@pax2pay/model-banking 0.1.577 → 0.1.579

package/Key/Permissions.ts

@@ -1,112 +0,0 @@
-import { userwidgets } from "@userwidgets/model"
-import { User } from "../User"
-
-export type Permissions = Permissions.Organization | Permissions.Realm
-export namespace Permissions {
-	export function stringify(permissions: Permissions): string {
-		return userwidgets.User.Permissions.stringify(permissions)
-	}
-	export interface Realm extends userwidgets.User.Permissions {
-		organizations?:
-			| {
-					create?: true
-					view?: true
-					update?: true
-					remove?: true
-					accounts?: { balance?: true; view?: true; create?: true; change?: true; cancel?: true } | true
-					rules?:
-						| {
-								edit?: true
-								view?: true
-								customer?: { edit?: true; view?: true } | true
-								product?: { edit?: true; view?: true } | true
-								fincrime?: { edit?: true; view?: true } | true
-						  }
-						| true
-			  }
-			| true
-		transactions?: { create?: true; view?: true; resolve?: true; comment?: true } | true
-		cards?: { create?: true; view?: true; change?: true; cancel?: true } | true
-		rules?:
-			| {
-					edit?: true
-					view?: true
-					product?: { edit?: true; view?: true } | true
-					fincrime?: { edit?: true; view?: true } | true
-			  }
-			| true
-		settlements?: { create?: true; view?: true; amend?: true } | true
-		treasury?: { rebalance?: true; view?: true } | true
-		operations?: { view?: true } | true
-		logs?: { view?: true } | true
-	}
-	export interface Organization extends userwidgets.User.Permissions {
-		accounts?:
-			| { balance?: true; view?: true; create?: true; change?: true; transactions?: { view?: true; create?: true } }
-			| true
-		cards?: { create?: true; view?: true; change?: true; cancel?: true } | true
-	}
-	export function from(permission: User.Access.Permission): Permissions | true {
-		let result: Permissions | true = {}
-		if (User.Access.Permission.Level.get(permission["*"]) >= 2)
-			result = true
-		else {
-			if (permission["*"])
-				result = {
-					accounts: { view: true },
-					cards: { view: true },
-					logs: { view: true },
-					operations: { view: true },
-					organizations: {
-						view: true,
-						rules: { view: true, customer: { view: true }, product: { view: true }, fincrime: { view: true } },
-						accounts: { view: true },
-					},
-					rules: {
-						view: true,
-						customer: { view: true },
-						product: { view: true },
-						fincrime: { view: true },
-					},
-					settlements: { view: true },
-					transactions: { view: true },
-					treasury: { view: true },
-					org: { view: true },
-					user: User.Access.Permission.Level.get(permission["user"]) >= 2 || { view: true },
-					app: { view: true },
-				}
-			if (permission["card"])
-				result.cards = User.Access.Permission.Level.get(permission["card"]) >= 2 || {
-					view: true,
-				}
-			if (permission["log"])
-				result.logs = User.Access.Permission.Level.get(permission["log"]) >= 2 || {
-					view: true,
-				}
-			if (permission["operation"])
-				result.operations = User.Access.Permission.Level.get(permission["operation"]) >= 2 || {
-					view: true,
-				}
-			if (permission["organization"])
-				result.organizations = User.Access.Permission.Level.get(permission["organization"]) >= 2 || {
-					view: true,
-					rules: { view: true, customer: { view: true }, product: { view: true }, fincrime: { view: true } },
-					accounts: { view: true },
-				}
-			if (permission["rule"])
-				result.rules = User.Access.Permission.Level.get(permission["rule"]) >= 2 || {
-					view: true,
-					customer: { view: true },
-					product: { view: true },
-					fincrime: { view: true },
-				}
-			if (permission["settlement"])
-				result.settlements = User.Access.Permission.Level.get(permission["settlement"]) >= 2 || { view: true }
-			if (permission["transaction"])
-				result.transactions = User.Access.Permission.Level.get(permission["transaction"]) >= 2 || { view: true }
-			if (permission["treasury"])
-				result.treasury = User.Access.Permission.Level.get(permission["treasury"]) >= 2 || { view: true }
-		}
-		return result
-	}
-}

