@pristine-ts/security 2.0.5 → 2.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/lib/cjs/managers/authentication.manager.js +34 -4
  2. package/dist/lib/cjs/managers/authentication.manager.js.map +1 -1
  3. package/dist/lib/cjs/managers/authorizer.manager.js +24 -7
  4. package/dist/lib/cjs/managers/authorizer.manager.js.map +1 -1
  5. package/dist/lib/cjs/managers/permission.manager.js +31 -9
  6. package/dist/lib/cjs/managers/permission.manager.js.map +1 -1
  7. package/dist/lib/cjs/tsconfig.cjs.tsbuildinfo +1 -1
  8. package/dist/lib/esm/managers/authentication.manager.js +34 -4
  9. package/dist/lib/esm/managers/authentication.manager.js.map +1 -1
  10. package/dist/lib/esm/managers/authorizer.manager.js +24 -7
  11. package/dist/lib/esm/managers/authorizer.manager.js.map +1 -1
  12. package/dist/lib/esm/managers/permission.manager.js +32 -10
  13. package/dist/lib/esm/managers/permission.manager.js.map +1 -1
  14. package/dist/lib/esm/tsconfig.tsbuildinfo +1 -1
  15. package/dist/types/managers/authentication.manager.d.ts +7 -2
  16. package/dist/types/managers/authorizer.manager.d.ts +7 -3
  17. package/dist/types/managers/permission.manager.d.ts +8 -3
  18. package/package.json +4 -4
package/dist/lib/esm/managers/authentication.manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.manager.js","sourceRoot":"","sources":["../../../../src/managers/authentication.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AAE5E,OAAO,EAAoB,YAAY,EAAE,OAAO,EAAE,wBAAwB,EAAE,GAAG,EAAE,MAAM,EAAC,MAAM,qBAAqB,CAAC;AAIpH,OAAO,EAAC,oBAAoB,EAAC,MAAM,oCAAoC,CAAC;AACxE,OAAO,EAAC,qBAAqB,EAAC,MAAM,4BAA4B,CAAC;AAEjE,OAAO,EAAC,4BAA4B,EAAC,MAAM,uCAAuC,CAAC;AAEnF;;;GAGG;AAII,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAEhC;;;;;OAKG;IACH,YAC6F,iBAA8C,EACzF,UAA+B,EAC9D,oBAA0C;QAFgC,sBAAiB,GAAjB,iBAAiB,CAA6B;QACzF,eAAU,GAAV,UAAU,CAAqB;QAC9D,yBAAoB,GAApB,oBAAoB,CAAsB;IAC7D,CAAC;IAED;;;;;OAKG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B;;YAC3F,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,4BAA4B,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC9E,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,aAAa,GAAG,YAAY,CAAC,4BAA4B,CAAC,CAAC;YAEjE,IAAI,QAAuC,CAAC;YAE5C,MAAM,oBAAoB,GAAkC,aAAa,CAAC;YAE1E,IAAI,CAAC;gBACH,MAAM,yBAAyB,GAA2B,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;gBAEjI,MAAM,yBAAyB,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;gBAEjE,QAAQ,GAAG,MAAM,yBAAyB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;gBAEjE,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;oBAC1B,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,mCAAmC;gBACnC,KAAK,MAAM,gBAAgB,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACtD,QAAQ,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACtD,CAAC;YAEH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,0DAA0D,EAAE;oBAChF,KAAK,EAAE,EAAC,KAAK,EAAE,CAAC,EAAC;iBAClB,CAAC,CAAC;gBACH,MAAM,CAAC,CAAC;YACV,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,kCAAkC,EAAE;gBACvD,UAAU,EAAE;oBACV,QAAQ;iBACT;gBACD,KAAK,EAAE;oBACL,OAAO;oBACP,YAAY;iBACb;aACF,CAAC,CAAA;YACF,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF,CAAA;AA7Cc;IADZ,MAAM,EAAE;;qCAC0B,OAAO;;yDA4CzC;AAjEU,qBAAqB;IAHjC,YAAY,CAAC,qBAAqB,CAAC;IACnC,GAAG,CAAC,gCAAgC,CAAC;IACrC,UAAU,EAAE;IAUR,WAAA,SAAS,CAAC,wBAAwB,CAAC,gBAAgB,EAAE,EAAC,UAAU,EAAE,IAAI,EAAC,CAAC,CAAA;IACxE,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;oDACS,oBAAoB;GAXlD,qBAAqB,CAkEjC"}
