@pax2pay/model-banking 0.1.178 → 0.1.180
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Identity.ts +27 -0
- package/Key/Permissions.ts +32 -0
- package/Key/Roles.ts +90 -0
- package/Key/index.ts +26 -0
- package/Rule/State/Authorization.ts +3 -0
- package/dist/Identity.d.ts +13 -0
- package/dist/Identity.js +21 -0
- package/dist/Identity.js.map +1 -0
- package/dist/Key/Permissions.d.ts +67 -0
- package/dist/Key/Permissions.js +2 -0
- package/dist/Key/Permissions.js.map +1 -0
- package/dist/Key/Roles.d.ts +24 -0
- package/dist/Key/Roles.js +78 -0
- package/dist/Key/Roles.js.map +1 -0
- package/dist/Key/index.d.ts +25 -0
- package/dist/Key/index.js +6 -0
- package/dist/Key/index.js.map +1 -0
- package/dist/Rule/State/Authorization.d.ts +1 -0
- package/dist/Rule/State/Authorization.js +2 -0
- package/dist/Rule/State/Authorization.js.map +1 -1
- package/dist/pax2pay.d.ts +2 -0
- package/dist/pax2pay.js +2 -0
- package/dist/pax2pay.js.map +1 -1
- package/package.json +1 -1
- package/pax2pay.ts +2 -0
- package/tsconfig.json +1 -1
package/Identity.ts
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model"
|
|
2
|
+
import { Key } from "./Key"
|
|
3
|
+
import { Realm } from "./Realm"
|
|
4
|
+
|
|
5
|
+
export class Identity {
|
|
6
|
+
constructor(readonly key: Key) {}
|
|
7
|
+
check(constraint: Key.Permissions, realm?: Realm, organization?: string) {
|
|
8
|
+
return [
|
|
9
|
+
{ [`${this.key.realm ?? realm}-${this.key.organization ?? organization}`]: constraint },
|
|
10
|
+
{ [`${this.key.realm ?? realm}-*`]: constraint },
|
|
11
|
+
{ [`*-*`]: constraint },
|
|
12
|
+
].some(e => userwidgets.User.Permissions.check(this.key.permissions, e))
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
static async authenticate(
|
|
16
|
+
header: { authorization?: string | undefined; realm?: Realm; organization?: string },
|
|
17
|
+
constraint: Key.Permissions,
|
|
18
|
+
verifier: userwidgets.User.Key.Verifier<Key> = productionVerifier
|
|
19
|
+
): Promise<Identity | undefined> {
|
|
20
|
+
const key: Key | undefined = await verifier.verify(header.authorization)
|
|
21
|
+
const result = key && new Identity(key)
|
|
22
|
+
return result?.check(constraint, header.realm, header.organization) ? result : undefined
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
const publicKey =
|
|
26
|
+
"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtEHMQ+myaJa+0MvItYX936J78rgykGpMaf7qeQ+UENauyjzAJIPGyjMMim/t1cdnhf4a4i8v4EaQMyQXcOheIyZDs6ps7s5HDqvq9WrPVevP6N8QiFT1n5WKyMakzVtDSh6wva9PTihFoRQcZEvaio9fUXNLT0qxiB6bmwXMA+oGuVWCymqLcOY3ZLbKBYt1symO9YSpTR1jaUiGtzWtaYZ2QrWZ25LimhVkgv1ewgtMx9ybH/MiRvL29u8tttvVdFoAgABP+LHJrUQG0ykWopgNQHoWNUusqplSinHJy1avgG/xH2g8wiGR8byBsnEITq6qk3ShTV/pZfHo2ckvQzYaL17/sU4+G1lscJNoB0nQkwgTopCWbBHjxV9xNyM3CbQbdo113QcqXKlNWxeUUEVttIat+zZhcr43JZPvTfHxzLLVnsT7d9FTgsJpiolOirCJ4uW4YUKmngTNWV1dkjhe5cFAX346YcwdO0oDUcWdiGg1zD739HDsMZy9s8CPcRWHZlYntVfELqoILlaO3GEaGaY3dEV2TgWOwYwIWgTTfXWC+LO+ybxafb/DyHKmPZMhox2mITuodigNtRrfhLk2xVYQjeBpQd++nbChj2GLeGCOaLAqq2ZpVOEMgG9jHpUiGeqhk81D4YCRJvy0ubRVg/oqrfUTQtnFiURQy4UCAwEAAQ=="
|
|
27
|
+
const productionVerifier = userwidgets.User.Key.Verifier.create<Key>(publicKey)
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model"
|
|
2
|
+
|
|
3
|
+
export type Permissions = Permissions.Organization | Permissions.Realm
|
|
4
|
+
