@prosopo/user-access-policy 3.4.0 → 3.5.27

package/dist/api/ruleApiRoutes.js

@@ -0,0 +1,131 @@
+import { FetchRulesEndpoint } from "./read/fetchRules.js";
+import { FindRuleIdsEndpoint } from "./read/findRuleIds.js";
+import { GetMissingIdsEndpoint } from "./read/getMissingIds.js";
+import { RehashRulesEndpoint } from "./write/rehashRules.js";
+import { DeleteAllRulesEndpoint } from "./delete/deleteAllRules.js";
+import { DeleteRuleGroupsEndpoint } from "./delete/deleteRuleGroups.js";
+import { DeleteRulesEndpoint } from "./delete/deleteRules.js";
+import { InsertRulesEndpoint } from "./write/insertRules.js";
+var accessRuleApiPaths = /* @__PURE__ */ ((accessRuleApiPaths2) => {
+  accessRuleApiPaths2["DELETE_ALL"] = "/v1/prosopo/user-access-policy/rules/delete-all";
+  accessRuleApiPaths2["DELETE_GROUPS"] = "/v1/prosopo/user-access-policy/rules/delete-groups";
+  accessRuleApiPaths2["DELETE_MANY"] = "/v1/prosopo/user-access-policy/rules/delete-many";
+  accessRuleApiPaths2["FETCH_MANY"] = "/v1/prosopo/user-access-policy/rules/fetch-many";
+  accessRuleApiPaths2["FIND_IDS"] = "/v1/prosopo/user-access-policy/rules/find-ids";
+  accessRuleApiPaths2["GET_MISSING_IDS"] = "/v1/prosopo/user-access-policy/rules/get-missing-ids";
+  accessRuleApiPaths2["INSERT_MANY"] = "/v1/prosopo/user-access-policy/rules/insert-many";
+  accessRuleApiPaths2["REHASH_ALL"] = "/v1/prosopo/user-access-policy/rules/rehash-all";
+  return accessRuleApiPaths2;
+})(accessRuleApiPaths || {});
+class AccessRuleApiRoutes {
+  constructor(accessRulesStorage, logger) {
+    this.accessRulesStorage = accessRulesStorage;
+    this.logger = logger;
+  }
+  getRoutes() {
+    return {
+      ...this.makeDeleteEndpoints(),
+      ...this.makeReadEndpoints(),
+      ...this.makeWriteEndpoints()
+    };
+  }
+  makeDeleteEndpoints() {
+    return {
+      [
+        "/v1/prosopo/user-access-policy/rules/delete-all"
+        /* DELETE_ALL */
+      ]: new DeleteAllRulesEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      ),
+      [
+        "/v1/prosopo/user-access-policy/rules/delete-groups"
+        /* DELETE_GROUPS */
+      ]: new DeleteRuleGroupsEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      ),
+      [
+        "/v1/prosopo/user-access-policy/rules/delete-many"
+        /* DELETE_MANY */
+      ]: new DeleteRulesEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      )
+    };
+  }
+  makeReadEndpoints() {
+    return {
+      [
+        "/v1/prosopo/user-access-policy/rules/fetch-many"
+        /* FETCH_MANY */
+      ]: new FetchRulesEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      ),
+      [
+        "/v1/prosopo/user-access-policy/rules/find-ids"
+        /* FIND_IDS */
+      ]: new FindRuleIdsEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      ),
+      [
+        "/v1/prosopo/user-access-policy/rules/get-missing-ids"
+        /* GET_MISSING_IDS */
+      ]: new GetMissingIdsEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      )
+    };
+  }
+  makeWriteEndpoints() {
+    return {
+      [
+        "/v1/prosopo/user-access-policy/rules/insert-many"
+        /* INSERT_MANY */
+      ]: new InsertRulesEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      ),
+      [
+        "/v1/prosopo/user-access-policy/rules/rehash-all"
+        /* REHASH_ALL */
+      ]: new RehashRulesEndpoint(
+        this.accessRulesStorage,
+        this.logger
+      )
+    };
+  }
+}
+const getExpressApiRuleRateLimits = () => {
+  const defaults = {
+    limit: 5,
+    windowSeconds: 10
+  };
+  const defaultWindowMs = defaults.windowSeconds * 1e3;
+  const rateLimitEntries = Object.entries(accessRuleApiPaths).map(
+    ([endpointName, endpointPath]) => [
+      endpointPath,
+      {
+        windowMs: getIntEnvironmentVariable(
+          `PROSOPO_USER_ACCESS_POLICY_RULE_${endpointName}_WINDOW`
+        ) || defaultWindowMs,
+        limit: getIntEnvironmentVariable(
+          `PROSOPO_USER_ACCESS_POLICY_RULE_${endpointName}_LIMIT`
+        ) || defaults.limit
+      }
+    ]
+  );
+  return Object.fromEntries(rateLimitEntries);
+};
+const getIntEnvironmentVariable = (variableName) => {
+  const variableValue = process.env[variableName];
+  const numericValue = variableValue ? Number.parseInt(variableValue) : Number.NaN;
+  return Number.isInteger(numericValue) ? numericValue : void 0;
+};
+export {
+  AccessRuleApiRoutes,
+  accessRuleApiPaths,
+  getExpressApiRuleRateLimits
+};

