActionInScopeMultiple: using graph API flow');
             scopedActionResponseObjects = await this.graphApi.checkPermissions(accountId, userId, scopedActions);
         }
         else {
             apiType = 'platform';
-            logger.error({ tag: 'auth-debug', accountId, userId, apiType }, 'AuthorizationService.canActionInScopeMultiple: using platform API flow');
             const profile = this.getProfile(accountId, userId);
             const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
             scopedActionResponseObjects = await this.platformApi.checkPermissions(profile, internalAuthToken, userId, scopedActions);

package/dist/esm/base-attribute-assignment.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Base class for attribute assignments (Resource or Entity)
+ * Provides common validation and functionality
+ */
+export declare abstract class BaseAttributeAssignment<TId extends number, TType extends string> {
+    readonly id: TId;
+    readonly type: TType;
+    readonly attributeKey: string;
+    readonly attributeValue: string;
+    constructor(id: TId, type: string, attributeKey: string, attributeValue: string, validTypes: readonly string[], idFieldName: string, typeFieldName: string);
+    /**
+     * Compares two assignments for equality
+     * @param other Another assignment instance
+     * @returns true if all properties are equal
+     */
+    equals(other: BaseAttributeAssignment<TId, TType>): boolean;
+}
+//# sourceMappingURL=base-attribute-assignment.d.ts.map

package/dist/esm/base-attribute-assignment.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-attribute-assignment.d.ts","sourceRoot":"","sources":["../../src/base-attribute-assignment.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,8BAAsB,uBAAuB,CAAC,GAAG,SAAS,MAAM,EAAE,KAAK,SAAS,MAAM;IACpF,SAAgB,EAAE,EAAE,GAAG,CAAC;IACxB,SAAgB,IAAI,EAAE,KAAK,CAAC;IAC5B,SAAgB,YAAY,EAAE,MAAM,CAAC;IACrC,SAAgB,cAAc,EAAE,MAAM,CAAC;gBAGrC,EAAE,EAAE,GAAG,EACP,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,EACpB,cAAc,EAAE,MAAM,EACtB,UAAU,EAAE,SAAS,MAAM,EAAE,EAC7B,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,MAAM;IAmBvB;;;;OAIG;IACH,MAAM,CAAC,KAAK,EAAE,uBAAuB,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,OAAO;CAW5D"}

package/dist/esm/base-attribute-assignment.mjs

@@ -0,0 +1,41 @@
+import { ValidationUtils } from './utils/validation.mjs';
+
+/**
+ * Base class for attribute assignments (Resource or Entity)
+ * Provides common validation and functionality
+ */
+class BaseAttributeAssignment {
+    id;
+    type;
+    attributeKey;
+    attributeValue;
+    constructor(id, type, attributeKey, attributeValue, validTypes, idFieldName, typeFieldName) {
+        // Validate id
+        ValidationUtils.validateInteger(id, idFieldName);
+        // Validate type
+        this.type = ValidationUtils.validateEnum(type, validTypes, typeFieldName);
+        // Validate attributeKey
+        ValidationUtils.validateString(attributeKey, 'attributeKey');
+        // Validate attributeValue
+        ValidationUtils.validateString(attributeValue, 'attributeValue');
+        this.id = id;
+        this.attributeKey = attributeKey;
+        this.attributeValue = attributeValue;
+    }
+    /**
+     * Compares two assignments for equality
+     * @param other Another assignment instance
+     * @returns true if all properties are equal
+     */
+    equals(other) {
+        if (!(other instanceof this.constructor)) {
+            return false;
+        }
+        return (this.id === other.id &&
+            this.type === other.type &&
+            this.attributeKey === other.attributeKey &&
+            this.attributeValue === other.attributeValue);
+    }
+}
+
+export { BaseAttributeAssignment };