export namespace Permissions {
|
|
5
|
+
export interface Realm extends userwidgets.User.Permissions {
|
|
6
|
+
organizations?:
|
|
7
|
+
| {
|
|
8
|
+
create?: true
|
|
9
|
+
view?: true
|
|
10
|
+
accounts?: { balance?: true; view?: true; create?: true; change?: true; cancel?: true } | true
|
|
11
|
+
rules?:
|
|
12
|
+
| {
|
|
13
|
+
edit?: true
|
|
14
|
+
view?: true
|
|
15
|
+
}
|
|
16
|
+
| true
|
|
17
|
+
}
|
|
18
|
+
| true
|
|
19
|
+
transactions?: { create?: true; view?: true; resolve?: true; comment?: true } | true
|
|
20
|
+
cards?: { create?: true; view?: true; change?: true; cancel?: true } | true
|
|
21
|
+
rules?: { edit?: true; view?: true } | true
|
|
22
|
+
settlements?: { create?: true; view?: true; ammend?: true } | true
|
|
23
|
+
treasury?: { rebalance?: true; view?: true } | true
|
|
24
|
+
operations?: { view?: true } | true
|
|
25
|
+
}
|
|
26
|
+
export interface Organization extends userwidgets.User.Permissions {
|
|
27
|
+
accounts?:
|
|
28
|
+
| { balance?: true; view?: true; create?: true; change?: true; transactions?: { view?: true; create?: true } }
|
|
29
|
+
| true
|
|
30
|
+
cards?: { create?: true; view?: true; change?: true; cancel?: true } | true
|
|
31
|
+
}
|
|
32
|
+
}
|
package/Key/Roles.ts
ADDED
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model"
|
|
2
|
+
import { isly } from "isly"
|
|
3
|
+
import { Realm } from "../Realm"
|
|
4
|
+
import { Permissions } from "./Permissions"
|
|
5
|
+
|
|
6
|
+
type OrganizationCode = string
|
|
7
|
+
export type Roles =
|
|
8
|
+
| Partial<Record<`${Realm | "*"}-*`, (Roles.Realm.Role | Roles.Organization.Role)[]>>
|
|
9
|
+
| Partial<Record<`${Realm | "*"}-${OrganizationCode}`, Roles.Organization.Role[]>>
|
|
10
|
+
export namespace Roles {
|
|
11
|
+
export type Role = Realm.Role | Organization.Role
|
|
12
|
+
export function resolve(roles: Roles): Permissions {
|
|
13
|
+
let result = {}
|
|
14
|
+
for (const [key, role] of Object.entries(roles)) {
|
|
15
|
+
const [, organizationCode] = key.split("-")
|
|
16
|
+
result =
|
|
17
|
+
role?.reduce(
|
|
18
|
+
(r, role) =>
|
|
19
|
+
userwidgets.User.Permissions.merge(r, {
|
|
20
|
+
[key]:
|
|
21
|
+
organizationCode == "*" && Realm.is(role)
|
|
22
|
+
? Realm.definitions[role]
|
|
23
|
+
: Organization.definitions[role as Organization.Role],
|
|
24
|
+
}),
|
|
25
|
+
result
|
|
26
|
+
) ?? result
|
|
27
|
+
}
|
|
28
|
+
return result
|
|
29
|
+
}
|
|
30
|
+
export namespace Realm {
|
|
31
|
+
export type Roles = Partial<Record<Role, true>>
|
|
32
|
+
export type Role = typeof roles[number]
|
|
33
|
+
export const roles = ["admin", "fincrime-readonly", "fincrime", "finance", "support"] as const
|
|
34
|
+
export const type = isly.string(roles)
|
|
35
|
+
export const is = type.is
|
|
36
|
+
export const definitions: Record<Role, Permissions.Realm | true> = {
|
|
37
|
+
admin: true,
|
|
38
|
+
"fincrime-readonly": {
|
|
39
|
+
organizations: {
|
|
40
|
+
view: true,
|
|
41
|
+
accounts: { view: true },
|
|
42
|
+
rules: { view: true },
|
|
43
|
+
},
|
|
44
|
+
transactions: { view: true },
|
|
45
|
+
cards: { view: true },
|
|
46
|
+
rules: { view: true },
|
|
47
|
+
},
|
|
48
|
+
fincrime: {
|
|
49
|
+
organizations: {
|
|
50
|
+
view: true,
|
|
51
|
+
accounts: { balance: true, view: true },
|
|
52
|
+
rules: true,
|
|
53
|
+
},
|
|
54
|
+