package/Key/Roles.ts

@@ -1,111 +0,0 @@
-import { userwidgets } from "@userwidgets/model"
-import { isly } from "isly"
-import { Realm } from "../Realm"
-import { Permissions } from "./Permissions"
-
-type OrganizationCode = string
-export type Roles =
-	| Partial<Record<`${Realm | "*"}-*`, (Roles.Realm.Role | Roles.Organization.Role)[]>>
-	| Partial<Record<`${Realm | "*"}-${OrganizationCode}`, Roles.Organization.Role[]>>
-export namespace Roles {
-	export type Role = Realm.Role | Organization.Role
-	export function get(realmOrganization: string) {
-		const [realm] = realmOrganization.split("-")
-		return [
-			...Object.entries(Realm.definitions).map(([role, value]) => ({
-				label: "realm-" + role,
-				permissions: () => Permissions.stringify({ [realm + "-*"]: value }),
-			})),
-			...Object.entries(Organization.definitions).map(([role, value]) => ({
-				label: "organization-" + role,
-				permissions: (id: string) => Permissions.stringify({ [id]: value }),
-			})),
-		]
-	}
-	export function resolve(roles: Roles): Permissions {
-		let result = {}
-		for (const [key, role] of Object.entries(roles)) {
-			const [, organizationCode] = key.split("-")
-			result =
-				role?.reduce(
-					(r, role) =>
-						userwidgets.User.Permissions.merge(r, {
-							[key]:
-								organizationCode == "*" && Realm.type.is(role)
-									? Realm.definitions[role]
-									: Organization.definitions[role as Organization.Role],
-						}),
-					result
-				) ?? result
-		}
-		return result
-	}
-	export namespace Realm {
-		export type Roles = Partial<Record<Role, true>>
-		export type Role = typeof roles[number]
-		export const roles = ["admin", "fincrime-readonly", "fincrime", "finance", "operations", "support"] as const
-		export const type = isly.string(roles)
-		export const definitions: Record<Role, Permissions.Realm | true> = {
-			admin: true,
-			"fincrime-readonly": {
-				organizations: {
-					view: true,
-					accounts: { view: true },
-					rules: { view: true },
-				},
-				transactions: { view: true },
-				cards: { view: true },
-				rules: { view: true },
-			},
-			fincrime: {
-				organizations: {
-					view: true,
-					accounts: { balance: true, view: true },
-					rules: true,
-				},
-				transactions: { view: true, resolve: true, comment: true },
-				cards: { view: true, cancel: true },
-				rules: true,
-			},
-			finance: {
-				treasury: { rebalance: true, view: true },
-				settlements: { view: true },
-			},
-			operations: {
-				organizations: {
-					create: true,
-					update: true,
-					accounts: true,
-					rules: true,
-				},
-			},
-			support: {
-				organizations: {
-					create: true,
-					view: true,
-					accounts: true,
-					rules: {
-						view: true,
-						edit: true,
-					},
-				},
-				transactions: { view: true },
-				cards: { view: true, cancel: true },
-				rules: { view: true },
-			},
-		}
-	}
-	export namespace Organization {
-		export type Roles = Partial<Record<Role, true>>
-		export type Role = typeof roles[number]
-		export const roles = ["admin", "finance", "payments"] as const
-		export const definitions: Record<Role, Permissions.Organization | true> = {
-			admin: true,
-			finance: {
-				accounts: { balance: true, view: true, transactions: { view: true, create: true } },
-				cards: true,
-			},
-			payments: { cards: true, accounts: { view: true, transactions: { create: true } } },
-		}
-	}
-}