1
+ {"version":3,"file":"authentication.manager.js","sourceRoot":"","sources":["../../../../src/managers/authentication.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AAE5E,OAAO,EAAoB,YAAY,EAAE,OAAO,EAAE,wBAAwB,EAAE,GAAG,EAAE,MAAM,EAA0B,MAAM,qBAAqB,CAAC;AAI7I,OAAO,EAAC,oBAAoB,EAAC,MAAM,oCAAoC,CAAC;AACxE,OAAO,EAAC,qBAAqB,EAAC,MAAM,4BAA4B,CAAC;AAEjE,OAAO,EAAC,4BAA4B,EAAC,MAAM,uCAAuC,CAAC;AAEnF;;;GAGG;AAII,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAEhC;;;;;;OAMG;IACH,YAC6F,iBAA8C,EACzF,UAA+B,EAC3B,cAAuC,EAC1E,oBAA0C;QAHgC,sBAAiB,GAAjB,iBAAiB,CAA6B;QACzF,eAAU,GAAV,UAAU,CAAqB;QAC3B,mBAAc,GAAd,cAAc,CAAyB;QAC1E,yBAAoB,GAApB,oBAAoB,CAAsB;IAC7D,CAAC;IAED;;;;;;;;OAQG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B;;;YAC3F,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,4BAA4B,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC9E,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,uBAAuB,CAAC,CAAC;gBACpE,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,aAAa,GAAG,YAAY,CAAC,4BAA4B,CAAC,CAAC;YAEjE,IAAI,QAAuC,CAAC;YAE5C,MAAM,oBAAoB,GAAkC,aAAa,CAAC;YAE1E,IAAI,CAAC;gBACH,MAAM,yBAAyB,GAA2B,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;gBAEjI,MAAM,yBAAyB,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;gBAEjE,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,6BAA6B,EAAE;oBACxE,aAAa,EAAE,yBAAyB,CAAC,WAAW,CAAC,IAAI;iBAC1D,CAAC,CAAC;gBAEH,QAAQ,GAAG,MAAM,yBAAyB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;gBAEjE,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;oBAC1B,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,yBAAyB,EAAE;wBACpE,aAAa,EAAE,yBAAyB,CAAC,WAAW,CAAC,IAAI;qBAC1D,CAAC,CAAC;oBACH,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,wBAAwB,EAAE;oBACnE,aAAa,EAAE,yBAAyB,CAAC,WAAW,CAAC,IAAI;oBACzD,UAAU,EAAE,MAAA,QAAQ,CAAC,EAAE,mCAAI,SAAS;iBACrC,CAAC,CAAC;gBAEH,uFAAuF;gBACvF,uFAAuF;gBACvF,+CAA+C;gBAC/C,KAAK,MAAM,gBAAgB,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACtD,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,qBAAqB,gBAAgB,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;oBAC7G,IAAI,CAAC;wBACH,QAAQ,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;oBACtD,CAAC;4BAAS,CAAC;wBACT,YAAY,CAAC,GAAG,EAAE,CAAC;oBACrB,CAAC;gBACH,CAAC;YAEH,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,YAAY,EAAE;oBACvD,SAAS,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,IAAI,mCAAI,OAAO;oBAC7B,YAAY,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,eAAe;iBAC5C,CAAC,CAAC;gBACH,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,0DAA0D,EAAE;oBAChF,KAAK,EAAE,EAAC,KAAK,EAAE,CAAC,EAAC;iBAClB,CAAC,CAAC;gBACH,MAAM,CAAC,CAAC;YACV,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,kCAAkC,EAAE;gBACvD,UAAU,EAAE;oBACV,QAAQ;iBACT;gBACD,KAAK,EAAE;oBACL,OAAO;oBACP,YAAY;iBACb;aACF,CAAC,CAAA;YACF,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF,CAAA;AArEc;IADZ,MAAM,EAAE;;qCAC0B,OAAO;;yDAoEzC;AA9FU,qBAAqB;IAHjC,YAAY,CAAC,qBAAqB,CAAC;IACnC,GAAG,CAAC,gCAAgC,CAAC;IACrC,UAAU,EAAE;IAWR,WAAA,SAAS,CAAC,wBAAwB,CAAC,gBAAgB,EAAE,EAAC,UAAU,EAAE,IAAI,EAAC,CAAC,CAAA;IACxE,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;IAC7B,WAAA,MAAM,CAAC,yBAAyB,CAAC,CAAA;4DACK,oBAAoB;GAblD,qBAAqB,CA+FjC"}
package/dist/lib/esm/managers/authorizer.manager.js CHANGED
@@ -32,14 +32,18 @@ let AuthorizerManager = class AuthorizerManager {
32
32
  /**
33
33
  * The authorizer manager provides authorization by authorizing the action.