transactions: { view: true, resolve: true, comment: true },
|
|
55
|
+
cards: { view: true, cancel: true },
|
|
56
|
+
rules: true,
|
|
57
|
+
},
|
|
58
|
+
finance: {
|
|
59
|
+
treasury: { rebalance: true, view: true },
|
|
60
|
+
settlements: { view: true },
|
|
61
|
+
},
|
|
62
|
+
support: {
|
|
63
|
+
organizations: {
|
|
64
|
+
create: true,
|
|
65
|
+
view: true,
|
|
66
|
+
accounts: true,
|
|
67
|
+
rules: {
|
|
68
|
+
view: true,
|
|
69
|
+
},
|
|
70
|
+
},
|
|
71
|
+
transactions: { view: true },
|
|
72
|
+
cards: { view: true, cancel: true },
|
|
73
|
+
rules: { view: true },
|
|
74
|
+
},
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
export namespace Organization {
|
|
78
|
+
export type Roles = Partial<Record<Role, true>>
|
|
79
|
+
export type Role = typeof roles[number]
|
|
80
|
+
export const roles = ["admin", "finance", "payments"] as const
|
|
81
|
+
export const definitions: Record<Role, Permissions.Organization | true> = {
|
|
82
|
+
admin: true,
|
|
83
|
+
finance: {
|
|
84
|
+
accounts: { balance: true, view: true, transactions: { view: true, create: true } },
|
|
85
|
+
cards: true,
|
|
86
|
+
},
|
|
87
|
+
payments: { cards: true, accounts: { view: true, transactions: { create: true } } },
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
}
|
package/Key/index.ts
ADDED
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model"
|
|
2
|
+
import { Realm } from "../Realm"
|
|
3
|
+
import { Permissions as KeyPermissions } from "./Permissions"
|
|
4
|
+
import { Roles as KeyRoles } from "./Roles"
|
|
5
|
+
|
|
6
|
+
type Claims = {
|
|
7
|
+
organization: string
|
|
8
|
+
realm: Realm
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
export type Key = userwidgets.User.Key<userwidgets.User.Key.Creatable.Claims | Claims, Key.Permissions>
|
|
12
|
+
export namespace Key {
|
|
13
|
+
export type Permissions = KeyPermissions
|
|
14
|
+
export namespace Permissions {
|
|
15
|
+
export type Realm = KeyPermissions.Realm
|
|
16
|
+
export type Organization = KeyPermissions.Organization
|
|
17
|
+
}
|
|
18
|
+
export type Roles = KeyRoles
|
|
19
|
+
export const Roles = KeyRoles
|
|
20
|
+
export namespace Roles {
|
|
21
|
+
export type Role = KeyRoles.Role
|
|
22
|
+
export namespace Organization {
|
|
23
|
+
export type Role = KeyRoles.Organization.Role
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
}
|
|
@@ -6,6 +6,7 @@ import { Merchant } from "../../Merchant"
|
|
|
6
6
|
|
|
7
7
|
export interface Authorization extends Omit<ModelAuthorization.Creatable, "amount"> {
|
|
8
8
|
time: string
|
|
9
|
+
hour: number
|
|
9
10
|
currency: isoly.Currency
|
|
10
11
|
amount: number
|
|
11
12
|
original: { currency: isoly.Currency; amount: number }
|
|
@@ -15,6 +16,7 @@ export namespace Authorization {
|
|
|
15
16
|
return {
|
|
16
17
|
...authorization,
|
|
17
18
|
time: isoly.DateTime.getTime(isoly.DateTime.now()),
|
|
19
|
+
hour: isoly.DateTime.getHour(isoly.DateTime.now()),
|
|
18
20
|
currency: authorization.amount[0],
|
|
19
21
|
amount: Math.abs(authorization.amount[1]),
|
|
20
22
|
original: { currency: authorization.amount[0], amount: Math.abs(authorization.amount[1]) },
|
|
@@ -34,6 +36,7 @@ export namespace Authorization {
|
|
|
34
36
|
amount: isly.number(),
|
|
35
37
|
}),
|
|
36
38
|
time: isly.string(),
|
|
39
|
+
hour: isly.number(),
|
|