package/dist/api/ruleApiRoutes.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ruleApiRoutes.js","sourceRoot":"","sources":["../../src/api/ruleApiRoutes.ts"],"names":[],"mappings":"AAoBA,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,mCAAmC,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AAEvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,EAAE,wBAAwB,EAAE,MAAM,8BAA8B,CAAC;AACxE,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAE7D,MAAM,CAAN,IAAY,kBAYX;AAZD,WAAY,kBAAkB;IAE7B,oFAA8D,CAAA;IAC9D,0FAAoE,CAAA;IACpE,sFAAgE,CAAA;IAEhE,oFAA8D,CAAA;IAC9D,gFAA0D,CAAA;IAC1D,8FAAwE,CAAA;IAExE,sFAAgE,CAAA;IAChE,oFAA8D,CAAA;AAC/D,CAAC,EAZW,kBAAkB,KAAlB,kBAAkB,QAY7B;AAED,MAAM,OAAO,mBAAmB;IAC/B,YACkB,kBAAsC,EACtC,MAAc;QADd,uBAAkB,GAAlB,kBAAkB,CAAoB;QACtC,WAAM,GAAN,MAAM,CAAQ;IAC7B,CAAC;IAEG,SAAS;QACf,OAAO;YACN,GAAG,IAAI,CAAC,mBAAmB,EAAE;YAC7B,GAAG,IAAI,CAAC,iBAAiB,EAAE;YAC3B,GAAG,IAAI,CAAC,kBAAkB,EAAE;SACgB,CAAC;IAC/C,CAAC;IAES,mBAAmB;QAC5B,OAAO;YACN,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,IAAI,sBAAsB,CAC1D,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;YACD,CAAC,kBAAkB,CAAC,aAAa,CAAC,EAAE,IAAI,wBAAwB,CAC/D,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;YACD,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,IAAI,mBAAmB,CACxD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;SACD,CAAC;IACH,CAAC;IAES,iBAAiB;QAC1B,OAAO;YACN,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,IAAI,kBAAkB,CACtD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;YACD,CAAC,kBAAkB,CAAC,QAAQ,CAAC,EAAE,IAAI,mBAAmB,CACrD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;YACD,CAAC,kBAAkB,CAAC,eAAe,CAAC,EAAE,IAAI,qBAAqB,CAC9D,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;SACD,CAAC;IACH,CAAC;IAES,kBAAkB;QAC3B,OAAO;YACN,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,IAAI,mBAAmB,CACxD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;YACD,CAAC,kBAAkB,CAAC,UAAU,CAAC,EAAE,IAAI,mBAAmB,CACvD,IAAI,CAAC,kBAAkB,EACvB,IAAI,CAAC,MAAM,CACX;SACD,CAAC;IACH,CAAC;CACD;AAED,MAAM,CAAC,MAAM,2BAA2B,GACvC,GAAuC,EAAE;IACxC,MAAM,QAAQ,GAAG;QAChB,KAAK,EAAE,CAAC;QACR,aAAa,EAAE,EAAE;KACjB,CAAC;IAEF,MAAM,eAAe,GAAG,QAAQ,CAAC,aAAa,GAAG,KAAK,CAAC;IAEvD,MAAM,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAC9D,CAAC,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,EAAE,CAAC;QACjC,YAAY;QACZ;YACC,QAAQ,EACP,yBAAyB,CACxB,mCAAmC,YAAY,SAAS,CACxD,IAAI,eAAe;YACrB,KAAK,EACJ,yBAAyB,CACxB,mCAAmC,YAAY,QAAQ,CACvD,IAAI,QAAQ,CAAC,KAAK;SACpB;KACD,CACD,CAAC;IAEF,OAAO,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;AAC7C,CAAC,CAAC;AAEH,MAAM,yBAAyB,GAAG,CACjC,YAAoB,EACC,EAAE;IACvB,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEhD,MAAM,YAAY,GAAG,aAAa;QACjC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC;QAChC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;IAEd,OAAO,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC;AAClE,CAAC,CAAC"}