34
34
  * @param logHandler The log handler to output logs.
35
+ * @param tracingManager The tracing manager used to attach markers per guard decision.
35
36
  * @param guardFactory The factory to create the guard.
36
37
  */
37
- constructor(logHandler, guardFactory) {
38
+ constructor(logHandler, tracingManager, guardFactory) {
38
39
  this.logHandler = logHandler;
40
+ this.tracingManager = tracingManager;
39
41
  this.guardFactory = guardFactory;
40
42
  }
41
43
  /**
42
- * Returns whether or not the request is authorized to access the route.
44
+ * Returns whether or not the request is authorized to access the route. Drops one marker
45
+ * per guard (`authz.guard-decision` with the guard's class name and `allow`/`deny`/`error`)
46
+ * so the trace shows which guard was the deciding one.
43
47
  * @param request The request to authorize.
44
48
  * @param routeContext The route context.
45
49
  * @param container The dependency container to resolve the guard from.
@@ -47,26 +51,38 @@ let AuthorizerManager = class AuthorizerManager {
47
51
  */
48
52
  isAuthorized(request, routeContext, container, identity) {
49
53
  return __awaiter(this, void 0, void 0, function* () {
50
- var _a, _b, _c;
54
+ var _a, _b, _c, _d;
51
55
  if (!routeContext || routeContext[guardMetadataKeyname] === undefined || Array.isArray(routeContext[guardMetadataKeyname]) === false) {
56
+ this.tracingManager.addMarkerToCurrentSpan("authz.no-guards");
52
57
  return true;
53
58
  }
54
59
  const guards = routeContext[guardMetadataKeyname];
55
60
  let isAuthorized = true;
56
61
  for (const guardContext of guards) {
62
+ let guardName = "(unknown guard)";
57
63
  try {
58
64
  const instantiatedGuard = this.guardFactory.fromContext(guardContext, container);
65
+ guardName = instantiatedGuard.constructor.name;
59
66
  yield instantiatedGuard.setContext(guardContext);
60
67
  const didAuthorize = yield instantiatedGuard.isAuthorized(request, identity);
68
+ this.tracingManager.addMarkerToCurrentSpan("authz.guard-decision", {
69
+ guard: guardName,
70
+ decision: didAuthorize ? "allow" : "deny",
71
+ });
61
72
  isAuthorized = isAuthorized && didAuthorize;
62
73
  }
63
74
  catch (e) {
75
+ this.tracingManager.addMarkerToCurrentSpan("authz.guard-decision", {
76
+ guard: guardName,
77
+ decision: "error",
78
+ errorMessage: (_a = e === null || e === void 0 ? void 0 : e.message) !== null && _a !== void 0 ? _a : "Unknown error",
79
+ });
64
80
  this.logHandler.error("AuthorizerManager: Error while authorizing the request.", {
65
81
  highlights: {
66
- errorMessage: (_a = e === null || e === void 0 ? void 0 : e.message) !== null && _a !== void 0 ? _a : "Unknown error",
82
+ errorMessage: (_b = e === null || e === void 0 ? void 0 : e.message) !== null && _b !== void 0 ? _b : "Unknown error",
67
83
  requestUrl: `${request.httpMethod} ${request.url}`,
68
- identityId: (_b = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _b !== void 0 ? _b : "No Identity Id found",
69
- identityClaims: (_c = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _c !== void 0 ? _c : "No claims found",
84
+ identityId: (_c = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _c !== void 0 ? _c : "No Identity Id found",
85
+ identityClaims: (_d = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _d !== void 0 ? _d : "No claims found",
70
86
  },
71
87
  extra: {
72
88
  error: e,
@@ -96,7 +112,8 @@ AuthorizerManager = __decorate([
96
112
  tag("AuthorizerManagerInterface"),
97
113
  injectable(),
98
114
  __param(0, inject("LogHandlerInterface")),
99
- __metadata("design:paramtypes", [Object, GuardFactory])
115
+ __param(1, inject("TracingManagerInterface")),
116
+ __metadata("design:paramtypes", [Object, Object, GuardFactory])
100
117
  ], AuthorizerManager);
101
118
  export { AuthorizerManager };
102
119
  //# sourceMappingURL=authorizer.manager.js.map