37
40
|
})
|
|
38
41
|
export const is = type.is
|
|
39
42
|
export const flaw = type.flaw
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
import { Key } from "./Key";
|
|
3
|
+
import { Realm } from "./Realm";
|
|
4
|
+
export declare class Identity {
|
|
5
|
+
readonly key: Key;
|
|
6
|
+
constructor(key: Key);
|
|
7
|
+
check(constraint: Key.Permissions, realm?: Realm, organization?: string): boolean;
|
|
8
|
+
static authenticate(header: {
|
|
9
|
+
authorization?: string | undefined;
|
|
10
|
+
realm?: Realm;
|
|
11
|
+
organization?: string;
|
|
12
|
+
}, constraint: Key.Permissions, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<Identity | undefined>;
|
|
13
|
+
}
|
package/dist/Identity.js
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
export class Identity {
|
|
3
|
+
constructor(key) {
|
|
4
|
+
this.key = key;
|
|
5
|
+
}
|
|
6
|
+
check(constraint, realm, organization) {
|
|
7
|
+
return [
|
|
8
|
+
{ [`${this.key.realm ?? realm}-${this.key.organization ?? organization}`]: constraint },
|
|
9
|
+
{ [`${this.key.realm ?? realm}-*`]: constraint },
|
|
10
|
+
{ [`*-*`]: constraint },
|
|
11
|
+
].some(e => userwidgets.User.Permissions.check(this.key.permissions, e));
|
|
12
|
+
}
|
|
13
|
+
static async authenticate(header, constraint, verifier = productionVerifier) {
|
|
14
|
+
const key = await verifier.verify(header.authorization);
|
|
15
|
+
const result = key && new Identity(key);
|
|
16
|
+
return result?.check(constraint, header.realm, header.organization) ? result : undefined;
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
const publicKey = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtEHMQ+myaJa+0MvItYX936J78rgykGpMaf7qeQ+UENauyjzAJIPGyjMMim/t1cdnhf4a4i8v4EaQMyQXcOheIyZDs6ps7s5HDqvq9WrPVevP6N8QiFT1n5WKyMakzVtDSh6wva9PTihFoRQcZEvaio9fUXNLT0qxiB6bmwXMA+oGuVWCymqLcOY3ZLbKBYt1symO9YSpTR1jaUiGtzWtaYZ2QrWZ25LimhVkgv1ewgtMx9ybH/MiRvL29u8tttvVdFoAgABP+LHJrUQG0ykWopgNQHoWNUusqplSinHJy1avgG/xH2g8wiGR8byBsnEITq6qk3ShTV/pZfHo2ckvQzYaL17/sU4+G1lscJNoB0nQkwgTopCWbBHjxV9xNyM3CbQbdo113QcqXKlNWxeUUEVttIat+zZhcr43JZPvTfHxzLLVnsT7d9FTgsJpiolOirCJ4uW4YUKmngTNWV1dkjhe5cFAX346YcwdO0oDUcWdiGg1zD739HDsMZy9s8CPcRWHZlYntVfELqoILlaO3GEaGaY3dEV2TgWOwYwIWgTTfXWC+LO+ybxafb/DyHKmPZMhox2mITuodigNtRrfhLk2xVYQjeBpQd++nbChj2GLeGCOaLAqq2ZpVOEMgG9jHpUiGeqhk81D4YCRJvy0ubRVg/oqrfUTQtnFiURQy4UCAwEAAQ==";
|
|
20
|
+
const productionVerifier = userwidgets.User.Key.Verifier.create(publicKey);
|
|
21
|
+
//# sourceMappingURL=Identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"../","sources":["Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAIhD,MAAM,OAAO,QAAQ;IACpB,YAAqB,GAAQ;QAAR,QAAG,GAAH,GAAG,CAAK;IAAG,CAAC;IACjC,KAAK,CAAC,UAA2B,EAAE,KAAa,EAAE,YAAqB;QACtE,OAAO;YACN,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,IAAI,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;YACvF,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,IAAI,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;YAChD,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;SACvB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACzE,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA2B,EAC3B,WAA+C,kBAAkB;QAEjE,MAAM,GAAG,GAAoB,MAAM,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QACxE,MAAM,MAAM,GAAG,GAAG,IAAI,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAA;QACvC,OAAO,MAAM,EAAE,KAAK,CAAC,UAAU,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAA;IACzF,CAAC;CACD;AACD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