package/dist/esm/constants/sns.d.ts

@@ -1,5 +1,15 @@
-export declare const SNS_ARN_ENV_VAR_NAME = "SHARED_AUTHORIZATION_SNS_ENDPOINT_RESOURCE_ATTRIBUTES";
-export declare const SNS_DEV_TEST_NAME = "arn:aws:sns:us-east-1:000000000000:monday-authorization-resource-attributes-sns-local";
+export declare enum SnsTopicType {
+    RESOURCE = "resource",
+    ENTITY = "entity"
+}
+export declare const RESOURCE_SNS_ARN_ENV_VAR_NAME = "SHARED_AUTHORIZATION_SNS_ENDPOINT_RESOURCE_ATTRIBUTES";
+export declare const RESOURCE_SNS_DEV_TEST_NAME = "arn:aws:sns:us-east-1:000000000000:monday-authorization-resource-attributes-sns-local";
+export declare const ENTITY_SNS_ARN_ENV_VAR_NAME = "SHARED_AUTHORIZATION_SNS_ENDPOINT_ENTITY_ATTRIBUTES";
+export declare const ENTITY_SNS_DEV_TEST_NAME = "arn:aws:sns:us-east-1:000000000000:monday-authorization-entity-attributes-sns-local";
 export declare const RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = "resourceAttributeModification";
+export declare const ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = "entityAttributeModification";
 export declare const ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
+export declare const ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
+export declare const SNS_ARN_ENV_VAR_NAME = "SHARED_AUTHORIZATION_SNS_ENDPOINT_RESOURCE_ATTRIBUTES";
+export declare const SNS_DEV_TEST_NAME = "arn:aws:sns:us-east-1:000000000000:monday-authorization-resource-attributes-sns-local";
 //# sourceMappingURL=sns.d.ts.map

package/dist/esm/constants/sns.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sns.d.ts","sourceRoot":"","sources":["../../../src/constants/sns.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,oBAAoB,0DAA0D,CAAC;AAC5F,eAAO,MAAM,iBAAiB,0FAC2D,CAAC;AAC1F,eAAO,MAAM,qDAAqD,kCAAkC,CAAC;AACrG,eAAO,MAAM,oDAAoD,MAAM,CAAC"}
+{"version":3,"file":"sns.d.ts","sourceRoot":"","sources":["../../../src/constants/sns.ts"],"names":[],"mappings":"AAAA,oBAAY,YAAY;IACtB,QAAQ,aAAa;IACrB,MAAM,WAAW;CAClB;AAGD,eAAO,MAAM,6BAA6B,0DAA0D,CAAC;AACrG,eAAO,MAAM,0BAA0B,0FACkD,CAAC;AAG1F,eAAO,MAAM,2BAA2B,wDAAwD,CAAC;AACjG,eAAO,MAAM,wBAAwB,wFACkD,CAAC;AACxF,eAAO,MAAM,qDAAqD,kCAAkC,CAAC;AACrG,eAAO,MAAM,mDAAmD,gCAAgC,CAAC;AACjG,eAAO,MAAM,oDAAoD,MAAM,CAAC;AACxE,eAAO,MAAM,kDAAkD,MAAM,CAAC;AAGtE,eAAO,MAAM,oBAAoB,0DAAgC,CAAC;AAClE,eAAO,MAAM,iBAAiB,0FAA6B,CAAC"}

package/dist/esm/constants/sns.mjs

@@ -1,6 +1,20 @@
-const SNS_ARN_ENV_VAR_NAME = 'SHARED_AUTHORIZATION_SNS_ENDPOINT_RESOURCE_ATTRIBUTES';
-const SNS_DEV_TEST_NAME = 'arn:aws:sns:us-east-1:000000000000:monday-authorization-resource-attributes-sns-local';
+var SnsTopicType;
+(function (SnsTopicType) {
+    SnsTopicType["RESOURCE"] = "resource";
+    SnsTopicType["ENTITY"] = "entity";
+})(SnsTopicType || (SnsTopicType = {}));
+// Resource SNS constants
+const RESOURCE_SNS_ARN_ENV_VAR_NAME = 'SHARED_AUTHORIZATION_SNS_ENDPOINT_RESOURCE_ATTRIBUTES';
+const RESOURCE_SNS_DEV_TEST_NAME = 'arn:aws:sns:us-east-1:000000000000:monday-authorization-resource-attributes-sns-local';
+// Entity SNS constants
+const ENTITY_SNS_ARN_ENV_VAR_NAME = 'SHARED_AUTHORIZATION_SNS_ENDPOINT_ENTITY_ATTRIBUTES';
+const ENTITY_SNS_DEV_TEST_NAME = 'arn:aws:sns:us-east-1:000000000000:monday-authorization-entity-attributes-sns-local';
 const RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = 'resourceAttributeModification';
+const ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND = 'entityAttributeModification';
 const ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
+const ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE = 100;
+// Legacy exports for backward compatibility
+const SNS_ARN_ENV_VAR_NAME = RESOURCE_SNS_ARN_ENV_VAR_NAME;
+const SNS_DEV_TEST_NAME = RESOURCE_SNS_DEV_TEST_NAME;
 