package/dist/lib/esm/managers/authorizer.manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authorizer.manager.js","sourceRoot":"","sources":["../../../../src/managers/authorizer.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAC,MAAM,UAAU,CAAC;AAEjE,OAAO,EAAoB,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAC,MAAM,qBAAqB,CAAC;AAE1F,OAAO,EAAC,YAAY,EAAC,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAC,qBAAqB,EAAC,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAC,oBAAoB,EAAC,MAAM,+BAA+B,CAAC;AAEnE;;;GAGG;AAII,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAE5B;;;;OAIG;IACH,YAAmE,UAA+B,EAC9D,YAA0B;QADK,eAAU,GAAV,UAAU,CAAqB;QAC9D,iBAAY,GAAZ,YAAY,CAAc;IAC9D,CAAC;IAED;;;;;;OAMG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B,EAAE,QAA4B;;;YACzH,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,oBAAoB,CAAC,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC,KAAK,KAAK,EAAE,CAAC;gBACrI,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,oBAAoB,CAAC,CAAC;YAElD,IAAI,YAAY,GAAG,IAAI,CAAC;YAExB,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;gBAClC,IAAI,CAAC;oBACH,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;oBAEjF,MAAM,iBAAiB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;oBAEjD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;oBAC7E,YAAY,GAAG,YAAY,IAAI,YAAY,CAAC;gBAC9C,CAAC;gBAAC,OAAO,CAAM,EAAE,CAAC;oBAChB,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,yDAAyD,EAAE;wBAC/E,UAAU,EAAE;4BACV,YAAY,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,eAAe;4BAC3C,UAAU,EAAE,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE;4BAClD,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;yBACtD;wBACD,KAAK,EAAE;4BACL,KAAK,EAAE,CAAC;4BACR,OAAO;4BACP,QAAQ;yBACT;qBACF,CAAC,CAAC;oBACH,YAAY,GAAG,KAAK,CAAC;gBACvB,CAAC;YACH,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBACtC,UAAU,EAAE,EAAC,YAAY,EAAC;gBAC1B,KAAK,EAAE,EAAC,OAAO,EAAE,YAAY,EAAC;aAC/B,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;CACF,CAAA;AA1Cc;IADZ,MAAM,EAAE;;qCAC0B,OAAO;;qDAyCzC;AA5DU,iBAAiB;IAH7B,YAAY,CAAC,qBAAqB,CAAC;IACnC,GAAG,CAAC,4BAA4B,CAAC;IACjC,UAAU,EAAE;IAQS,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;6CACC,YAAY;GARnD,iBAAiB,CA6D7B"}
1
+ {"version":3,"file":"authorizer.manager.js","sourceRoot":"","sources":["../../../../src/managers/authorizer.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAC,MAAM,UAAU,CAAC;AAEjE,OAAO,EAAoB,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,EAA0B,MAAM,qBAAqB,CAAC;AAEnH,OAAO,EAAC,YAAY,EAAC,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAC,qBAAqB,EAAC,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAC,oBAAoB,EAAC,MAAM,+BAA+B,CAAC;AAEnE;;;GAGG;AAII,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAE5B;;;;;OAKG;IACH,YAAmE,UAA+B,EAC3B,cAAuC,EAC1E,YAA0B;QAFK,eAAU,GAAV,UAAU,CAAqB;QAC3B,mBAAc,GAAd,cAAc,CAAyB;QAC1E,iBAAY,GAAZ,YAAY,CAAc;IAC9D,CAAC;IAED;;;;;;;;OAQG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B,EAAE,QAA4B;;;YACzH,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,oBAAoB,CAAC,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,oBAAoB,CAAC,CAAC,KAAK,KAAK,EAAE,CAAC;gBACrI,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,iBAAiB,CAAC,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,oBAAoB,CAAC,CAAC;YAElD,IAAI,YAAY,GAAG,IAAI,CAAC;YAExB,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;gBAClC,IAAI,SAAS,GAAG,iBAAiB,CAAC;gBAClC,IAAI,CAAC;oBACH,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;oBACjF,SAAS,GAAG,iBAAiB,CAAC,WAAW,CAAC,IAAI,CAAC;oBAE/C,MAAM,iBAAiB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;oBAEjD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;oBAC7E,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,sBAAsB,EAAE;wBACjE,KAAK,EAAE,SAAS;wBAChB,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;qBAC1C,CAAC,CAAC;oBACH,YAAY,GAAG,YAAY,IAAI,YAAY,CAAC;gBAC9C,CAAC;gBAAC,OAAO,CAAM,EAAE,CAAC;oBAChB,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,sBAAsB,EAAE;wBACjE,KAAK,EAAE,SAAS;wBAChB,QAAQ,EAAE,OAAO;wBACjB,YAAY,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,eAAe;qBAC5C,CAAC,CAAC;oBACH,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,yDAAyD,EAAE;wBAC/E,UAAU,EAAE;4BACV,YAAY,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,eAAe;4BAC3C,UAAU,EAAE,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE;4BAClD,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;yBACtD;wBACD,KAAK,EAAE;4BACL,KAAK,EAAE,CAAC;4BACR,OAAO;4BACP,QAAQ;yBACT;qBACF,CAAC,CAAC;oBACH,YAAY,GAAG,KAAK,CAAC;gBACvB,CAAC;YACH,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBACtC,UAAU,EAAE,EAAC,YAAY,EAAC;gBAC1B,KAAK,EAAE,EAAC,OAAO,EAAE,YAAY,EAAC;aAC/B,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;CACF,CAAA;AAtDc;IADZ,MAAM,EAAE;;qCAC0B,OAAO;;qDAqDzC;AA5EU,iBAAiB;IAH7B,YAAY,CAAC,qBAAqB,CAAC;IACnC,GAAG,CAAC,4BAA4B,CAAC;IACjC,UAAU,EAAE;IASS,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;IAC7B,WAAA,MAAM,CAAC,yBAAyB,CAAC,CAAA;qDACH,YAAY;GAVnD,iBAAiB,CA6E7B"}
package/dist/lib/esm/managers/permission.manager.js CHANGED
@@ -22,7 +22,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
22
22
  import { inject, injectable, injectAll } from "tsyringe";
23
23
  import { VotingStrategyEnum } from "../enums/voting-strategy.enum";
24
24
  import { VoteEnum } from "../enums/vote.enum";
25
- import { ServiceDefinitionTagEnum } from "@pristine-ts/common";
25
+ import { ServiceDefinitionTagEnum, traced } from "@pristine-ts/common";
26
26
  /**
27
27
  * The permission manager verifies if the correct permission are there to access and take an action on a resource.
28
28
  */
@@ -32,13 +32,18 @@ let PermissionManager = class PermissionManager {
32
32
  * @param voters The voters that determine if access is granted.
33
33
  * All services with the tag ServiceDefinitionTagEnum.Voter will be injected here
34
34
  * @param logHandler The log handler to output logs.
35
+ * @param tracingManager The tracing manager used to attach markers for the voting decisions.
35
36
  */
36
- constructor(voters, logHandler) {
37
+ constructor(voters, logHandler, tracingManager) {
37
38
  this.voters = voters;
38
39
  this.logHandler = logHandler;
40
+ this.tracingManager = tracingManager;
39
41
  }
40
42
  /**
41
- * Returns whether or not the permission manager grants access to the resource.
43
+ * Returns whether or not the permission manager grants access to the resource. Drops one
44
+ * marker per voter (`permission.voter-vote` with `{voter, vote}`) so the trace shows which
45
+ * voter swung the decision. `@traced()` puts the whole call in its own span so the
46
+ * voting work is visible in the trace tree alongside auth/authz.
42
47
  * @param identity The identity trying to have access to a resource.
43
48
  * @param action The action trying to be executed on the resource.
44
49
  * @param resource The resource being accessed.
@@ -46,8 +51,9 @@ let PermissionManager = class PermissionManager {
46
51
  */
47
52
  hasAccessToResource(identity_1, action_1, resource_1) {
48
53
  return __awaiter(this, arguments, void 0, function* (identity, action, resource, votingStrategy = VotingStrategyEnum.DenyOnUnanimousAbstention) {
49
- var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o;
54
+ var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p;
50
55
  if (this.voters.length === 0) {
56
+ this.tracingManager.addMarkerToCurrentSpan("permission.no-voters");
51
57
  this.logHandler.warning("PermissionManager: No voters were found, this could lead to unexpected behavior. Make sure that you have registered voters in your application.", {
52
58
  highlights: {
53
59
  identityId: (_a = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _a !== void 0 ? _a : "No Identity Id found",
@@ -81,6 +87,10 @@ let PermissionManager = class PermissionManager {
81
87
  }
82
88
  try {
83
89
  const vote = yield voter.vote(identity, action, resource);
90
+ this.tracingManager.addMarkerToCurrentSpan("permission.voter-vote", {
91
+ voter: voter.constructor.name,
92
+ vote: String(vote),
93
+ });
84
94
  const message = "PermissionManager: Voter " + voter.constructor.name + " voted: " + vote;
85
95
  if (vote === VoteEnum.Deny) { // When it's being denied, it usually mean that something is important to be noticed.