export type Permissions = Permissions.Organization | Permissions.Realm;
|
|
3
|
+
export declare namespace Permissions {
|
|
4
|
+
interface Realm extends userwidgets.User.Permissions {
|
|
5
|
+
organizations?: {
|
|
6
|
+
create?: true;
|
|
7
|
+
view?: true;
|
|
8
|
+
accounts?: {
|
|
9
|
+
balance?: true;
|
|
10
|
+
view?: true;
|
|
11
|
+
create?: true;
|
|
12
|
+
change?: true;
|
|
13
|
+
cancel?: true;
|
|
14
|
+
} | true;
|
|
15
|
+
rules?: {
|
|
16
|
+
edit?: true;
|
|
17
|
+
view?: true;
|
|
18
|
+
} | true;
|
|
19
|
+
} | true;
|
|
20
|
+
transactions?: {
|
|
21
|
+
create?: true;
|
|
22
|
+
view?: true;
|
|
23
|
+
resolve?: true;
|
|
24
|
+
comment?: true;
|
|
25
|
+
} | true;
|
|
26
|
+
cards?: {
|
|
27
|
+
create?: true;
|
|
28
|
+
view?: true;
|
|
29
|
+
change?: true;
|
|
30
|
+
cancel?: true;
|
|
31
|
+
} | true;
|
|
32
|
+
rules?: {
|
|
33
|
+
edit?: true;
|
|
34
|
+
view?: true;
|
|
35
|
+
} | true;
|
|
36
|
+
settlements?: {
|
|
37
|
+
create?: true;
|
|
38
|
+
view?: true;
|
|
39
|
+
ammend?: true;
|
|
40
|
+
} | true;
|
|
41
|
+
treasury?: {
|
|
42
|
+
rebalance?: true;
|
|
43
|
+
view?: true;
|
|
44
|
+
} | true;
|
|
45
|
+
operations?: {
|
|
46
|
+
view?: true;
|
|
47
|
+
} | true;
|
|
48
|
+
}
|
|
49
|
+
interface Organization extends userwidgets.User.Permissions {
|
|
50
|
+
accounts?: {
|
|
51
|
+
balance?: true;
|
|
52
|
+
view?: true;
|
|
53
|
+
create?: true;
|
|
54
|
+
change?: true;
|
|
55
|
+
transactions?: {
|
|
56
|
+
view?: true;
|
|
57
|
+
create?: true;
|
|
58
|
+
};
|
|
59
|
+
} | true;
|
|
60
|
+
cards?: {
|
|
61
|
+
create?: true;
|
|
62
|
+
view?: true;
|
|
63
|
+
change?: true;
|
|
64
|
+
cancel?: true;
|
|
65
|
+
} | true;
|
|
66
|
+
}
|
|
67
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Permissions.js","sourceRoot":"../","sources":["Key/Permissions.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import { isly } from "isly";
|
|
2
|
+
import { Realm } from "../Realm";
|
|
3
|
+
import { Permissions } from "./Permissions";
|
|
4
|
+
type OrganizationCode = string;
|
|
5
|
+
export type Roles = Partial<Record<`${Realm | "*"}-*`, (Roles.Realm.Role | Roles.Organization.Role)[]>> | Partial<Record<`${Realm | "*"}-${OrganizationCode}`, Roles.Organization.Role[]>>;
|
|
6
|
+
export declare namespace Roles {
|
|
7
|
+
type Role = Realm.Role | Organization.Role;
|
|
8
|
+
function resolve(roles: Roles): Permissions;
|
|
9
|
+
namespace Realm {
|
|
10
|
+
type Roles = Partial<Record<Role, true>>;
|
|
11
|
+
type Role = typeof roles[number];
|
|
12
|
+
const roles: readonly ["admin", "fincrime-readonly", "fincrime", "finance", "support"];
|
|
13
|
+
const type: isly.Type<"admin" | "fincrime-readonly" | "fincrime" | "finance" | "support">;
|
|
14
|
+
const is: isly.Type.IsFunction<"admin" | "fincrime-readonly" | "fincrime" | "finance" | "support">;
|
|
15
|
+
const definitions: Record<Role, Permissions.Realm | true>;
|
|
16
|
+
}
|
|
17
|
+
namespace Organization {
|
|
18
|
+
type Roles = Partial<Record<Role, true>>;
|
|
19
|
+
type Role = typeof roles[number];
|
|
20
|
+
const roles: readonly ["admin", "finance", "payments"];
|
|
21
|
+
const definitions: Record<Role, Permissions.Organization | true>;