package/Key/index.ts

@@ -1,40 +0,0 @@
-import { isoly } from "isoly"
-import { userwidgets } from "@userwidgets/model"
-import { Realm } from "../Realm"
-import { User } from "../User"
-import { Permissions as KeyPermissions } from "./Permissions"
-import { Roles as KeyRoles } from "./Roles"
-
-type Claims = {
-	organization: string
-	realm: Realm
-}
-
-export type Key = userwidgets.User.Key<userwidgets.User.Key.Creatable.Claims | Claims, Key.Permissions>
-export namespace Key {
-	export import Permissions = KeyPermissions
-	export type Roles = KeyRoles
-	export const Roles = KeyRoles
-	export namespace Roles {
-		export type Role = KeyRoles.Role
-		export namespace Organization {
-			export type Role = KeyRoles.Organization.Role
-		}
-	}
-	export function from(payload: User.JWT.Payload, token: string): Key {
-		return {
-			audience: payload.aud,
-			email: payload.sub,
-			realm: payload.realm,
-			permissions: {
-				[payload.realm + "-*"]: Permissions.from(payload.permission),
-				...(payload.permission.user ? { ["*"]: true } : {}),
-			},
-			expires: payload.exp ? isoly.DateTime.create(payload.exp) : isoly.DateTime.nextYear(isoly.DateTime.now(), 10),
-			issued: isoly.DateTime.create(payload.iat),
-			issuer: payload.iss,
-			name: { first: "", last: "" },
-			token,
-		}
-	}
-}

package/dist/cjs/Identity.d.ts

@@ -1,41 +0,0 @@
-import { gracely } from "gracely";
-import { storage } from "cloudly-storage";
-import { slackly } from "slackly";
-import { Key } from "./Key";
-import { Realm } from "./Realm";
-import { User } from "./User";
-export declare class Identity<T extends Identity.Require = never> {
-    #private;
-    readonly key: Key;
-    readonly realm: T["realm"] extends true ? Realm : Realm | undefined;
-    readonly organization: T["organization"] extends true ? string : string | undefined;
-    get realms(): Realm[] | undefined;
-    constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
-    check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
-    collectionCheck(collection: string): boolean;
-    static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | undefined>;
-    static authenticate<T extends Identity.Require = Record<string, never>>(header: {
-        authorization?: string | undefined;
-        realm?: Realm;
-        organization?: string;
-    }, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | gracely.Error>;
-    static verify(authorization: string | undefined, key?: string, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Key | undefined>;
-    static getRealm(header: Identity.Header, key?: string): Promise<Realm | undefined>;
-    static getRealms(permissions: Key.Permissions): Realm[];
-}
-export declare namespace Identity {
-    type Require = {
-        realm?: true;
-        organization?: true;
-    };
-    interface Header {
-        authorization?: string | undefined;
-        realm?: Realm;
-        organization?: string;
-    }
-    type Notify = {
-        slack: slackly.Connection<"notifications">;
-        endpoint: string;
-        method: string;
-    };
-}