-export { ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, SNS_ARN_ENV_VAR_NAME, SNS_DEV_TEST_NAME };
+export { ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, ENTITY_SNS_ARN_ENV_VAR_NAME, ENTITY_SNS_DEV_TEST_NAME, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, RESOURCE_SNS_ARN_ENV_VAR_NAME, RESOURCE_SNS_DEV_TEST_NAME, SNS_ARN_ENV_VAR_NAME, SNS_DEV_TEST_NAME, SnsTopicType };

package/dist/esm/entity-attribute-assignment.d.ts

@@ -0,0 +1,14 @@
+import { EntityType } from './entity-attributes-constants';
+import { BaseAttributeAssignment } from './base-attribute-assignment';
+export declare class EntityAttributeAssignment extends BaseAttributeAssignment<number, EntityType> {
+    readonly entityId: number;
+    readonly entityType: EntityType;
+    constructor(entityId: number, entityType: string, attributeKey: string, attributeValue: string);
+    /**
+     * Compares two assignments for equality
+     * @param other Another EntityAttributeAssignment instance
+     * @returns true if all properties are equal
+     */
+    equals(other: EntityAttributeAssignment): boolean;
+}
+//# sourceMappingURL=entity-attribute-assignment.d.ts.map

package/dist/esm/entity-attribute-assignment.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entity-attribute-assignment.d.ts","sourceRoot":"","sources":["../../src/entity-attribute-assignment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAgB,UAAU,EAAE,MAAM,+BAA+B,CAAC;AACzE,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAC;AAEtE,qBAAa,yBAA0B,SAAQ,uBAAuB,CAAC,MAAM,EAAE,UAAU,CAAC;IACxF,SAAgB,QAAQ,EAAE,MAAM,CAAC;IACjC,SAAgB,UAAU,EAAE,UAAU,CAAC;gBAE3B,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM;IAK9F;;;;OAIG;IACH,MAAM,CAAC,KAAK,EAAE,yBAAyB,GAAG,OAAO;CAGlD"}

package/dist/esm/entity-attribute-assignment.mjs

@@ -0,0 +1,22 @@
+import { ENTITY_TYPES } from './entity-attributes-constants.mjs';
+import { BaseAttributeAssignment } from './base-attribute-assignment.mjs';
+
+class EntityAttributeAssignment extends BaseAttributeAssignment {
+    entityId;
+    entityType;
+    constructor(entityId, entityType, attributeKey, attributeValue) {
+        super(entityId, entityType, attributeKey, attributeValue, Object.values(ENTITY_TYPES), 'entityId', 'entityType');
+        this.entityId = entityId;
+        this.entityType = this.type;
+    }
+    /**
+     * Compares two assignments for equality
+     * @param other Another EntityAttributeAssignment instance
+     * @returns true if all properties are equal
+     */
+    equals(other) {
+        return super.equals(other);
+    }
+}
+
+export { EntityAttributeAssignment };

package/dist/esm/entity-attributes-constants.d.ts

@@ -0,0 +1,7 @@
+export declare const ENTITY_TYPES: {
+    readonly USER: "user";
+    readonly TEAM: "team";
+    readonly ACCOUNT: "account";
+};
+export type EntityType = (typeof ENTITY_TYPES)[keyof typeof ENTITY_TYPES];
+//# sourceMappingURL=entity-attributes-constants.d.ts.map

package/dist/esm/entity-attributes-constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entity-attributes-constants.d.ts","sourceRoot":"","sources":["../../src/entity-attributes-constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY;;;;CAIf,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC"}

package/dist/esm/entity-attributes-constants.mjs

@@ -0,0 +1,7 @@
+const ENTITY_TYPES = {
+    USER: 'user',
+    TEAM: 'team',
+    ACCOUNT: 'account',
+};
+
+export { ENTITY_TYPES };

package/dist/esm/errors/argument-error.d.ts

@@ -0,0 +1,4 @@
+export declare class ArgumentError extends Error {
+    constructor(message: string);
+}
+//# sourceMappingURL=argument-error.d.ts.map

package/dist/esm/errors/argument-error.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"argument-error.d.ts","sourceRoot":"","sources":["../../../src/errors/argument-error.ts"],"names":[],"mappings":"AAAA,qBAAa,aAAc,SAAQ,KAAK;gBAC1B,OAAO,EAAE,MAAM;CAK5B"}

package/dist/esm/errors/argument-error.mjs

@@ -0,0 +1,9 @@
+class ArgumentError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ArgumentError';
+        Object.setPrototypeOf(this, ArgumentError.prototype);
+    }
+}
+
+export { ArgumentError };