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
export {};
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
import { isly } from "isly";
|
|
3
|
+
export var Roles;
|
|
4
|
+
(function (Roles) {
|
|
5
|
+
function resolve(roles) {
|
|
6
|
+
let result = {};
|
|
7
|
+
for (const [key, role] of Object.entries(roles)) {
|
|
8
|
+
const [, organizationCode] = key.split("-");
|
|
9
|
+
result =
|
|
10
|
+
role?.reduce((r, role) => userwidgets.User.Permissions.merge(r, {
|
|
11
|
+
[key]: organizationCode == "*" && Realm.is(role)
|
|
12
|
+
? Realm.definitions[role]
|
|
13
|
+
: Organization.definitions[role],
|
|
14
|
+
}), result) ?? result;
|
|
15
|
+
}
|
|
16
|
+
return result;
|
|
17
|
+
}
|
|
18
|
+
Roles.resolve = resolve;
|
|
19
|
+
let Realm;
|
|
20
|
+
(function (Realm) {
|
|
21
|
+
Realm.roles = ["admin", "fincrime-readonly", "fincrime", "finance", "support"];
|
|
22
|
+
Realm.type = isly.string(Realm.roles);
|
|
23
|
+
Realm.is = Realm.type.is;
|
|
24
|
+
Realm.definitions = {
|
|
25
|
+
admin: true,
|
|
26
|
+
"fincrime-readonly": {
|
|
27
|
+
organizations: {
|
|
28
|
+
view: true,
|
|
29
|
+
accounts: { view: true },
|
|
30
|
+
rules: { view: true },
|
|
31
|
+
},
|
|
32
|
+
transactions: { view: true },
|
|
33
|
+
cards: { view: true },
|
|
34
|
+
rules: { view: true },
|
|
35
|
+
},
|
|
36
|
+
fincrime: {
|
|
37
|
+
organizations: {
|
|
38
|
+
view: true,
|
|
39
|
+
accounts: { balance: true, view: true },
|
|
40
|
+
rules: true,
|
|
41
|
+
},
|
|
42
|
+
transactions: { view: true, resolve: true, comment: true },
|
|
43
|
+
cards: { view: true, cancel: true },
|
|
44
|
+
rules: true,
|
|
45
|
+
},
|
|
46
|
+
finance: {
|
|
47
|
+
treasury: { rebalance: true, view: true },
|
|
48
|
+
settlements: { view: true },
|
|
49
|
+
},
|
|
50
|
+
support: {
|
|
51
|
+
organizations: {
|
|
52
|
+
create: true,
|
|
53
|
+
view: true,
|
|
54
|
+
accounts: true,
|
|
55
|
+
rules: {
|
|
56
|
+
view: true,
|
|
57
|
+
},
|
|
58
|
+
},
|
|
59
|
+
transactions: { view: true },
|
|
60
|
+
cards: { view: true, cancel: true },
|
|
61
|
+
rules: { view: true },
|
|
62
|
+
},
|
|
63
|
+
};
|
|
64
|
+
})(Realm = Roles.Realm || (Roles.Realm = {}));
|
|
65
|
+
let Organization;
|
|
66
|
+
(function (Organization) {
|
|
67
|
+
Organization.roles = ["admin", "finance", "payments"];
|
|
68
|
+
Organization.definitions = {
|
|
69
|
+
admin: true,
|
|
70
|
+
finance: {
|
|
71
|
+
accounts: { balance: true, view: true, transactions: { view: true, create: true } },
|
|
72
|
+
cards: true,
|
|
73
|
+
},
|
|
74
|
+
payments: { cards: true, accounts: { view: true, transactions: { create: true } } },
|
|
75
|
+
};
|
|
76
|
+
})(Organization = Roles.Organization || (Roles.Organization = {}));
|
|
77
|
+
})(Roles || (Roles = {}));
|
|
78
|
+
//# sourceMappingURL=Roles.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Roles.js","sourceRoot":"../","sources":["Key/Roles.