86
96
  this.logHandler.info(message, {
@@ -117,11 +127,16 @@ let PermissionManager = class PermissionManager {
117
127
  votes.push(vote);
118
128
  }
119
129
  catch (error) {
130
+ this.tracingManager.addMarkerToCurrentSpan("permission.voter-vote", {
131
+ voter: voter.constructor.name,
132
+ vote: "error",
133
+ errorMessage: (_j = error === null || error === void 0 ? void 0 : error.message) !== null && _j !== void 0 ? _j : "Unknown error",
134
+ });
120
135
  this.logHandler.error("PermissionManager: Error while voting, please check the logs for more details.", {
121
136
  highlights: {
122
- errorMessage: (_j = error.message) !== null && _j !== void 0 ? _j : "Unknown error",
123
- identityId: (_k = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _k !== void 0 ? _k : "No Identity Id found",
124
- identityClaims: (_l = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _l !== void 0 ? _l : "No claims found",
137
+ errorMessage: (_k = error.message) !== null && _k !== void 0 ? _k : "Unknown error",
138
+ identityId: (_l = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _l !== void 0 ? _l : "No Identity Id found",
139
+ identityClaims: (_m = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _m !== void 0 ? _m : "No claims found",
125
140
  action,
126
141
  voter: voter.constructor.name,
127
142
  },
@@ -145,8 +160,8 @@ let PermissionManager = class PermissionManager {
145
160
  highlights: {
146
161
  resourceName: resource.constructor.name,
147
162
  access: shouldGrantAccess ? "GRANTED" : "DENIED",
148
- identityId: (_m = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _m !== void 0 ? _m : "No Identity Id found",
149
- identityClaims: (_o = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _o !== void 0 ? _o : "No claims found",
163
+ identityId: (_o = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _o !== void 0 ? _o : "No Identity Id found",
164
+ identityClaims: (_p = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _p !== void 0 ? _p : "No claims found",
150
165
  }, extra: {
151
166
  identity,
152
167
  resource,
@@ -157,11 +172,18 @@ let PermissionManager = class PermissionManager {
157
172
  });
158
173
  }
159
174
  };
175
+ __decorate([
176
+ traced(),
177
+ __metadata("design:type", Function),
178
+ __metadata("design:paramtypes", [Object, String, Object, String]),
179
+ __metadata("design:returntype", Promise)
180
+ ], PermissionManager.prototype, "hasAccessToResource", null);
160
181
  PermissionManager = __decorate([
161
182
  injectable(),
162
183
  __param(0, injectAll(ServiceDefinitionTagEnum.Voter)),
163
184
  __param(1, inject("LogHandlerInterface")),
164
- __metadata("design:paramtypes", [Array, Object])
185
+ __param(2, inject("TracingManagerInterface")),
186
+ __metadata("design:paramtypes", [Array, Object, Object])
165
187
  ], PermissionManager);
166
188
  export { PermissionManager };
167
189
  //# sourceMappingURL=permission.manager.js.map
package/dist/lib/esm/managers/permission.manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"permission.manager.js","sourceRoot":"","sources":["../../../../src/managers/permission.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AAEvD,OAAO,EAAC,kBAAkB,EAAC,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAC,QAAQ,EAAC,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAoB,wBAAwB,EAAC,MAAM,qBAAqB,CAAC;AAGhF;;GAEG;AAEI,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAE5B;;;;;OAKG;IACH,YAA+E,MAAwB,EACpC,UAA+B;QADnB,WAAM,GAAN,MAAM,CAAkB;QACpC,eAAU,GAAV,UAAU,CAAqB;IAClG,CAAC;IAED;;;;;;OAMG;IACG,mBAAmB;6DAAC,QAA2B,EAAE,MAAc,EAAE,QAAgB,EAAE,iBAAqC,kBAAkB,CAAC,yBAAyB;;YACxK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,iJAAiJ,EAAE;oBACzK,UAAU,EAAE;wBACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;wBAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;wBACrD,MAAM;qBACP;oBACD,KAAK,EAAE;wBACL,QAAQ;wBACR,QAAQ;wBACR,cAAc;qBACf;iBACF,CAAC,CAAC;YACL,CAAC;YAED,MAAM,KAAK,GAAe,EAAE,CAAC;YAE7B,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC;oBACvC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,0DAA0D,EAAE;wBAChF,UAAU,EAAE;4BACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;4BACrD,MAAM;4BACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;yBAC9B;wBACD,KAAK,EAAE;4BACL,QAAQ;4BACR,QAAQ;4BACR,cAAc;yBACf;qBACF,CAAC,CAAC;oBACH,SAAS;gBACX,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;oBAC1D,MAAM,OAAO,GAAG,2BAA2B,GAAG,KAAK,CAAC,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,IAAI,CAAC;oBAEzF,IAAI,IAAI,KAAK,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,qFAAqF;wBACjH,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE;4BAC5B,UAAU,EAAE;gCACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;gCAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;gCACrD,MAAM;gCACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;gCAC7B,IAAI;6BACL;4BACD,KAAK,EAAE;gCACL,QAAQ;gCACR,QAAQ;gCACR,cAAc;6BACf;yBACF,CAAC,CAAA;oBACJ,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE;4BAC7B,UAAU,EAAE;gCACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;gCAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;gCACrD,MAAM;gCACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;gCAC7B,IAAI;6BACL;4BACD,KAAK,EAAE;gCACL,QAAQ;gCACR,QAAQ;gCACR,cAAc;6BACf;yBACF,CAAC,CAAC;oBACL,CAAC;oBAED,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnB,CAAC;gBAAC,OAAO,KAAU,EAAE,CAAC;oBACpB,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,gFAAgF,EAAE;wBACtG,UAAU,EAAE;4BACV,YAAY,EAAE,MAAA,KAAK,CAAC,OAAO,mCAAI,eAAe;4BAC9C,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;4BACrD,MAAM;4BACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;yBAC9B;wBACD,KAAK,EAAE;4BACL,KAAK;4BACL,QAAQ;4BACR,QAAQ;4BACR,cAAc;yBACf;qBACF,CAAC,CAAC;oBACH,MAAM,KAAK,CAAC;gBACd,CAAC;YAEH,CAAC;YAED,IAAI,iBAAiB,GAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAEhE,IAAI,cAAc,KAAK,kBAAkB,CAAC,yBAAyB,EAAE,CAAC;gBACpE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3E,iBAAiB,GAAG,KAAK,CAAC;gBAC5B,CAAC;YACH,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,wCAAwC,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,OAAO,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE;gBACjJ,UAAU,EAAE;oBACV,YAAY,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI;oBACvC,MAAM,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ;oBAChD,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;oBAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;iBACtD,EAAE,KAAK,EAAE;oBACR,QAAQ;oBACR,QAAQ;oBACR,cAAc;iBACf;aACF,CAAC,CAAC;YAEH,OAAO,iBAAiB,CAAC;QAC3B,CAAC;KAAA;CACF,CAAA;AAxIY,iBAAiB;IAD7B,UAAU,EAAE;IASS,WAAA,SAAS,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAA;IACzC,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;;GATtC,iBAAiB,CAwI7B"}
1
+ {"version":3,"file":"permission.manager.js","sourceRoot":"","sources":["../../../../src/managers/permission.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA,OAAO,EAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAC,MAAM,UAAU,CAAC;AAEvD,OAAO,EAAC,kBAAkB,EAAC,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAC,QAAQ,EAAC,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAoB,wBAAwB,EAAE,MAAM,EAA0B,MAAM,qBAAqB,CAAC;AAGjH;;GAEG;AAEI,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAE5B;;;;;;OAMG;IACH,YAA+E,MAAwB,EACpC,UAA+B,EAC3B,cAAuC;QAF/B,WAAM,GAAN,MAAM,CAAkB;QACpC,eAAU,GAAV,UAAU,CAAqB;QAC3B,mBAAc,GAAd,cAAc,CAAyB;IAC9G,CAAC;IAED;;;;;;;;;OASG;IAEG,mBAAmB;6DAAC,QAA2B,EAAE,MAAc,EAAE,QAAgB,EAAE,iBAAqC,kBAAkB,CAAC,yBAAyB;;YACxK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,sBAAsB,CAAC,CAAC;gBACnE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,iJAAiJ,EAAE;oBACzK,UAAU,EAAE;wBACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;wBAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;wBACrD,MAAM;qBACP;oBACD,KAAK,EAAE;wBACL,QAAQ;wBACR,QAAQ;wBACR,cAAc;qBACf;iBACF,CAAC,CAAC;YACL,CAAC;YAED,MAAM,KAAK,GAAe,EAAE,CAAC;YAE7B,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,KAAK,EAAE,CAAC;oBACvC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,0DAA0D,EAAE;wBAChF,UAAU,EAAE;4BACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;4BACrD,MAAM;4BACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;yBAC9B;wBACD,KAAK,EAAE;4BACL,QAAQ;4BACR,QAAQ;4BACR,cAAc;yBACf;qBACF,CAAC,CAAC;oBACH,SAAS;gBACX,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;oBAC1D,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,uBAAuB,EAAE;wBAClE,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;wBAC7B,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC;qBACnB,CAAC,CAAC;oBACH,MAAM,OAAO,GAAG,2BAA2B,GAAG,KAAK,CAAC,WAAW,CAAC,IAAI,GAAG,UAAU,GAAG,IAAI,CAAC;oBAEzF,IAAI,IAAI,KAAK,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,qFAAqF;wBACjH,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE;4BAC5B,UAAU,EAAE;gCACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;gCAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;gCACrD,MAAM;gCACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;gCAC7B,IAAI;6BACL;4BACD,KAAK,EAAE;gCACL,QAAQ;gCACR,QAAQ;gCACR,cAAc;6BACf;yBACF,CAAC,CAAA;oBACJ,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE;4BAC7B,UAAU,EAAE;gCACV,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;gCAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;gCACrD,MAAM;gCACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;gCAC7B,IAAI;6BACL;4BACD,KAAK,EAAE;gCACL,QAAQ;gCACR,QAAQ;gCACR,cAAc;6BACf;yBACF,CAAC,CAAC;oBACL,CAAC;oBAED,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnB,CAAC;gBAAC,OAAO,KAAU,EAAE,CAAC;oBACpB,IAAI,CAAC,cAAc,CAAC,sBAAsB,CAAC,uBAAuB,EAAE;wBAClE,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;wBAC7B,IAAI,EAAE,OAAO;wBACb,YAAY,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,mCAAI,eAAe;qBAChD,CAAC,CAAC;oBACH,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,gFAAgF,EAAE;wBACtG,UAAU,EAAE;4BACV,YAAY,EAAE,MAAA,KAAK,CAAC,OAAO,mCAAI,eAAe;4BAC9C,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;4BACrD,MAAM;4BACN,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;yBAC9B;wBACD,KAAK,EAAE;4BACL,KAAK;4BACL,QAAQ;4BACR,QAAQ;4BACR,cAAc;yBACf;qBACF,CAAC,CAAC;oBACH,MAAM,KAAK,CAAC;gBACd,CAAC;YAEH,CAAC;YAED,IAAI,iBAAiB,GAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAEhE,IAAI,cAAc,KAAK,kBAAkB,CAAC,yBAAyB,EAAE,CAAC;gBACpE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3E,iBAAiB,GAAG,KAAK,CAAC;gBAC5B,CAAC;YACH,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,wCAAwC,GAAG,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,OAAO,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE;gBACjJ,UAAU,EAAE;oBACV,YAAY,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI;oBACvC,MAAM,EAAE,iBAAiB,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ;oBAChD,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;oBAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;iBACtD,EAAE,KAAK,EAAE;oBACR,QAAQ;oBACR,QAAQ;oBACR,cAAc;iBACf;aACF,CAAC,CAAC;YAEH,OAAO,iBAAiB,CAAC;QAC3B,CAAC;KAAA;CACF,CAAA;AA/HO;IADL,MAAM,EAAE;;;;4DA+HR;AAvJU,iBAAiB;IAD7B,UAAU,EAAE;IAUS,WAAA,SAAS,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAA;IACzC,WAAA,MAAM,CAAC,qBAAqB,CAAC,CAAA;IAC7B,WAAA,MAAM,CAAC,yBAAyB,CAAC,CAAA;;GAX1C,iBAAiB,CAwJ7B"}