package/dist/api/rulesApiClient.d.ts

@@ -0,0 +1,20 @@
+import { ApiClient } from "@prosopo/api";
+import type { ApiEndpointResponse } from "@prosopo/api-route";
+import { type FetchRulesEndpointResponse, type FetchRulesOptions } from "#policy/api/read/fetchRules.js";
+import { type RuleIdsEndpointResponse } from "#policy/api/read/findRuleIds.js";
+import { type MissingIds, type MissingIdsEndpointResponse } from "#policy/api/read/getMissingIds.js";
+import type { AccessRulesFilterInput } from "#policy/ruleInput/ruleInput.js";
+import type { DeleteSiteGroups } from "./delete/deleteRuleGroups.js";
+import type { InsertRulesGroup } from "./write/insertRules.js";
+export declare class AccessRulesApiClient extends ApiClient {
+    deleteMany(filters: AccessRulesFilterInput[], timestamp: string, signature: string): Promise<ApiEndpointResponse>;
+    deleteGroups(siteGroups: DeleteSiteGroups, timestamp: string, signature: string): Promise<ApiEndpointResponse>;
+    deleteAll(timestamp: string, signature: string): Promise<ApiEndpointResponse>;
+    getMissingIds(idsToCheck: MissingIds, timestamp: string, signature: string): Promise<MissingIdsEndpointResponse>;
+    fetchMany(fetchOptions: FetchRulesOptions, timestamp: string, signature: string): Promise<FetchRulesEndpointResponse>;
+    findIds(filters: AccessRulesFilterInput[], timestamp: string, signature: string): Promise<RuleIdsEndpointResponse>;
+    rehashAll(timestamp: string, signature: string): Promise<ApiEndpointResponse>;
+    insertMany(ruleGroups: InsertRulesGroup[], timestamp: string, signature: string): Promise<ApiEndpointResponse>;
+    protected getAuthHeaders(timestamp: string, signature: string): RequestInit;
+}
+//# sourceMappingURL=rulesApiClient.d.ts.map

package/dist/api/rulesApiClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rulesApiClient.d.ts","sourceRoot":"","sources":["../../src/api/rulesApiClient.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EACN,KAAK,0BAA0B,EAC/B,KAAK,iBAAiB,EAEtB,MAAM,gCAAgC,CAAC;AACxC,OAAO,EACN,KAAK,uBAAuB,EAE5B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACN,KAAK,UAAU,EACf,KAAK,0BAA0B,EAE/B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AAC7E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAErE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE/D,qBAAa,oBAAqB,SAAQ,SAAS;IAG3C,UAAU,CAChB,OAAO,EAAE,sBAAsB,EAAE,EACjC,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,CAAC;IAQxB,YAAY,CAClB,UAAU,EAAE,gBAAgB,EAC5B,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,CAAC;IAQxB,SAAS,CACf,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,CAAC;IAUlB,aAAa,CACzB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,0BAA0B,CAAC;IAezB,SAAS,CACrB,YAAY,EAAE,iBAAiB,EAC/B,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,0BAA0B,CAAC;IAezB,OAAO,CACnB,OAAO,EAAE,sBAAsB,EAAE,EACjC,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,uBAAuB,CAAC;IAiBtB,SAAS,CACrB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,CAAC;IAQxB,UAAU,CAChB,UAAU,EAAE,gBAAgB,EAAE,EAC9B,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,MAAM,GACf,OAAO,CAAC,mBAAmB,CAAC;IAQ/B,SAAS,CAAC,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,WAAW;CAS3E"}