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAQ3B,MAAM,KAAW,KAAK,CAgFrB;AAhFD,WAAiB,KAAK;IAErB,SAAgB,OAAO,CAAC,KAAY;QACnC,IAAI,MAAM,GAAG,EAAE,CAAA;QACf,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YAChD,MAAM,CAAC,EAAE,gBAAgB,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC3C,MAAM;gBACL,IAAI,EAAE,MAAM,CACX,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,CACX,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE;oBACrC,CAAC,GAAG,CAAC,EACJ,gBAAgB,IAAI,GAAG,IAAI,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC;wBACxC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC;wBACzB,CAAC,CAAC,YAAY,CAAC,WAAW,CAAC,IAAyB,CAAC;iBACvD,CAAC,EACH,MAAM,CACN,IAAI,MAAM,CAAA;SACZ;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IAjBe,aAAO,UAiBtB,CAAA;IACD,IAAiB,KAAK,CA8CrB;IA9CD,WAAiB,KAAK;QAGR,WAAK,GAAG,CAAC,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,CAAU,CAAA;QACjF,UAAI,GAAG,IAAI,CAAC,MAAM,CAAC,MAAA,KAAK,CAAC,CAAA;QACzB,QAAE,GAAG,MAAA,IAAI,CAAC,EAAE,CAAA;QACZ,iBAAW,GAA2C;YAClE,KAAK,EAAE,IAAI;YACX,mBAAmB,EAAE;gBACpB,aAAa,EAAE;oBACd,IAAI,EAAE,IAAI;oBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACxB,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;iBACrB;gBACD,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBACrB,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACrB;YACD,QAAQ,EAAE;gBACT,aAAa,EAAE;oBACd,IAAI,EAAE,IAAI;oBACV,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;oBACvC,KAAK,EAAE,IAAI;iBACX;gBACD,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;gBAC1D,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACnC,KAAK,EAAE,IAAI;aACX;YACD,OAAO,EAAE;gBACR,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;gBACzC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aAC3B;YACD,OAAO,EAAE;gBACR,aAAa,EAAE;oBACd,MAAM,EAAE,IAAI;oBACZ,IAAI,EAAE,IAAI;oBACV,QAAQ,EAAE,IAAI;oBACd,KAAK,EAAE;wBACN,IAAI,EAAE,IAAI;qBACV;iBACD;gBACD,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBAC5B,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACnC,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACrB;SACD,CAAA;IACF,CAAC,EA9CgB,KAAK,GAAL,WAAK,KAAL,WAAK,QA8CrB;IACD,IAAiB,YAAY,CAY5B;IAZD,WAAiB,YAAY;QAGf,kBAAK,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAU,CAAA;QACjD,wBAAW,GAAkD;YACzE,KAAK,EAAE,IAAI;YACX,OAAO,EAAE;gBACR,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE;gBACnF,KAAK,EAAE,IAAI;aACX;YACD,QAAQ,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE;SACnF,CAAA;IACF,CAAC,EAZgB,YAAY,GAAZ,kBAAY,KAAZ,kBAAY,QAY5B;AACF,CAAC,EAhFgB,KAAK,KAAL,KAAK,QAgFrB"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
import { Realm } from "../Realm";
|
|
3
|
+
import { Permissions as KeyPermissions } from "./Permissions";
|
|
4
|
+
import { Roles as KeyRoles } from "./Roles";
|
|
5
|
+
type Claims = {
|
|
6
|
+
organization: string;
|
|
7
|
+
realm: Realm;
|
|
8
|
+
};
|
|
9
|
+
export type Key = userwidgets.User.Key<userwidgets.User.Key.Creatable.Claims | Claims, Key.Permissions>;
|
|
10
|
+
export declare namespace Key {
|
|
11
|
+
type Permissions = KeyPermissions;
|
|
12
|
+
namespace Permissions {
|
|
13
|
+
type Realm = KeyPermissions.Realm;
|
|
14
|
+
type Organization = KeyPermissions.Organization;
|
|
15
|
+
}
|
|
16
|
+
type Roles = KeyRoles;
|
|
17
|
+
const Roles: typeof KeyRoles;
|
|
18
|
+
namespace Roles {
|
|
19
|
+
type Role = KeyRoles.Role;
|
|
20
|
+
namespace Organization {
|
|
21
|
+
type Role = KeyRoles.Organization.Role;
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
export {};
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"../","sources":["Key/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,SAAS,CAAA;AAQ3C,MAAM,KAAW,GAAG,CAcnB;AAdD,WAAiB,GAAG;IAON,SAAK,GAAG,QAAQ,CAAA;AAO9B,CAAC,EAdgB,GAAG,KAAH,GAAG,QAcnB"}