package/dist/cjs/Identity.js

@@ -1,102 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Identity = void 0;
-const gracely_1 = require("gracely");
-const model_1 = require("@userwidgets/model");
-const Key_1 = require("./Key");
-const Realm_1 = require("./Realm");
-const User_1 = require("./User");
-class Identity {
-    key;
-    realm;
-    organization;
-    #realms;
-    get realms() {
-        return (this.#realms ??= Identity.getRealms(this.key.permissions));
-    }
-    constructor(key, realm, organization) {
-        this.key = key;
-        this.realm = realm;
-        this.organization = organization;
-    }
-    check(constraint, realm, organization) {
-        return Array.isArray(constraint)
-            ? constraint.some(c => this.check(c, realm, organization))
-            : [
-                { [`${realm ?? this.realm}-${organization ?? this.organization}`]: constraint },
-                { [`${organization ?? this.organization}`]: constraint },
-                { [`${realm ?? this.realm}-*`]: constraint },
-                { [`*-*`]: constraint },
-            ].some(e => model_1.userwidgets.User.Permissions.check(this.key.permissions, e));
-    }
-    collectionCheck(collection) {
-        return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
-    }
-    static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify, store) {
-        let result;
-        const authorization = header.authorization?.startsWith("Bearer ")
-            ? header.authorization.replace("Bearer ", "")
-            : undefined;
-        const verified = await Identity.verify(authorization, key, store);
-        if (!verified)
-            output !== "undefined" && (result = gracely_1.gracely.client.unauthorized());
-        else {
-            const realms = Identity.getRealms(verified.permissions);
-            const identity = new Identity(verified, ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
-                verified.realm), (verified.organization ?? header.organization));
-            const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
-                (requires?.realm ? Realm_1.Realm.type.is(identity?.realm) : true);
-            if (identity?.check(constraint) && requirement(identity))
-                result = identity;
-            else if (output === "undefined")
-                result = undefined;
-            else {
-                await notify?.slack.send("notifications", `Unauthorized access attempt at ${notify.method.toUpperCase()} ${notify.endpoint}`);
-                console.log(identity.key.email, "unauthorized access attempt at", notify?.method.toUpperCase(), notify?.endpoint);
-                result = gracely_1.gracely.client.forbidden();
-            }
-        }
-        return result;
-    }
-    static async verify(authorization, key = publicKey, store) {
-        const verifier = model_1.userwidgets.User.Key.Verifier.create(key);
-        const jwt = User_1.User.JWT.open({ public: key }, store);
-        const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
-        let verified;
-        if (User_1.User.JWT.Payload.type.is(unpacked) && authorization) {
-            const payload = await jwt.verify(authorization);
-            verified = payload && Key_1.Key.from(payload, authorization);
-        }
-        else
-            verified = await verifier.verify(authorization);
-        return verified;
-    }
-    static async getRealm(header, key = publicKey) {
-        let result;
-        const authorization = header.authorization?.startsWith("Bearer ")
-            ? header.authorization.replace("Bearer ", "")
-            : undefined;
-        const jwt = User_1.User.JWT.open({ public: key });
-        const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
-        if (User_1.User.JWT.Payload.type.is(unpacked))
-            result = unpacked.realm;
-        else {
-            const verified = await model_1.userwidgets.User.Key.Verifier.create(key).verify(authorization);
-            const realms = verified && Identity.getRealms(verified.permissions);
-            result =
-                realms &&
-                    (realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined);
-        }
-        return result;
-    }
-    static getRealms(permissions) {
-        return [
-            ...new Set(Object.keys(permissions).flatMap(code => code.split("-").length > 1 && code.split("-")[0] == "*"
-                ? Realm_1.Realm.realms
-                : Realm_1.Realm.type.get(code.split("-")[0]) ?? [])),
-        ];
-    }
-}
-exports.Identity = Identity;
-const publicKey = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
-//# sourceMappingURL=Identity.js.map

package/dist/cjs/Identity.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAGhD,+BAA2B;AAC3B,mCAA+B;AAC/B,iCAA6B;AAE7B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAoBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB,EACxB,KAAwD;QAExD,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACjE,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3G,QAAQ,CAAC,KAAK,CAAU,EACzB,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,MAAc,SAAS,EACvB,KAAwD;QAExD,MAAM,QAAQ,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,SAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAuB,EAAE,MAAc,SAAS;QACrE,IAAI,MAAyB,CAAA;QAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACrC,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAA;aACnB,CAAC;YACL,MAAM,QAAQ,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC3F,MAAM,MAAM,GAAG,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACnE,MAAM;gBACL,MAAM;oBACN,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;gBACtD,CAAC,CAAC,aAAK,CAAC,MAAM;gBACd,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAC3C,CACD;SACD,CAAA;IACF,CAAC;CACD;AA7ID,4BA6IC;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}

package/dist/cjs/Key/Permissions.d.ts

@@ -1,95 +0,0 @@
-import { userwidgets } from "@userwidgets/model";
-import { User } from "../User";
-export type Permissions = Permissions.Organization | Permissions.Realm;
-export declare namespace Permissions {
-    function stringify(permissions: Permissions): string;
-    interface Realm extends userwidgets.User.Permissions {
-        organizations?: {
-            create?: true;
-            view?: true;
-            update?: true;
-            remove?: true;
-            accounts?: {
-                balance?: true;
-                view?: true;
-                create?: true;
-                change?: true;
-                cancel?: true;
-            } | true;
-            rules?: {
-                edit?: true;
-                view?: true;
-                customer?: {
-                    edit?: true;
-                    view?: true;
-                } | true;
-                product?: {
-                    edit?: true;
-                    view?: true;
-                } | true;
-                fincrime?: {
-                    edit?: true;
-                    view?: true;
-                } | true;
-            } | true;
-        } | true;
-        transactions?: {
-            create?: true;
-            view?: true;
-            resolve?: true;
-            comment?: true;
-        } | true;
-        cards?: {
-            create?: true;
-            view?: true;
-            change?: true;
-            cancel?: true;
-        } | true;
-        rules?: {
-            edit?: true;
-            view?: true;
-            product?: {
-                edit?: true;
-                view?: true;
-            } | true;
-            fincrime?: {
-                edit?: true;
-                view?: true;
-            } | true;
-        } | true;
-        settlements?: {
-            create?: true;
-            view?: true;
-            amend?: true;
-        } | true;
-        treasury?: {
-            rebalance?: true;
-            view?: true;
-        } | true;
-        operations?: {
-            view?: true;
-        } | true;
-        logs?: {
-            view?: true;
-        } | true;
-    }
-    interface Organization extends userwidgets.User.Permissions {
-        accounts?: {
-            balance?: true;
-            view?: true;
-            create?: true;
-            change?: true;
-            transactions?: {
-                view?: true;
-                create?: true;
-            };
-        } | true;
-        cards?: {
-            create?: true;
-            view?: true;
-            change?: true;
-            cancel?: true;
-        } | true;
-    }
-    function from(permission: User.Access.Permission): Permissions | true;
-}