|
|
@@ -3,6 +3,7 @@ import { isly } from "isly";
|
|
|
3
3
|
import { Authorization as ModelAuthorization } from "../../Authorization";
|
|
4
4
|
export interface Authorization extends Omit<ModelAuthorization.Creatable, "amount"> {
|
|
5
5
|
time: string;
|
|
6
|
+
hour: number;
|
|
6
7
|
currency: isoly.Currency;
|
|
7
8
|
amount: number;
|
|
8
9
|
original: {
|
|
@@ -8,6 +8,7 @@ export var Authorization;
|
|
|
8
8
|
return {
|
|
9
9
|
...authorization,
|
|
10
10
|
time: isoly.DateTime.getTime(isoly.DateTime.now()),
|
|
11
|
+
hour: isoly.DateTime.getHour(isoly.DateTime.now()),
|
|
11
12
|
currency: authorization.amount[0],
|
|
12
13
|
amount: Math.abs(authorization.amount[1]),
|
|
13
14
|
original: { currency: authorization.amount[0], amount: Math.abs(authorization.amount[1]) },
|
|
@@ -27,6 +28,7 @@ export var Authorization;
|
|
|
27
28
|
amount: isly.number(),
|
|
28
29
|
}),
|
|
29
30
|
time: isly.string(),
|
|
31
|
+
hour: isly.number(),
|
|
30
32
|
});
|
|
31
33
|
Authorization.is = Authorization.type.is;
|
|
32
34
|
Authorization.flaw = Authorization.type.flaw;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Authorization.js","sourceRoot":"../","sources":["Rule/State/Authorization.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAEzC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;
|
|
1
|
+
{"version":3,"file":"Authorization.js","sourceRoot":"../","sources":["Rule/State/Authorization.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AAEzC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAA;AASzC,MAAM,KAAW,aAAa,CA6B7B;AA7BD,WAAiB,aAAa;IAC7B,SAAgB,IAAI,CAAC,aAA2C;QAC/D,OAAO;YACN,GAAG,aAAa;YAChB,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAClD,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAClD,QAAQ,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACzC,QAAQ,EAAE,EAAE,QAAQ,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;SAC1F,CAAA;IACF,CAAC;IATe,kBAAI,OASnB,CAAA;IAEY,kBAAI,GAAG,IAAI,CAAC,MAAM,CAAgB;QAC9C,QAAQ,EAAE,QAAQ,CAAC,IAAI;QACvB,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;QACxB,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;QACnB,QAAQ,EAAE,QAAQ,CAAC,IAAI;QACvB,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE;QAC1B,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE;QACrB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;QAC3C,QAAQ,EAAE,IAAI,CAAC,MAAM,CAA4B;YAChD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC3C,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE;SACrB,CAAC;QACF,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;QACnB,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;KACnB,CAAC,CAAA;IACW,gBAAE,GAAG,cAAA,IAAI,CAAC,EAAE,CAAA;IACZ,kBAAI,GAAG,cAAA,IAAI,CAAC,IAAI,CAAA;AAC9B,CAAC,EA7BgB,aAAa,KAAb,aAAa,QA6B7B"}
|
package/dist/pax2pay.d.ts
CHANGED
package/dist/pax2pay.js
CHANGED
package/dist/pax2pay.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pax2pay.js","sourceRoot":"../","sources":["pax2pay.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA"}
|
|
1
|
+
{"version":3,"file":"pax2pay.js","sourceRoot":"../","sources":["pax2pay.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAC3C,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAC7B,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA"}
|
package/package.json
CHANGED
package/pax2pay.ts
CHANGED