package/dist/cjs/Key/Permissions.js

@@ -1,77 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.Permissions = void 0;
-const model_1 = require("@userwidgets/model");
-const User_1 = require("../User");
-var Permissions;
-(function (Permissions) {
-    function stringify(permissions) {
-        return model_1.userwidgets.User.Permissions.stringify(permissions);
-    }
-    Permissions.stringify = stringify;
-    function from(permission) {
-        let result = {};
-        if (User_1.User.Access.Permission.Level.get(permission["*"]) >= 2)
-            result = true;
-        else {
-            if (permission["*"])
-                result = {
-                    accounts: { view: true },
-                    cards: { view: true },
-                    logs: { view: true },
-                    operations: { view: true },
-                    organizations: {
-                        view: true,
-                        rules: { view: true, customer: { view: true }, product: { view: true }, fincrime: { view: true } },
-                        accounts: { view: true },
-                    },
-                    rules: {
-                        view: true,
-                        customer: { view: true },
-                        product: { view: true },
-                        fincrime: { view: true },
-                    },
-                    settlements: { view: true },
-                    transactions: { view: true },
-                    treasury: { view: true },
-                    org: { view: true },
-                    user: User_1.User.Access.Permission.Level.get(permission["user"]) >= 2 || { view: true },
-                    app: { view: true },
-                };
-            if (permission["card"])
-                result.cards = User_1.User.Access.Permission.Level.get(permission["card"]) >= 2 || {
-                    view: true,
-                };
-            if (permission["log"])
-                result.logs = User_1.User.Access.Permission.Level.get(permission["log"]) >= 2 || {
-                    view: true,
-                };
-            if (permission["operation"])
-                result.operations = User_1.User.Access.Permission.Level.get(permission["operation"]) >= 2 || {
-                    view: true,
-                };
-            if (permission["organization"])
-                result.organizations = User_1.User.Access.Permission.Level.get(permission["organization"]) >= 2 || {
-                    view: true,
-                    rules: { view: true, customer: { view: true }, product: { view: true }, fincrime: { view: true } },
-                    accounts: { view: true },
-                };
-            if (permission["rule"])
-                result.rules = User_1.User.Access.Permission.Level.get(permission["rule"]) >= 2 || {
-                    view: true,
-                    customer: { view: true },
-                    product: { view: true },
-                    fincrime: { view: true },
-                };
-            if (permission["settlement"])
-                result.settlements = User_1.User.Access.Permission.Level.get(permission["settlement"]) >= 2 || { view: true };
-            if (permission["transaction"])
-                result.transactions = User_1.User.Access.Permission.Level.get(permission["transaction"]) >= 2 || { view: true };
-            if (permission["treasury"])
-                result.treasury = User_1.User.Access.Permission.Level.get(permission["treasury"]) >= 2 || { view: true };
-        }
-        return result;
-    }
-    Permissions.from = from;
-})(Permissions || (exports.Permissions = Permissions = {}));
-//# sourceMappingURL=Permissions.js.map

package/dist/cjs/Key/Permissions.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"Permissions.js","sourceRoot":"","sources":["../../../Key/Permissions.ts"],"names":[],"mappings":";;;AAAA,8CAAgD;AAChD,kCAA8B;AAG9B,IAAiB,WAAW,CA2G3B;AA3GD,WAAiB,WAAW;IAC3B,SAAgB,SAAS,CAAC,WAAwB;QACjD,OAAO,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;IAC3D,CAAC;IAFe,qBAAS,YAExB,CAAA;IAyCD,SAAgB,IAAI,CAAC,UAAkC;QACtD,IAAI,MAAM,GAAuB,EAAE,CAAA;QACnC,IAAI,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACzD,MAAM,GAAG,IAAI,CAAA;aACT,CAAC;YACL,IAAI,UAAU,CAAC,GAAG,CAAC;gBAClB,MAAM,GAAG;oBACR,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACxB,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACrB,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACpB,UAAU,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBAC1B,aAAa,EAAE;wBACd,IAAI,EAAE,IAAI;wBACV,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;wBAClG,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;qBACxB;oBACD,KAAK,EAAE;wBACN,IAAI,EAAE,IAAI;wBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;wBACxB,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;wBACvB,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;qBACxB;oBACD,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBAC3B,YAAY,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBAC5B,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACxB,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACnB,IAAI,EAAE,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;oBACjF,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;iBACnB,CAAA;YACF,IAAI,UAAU,CAAC,MAAM,CAAC;gBACrB,MAAM,CAAC,KAAK,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI;oBAC3E,IAAI,EAAE,IAAI;iBACV,CAAA;YACF,IAAI,UAAU,CAAC,KAAK,CAAC;gBACpB,MAAM,CAAC,IAAI,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI;oBACzE,IAAI,EAAE,IAAI;iBACV,CAAA;YACF,IAAI,UAAU,CAAC,WAAW,CAAC;gBAC1B,MAAM,CAAC,UAAU,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI;oBACrF,IAAI,EAAE,IAAI;iBACV,CAAA;YACF,IAAI,UAAU,CAAC,cAAc,CAAC;gBAC7B,MAAM,CAAC,aAAa,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,IAAI;oBAC3F,IAAI,EAAE,IAAI;oBACV,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;oBAClG,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;iBACxB,CAAA;YACF,IAAI,UAAU,CAAC,MAAM,CAAC;gBACrB,MAAM,CAAC,KAAK,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI;oBAC3E,IAAI,EAAE,IAAI;oBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACxB,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;oBACvB,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;iBACxB,CAAA;YACF,IAAI,UAAU,CAAC,YAAY,CAAC;gBAC3B,MAAM,CAAC,WAAW,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;YACvG,IAAI,UAAU,CAAC,aAAa,CAAC;gBAC5B,MAAM,CAAC,YAAY,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;YACzG,IAAI,UAAU,CAAC,UAAU,CAAC;gBACzB,MAAM,CAAC,QAAQ,GAAG,WAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;QACnG,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IA9De,gBAAI,OA8DnB,CAAA;AACF,CAAC,EA3GgB,WAAW,2BAAX,WAAW,QA2G3B"}

package/dist/cjs/Key/Roles.d.ts

@@ -1,27 +0,0 @@
-import { isly } from "isly";
-import { Realm } from "../Realm";
-import { Permissions } from "./Permissions";
-type OrganizationCode = string;
-export type Roles = Partial<Record<`${Realm | "*"}-*`, (Roles.Realm.Role | Roles.Organization.Role)[]>> | Partial<Record<`${Realm | "*"}-${OrganizationCode}`, Roles.Organization.Role[]>>;
-export declare namespace Roles {
-    type Role = Realm.Role | Organization.Role;
-    function get(realmOrganization: string): {
-        label: string;
-        permissions: (id: string) => string;
-    }[];
-    function resolve(roles: Roles): Permissions;
-    namespace Realm {
-        type Roles = Partial<Record<Role, true>>;
-        type Role = typeof roles[number];
-        const roles: readonly ["admin", "fincrime-readonly", "fincrime", "finance", "operations", "support"];
-        const type: isly.Type<"fincrime" | "operations" | "admin" | "fincrime-readonly" | "finance" | "support">;
-        const definitions: Record<Role, Permissions.Realm | true>;
-    }
-    namespace Organization {
-        type Roles = Partial<Record<Role, true>>;
-        type Role = typeof roles[number];
-        const roles: readonly ["admin", "finance", "payments"];
-        const definitions: Record<Role, Permissions.Organization | true>;
-    }
-}
-export {};