package/dist/api/rulesApiClient.js

@@ -0,0 +1,93 @@
+import { ApiClient } from "@prosopo/api";
+import { fetchRulesResponse } from "./read/fetchRules.js";
+import { ruleIdsResponse } from "./read/findRuleIds.js";
+import { missingIdsResponse } from "./read/getMissingIds.js";
+import { accessRuleApiPaths } from "./ruleApiRoutes.js";
+class AccessRulesApiClient extends ApiClient {
+  //// delete
+  deleteMany(filters, timestamp, signature) {
+    return this.post(
+      accessRuleApiPaths.DELETE_MANY,
+      filters,
+      this.getAuthHeaders(timestamp, signature)
+    );
+  }
+  deleteGroups(siteGroups, timestamp, signature) {
+    return this.post(
+      accessRuleApiPaths.DELETE_GROUPS,
+      siteGroups,
+      this.getAuthHeaders(timestamp, signature)
+    );
+  }
+  deleteAll(timestamp, signature) {
+    return this.post(
+      accessRuleApiPaths.DELETE_ALL,
+      {},
+      this.getAuthHeaders(timestamp, signature)
+    );
+  }
+  //// read
+  async getMissingIds(idsToCheck, timestamp, signature) {
+    const endpointResponse = await this.post(
+      accessRuleApiPaths.GET_MISSING_IDS,
+      idsToCheck,
+      this.getAuthHeaders(timestamp, signature)
+    );
+    const parsedData = missingIdsResponse.safeParse(endpointResponse.data);
+    return {
+      ...endpointResponse,
+      data: parsedData.success ? parsedData.data : void 0
+    };
+  }
+  async fetchMany(fetchOptions, timestamp, signature) {
+    const endpointResponse = await this.post(
+      accessRuleApiPaths.FETCH_MANY,
+      fetchOptions,
+      this.getAuthHeaders(timestamp, signature)
+    );
+    const parsedData = fetchRulesResponse.safeParse(endpointResponse.data);
+    return {
+      ...endpointResponse,
+      data: parsedData.success ? parsedData.data : void 0
+    };
+  }
+  async findIds(filters, timestamp, signature) {
+    const endpointResponse = await this.post(
+      accessRuleApiPaths.FIND_IDS,
+      filters,
+      this.getAuthHeaders(timestamp, signature)
+    );
+    const parsedData = ruleIdsResponse.safeParse(endpointResponse.data);
+    return {
+      ...endpointResponse,
+      data: parsedData.success ? parsedData.data : void 0
+    };
+  }
+  //// write
+  async rehashAll(timestamp, signature) {
+    return this.post(
+      accessRuleApiPaths.REHASH_ALL,
+      {},
+      this.getAuthHeaders(timestamp, signature)
+    );
+  }
+  insertMany(ruleGroups, timestamp, signature) {
+    return this.post(
+      accessRuleApiPaths.INSERT_MANY,
+      ruleGroups,
+      this.getAuthHeaders(timestamp, signature)
+    );
+  }
+  getAuthHeaders(timestamp, signature) {
+    return {
+      headers: {
+        "Prosopo-Site-Key": this.account,
+        timestamp,
+        signature
+      }
+    };
+  }
+}
+export {
+  AccessRulesApiClient
+};

package/dist/api/rulesApiClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rulesApiClient.js","sourceRoot":"","sources":["../../src/api/rulesApiClient.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAGN,kBAAkB,GAClB,MAAM,gCAAgC,CAAC;AACxC,OAAO,EAEN,eAAe,GACf,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAGN,kBAAkB,GAClB,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAGxD,MAAM,OAAO,oBAAqB,SAAQ,SAAS;IAG3C,UAAU,CAChB,OAAiC,EACjC,SAAiB,EACjB,SAAiB;QAEjB,OAAO,IAAI,CAAC,IAAI,CACf,kBAAkB,CAAC,WAAW,EAC9B,OAAO,EACP,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;IACH,CAAC;IAEM,YAAY,CAClB,UAA4B,EAC5B,SAAiB,EACjB,SAAiB;QAEjB,OAAO,IAAI,CAAC,IAAI,CACf,kBAAkB,CAAC,aAAa,EAChC,UAAU,EACV,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;IACH,CAAC;IAEM,SAAS,CACf,SAAiB,EACjB,SAAiB;QAEjB,OAAO,IAAI,CAAC,IAAI,CACf,kBAAkB,CAAC,UAAU,EAC7B,EAAE,EACF,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;IACH,CAAC;IAIM,KAAK,CAAC,aAAa,CACzB,UAAsB,EACtB,SAAiB,EACjB,SAAiB;QAEjB,MAAM,gBAAgB,GAAwB,MAAM,IAAI,CAAC,IAAI,CAC5D,kBAAkB,CAAC,eAAe,EAClC,UAAU,EACV,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;QAEF,MAAM,UAAU,GAAG,kBAAkB,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAEvE,OAAO;YACN,GAAG,gBAAgB;YACnB,IAAI,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACtD,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,SAAS,CACrB,YAA+B,EAC/B,SAAiB,EACjB,SAAiB;QAEjB,MAAM,gBAAgB,GAAwB,MAAM,IAAI,CAAC,IAAI,CAC5D,kBAAkB,CAAC,UAAU,EAC7B,YAAY,EACZ,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;QAEF,MAAM,UAAU,GAAG,kBAAkB,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAEvE,OAAO;YACN,GAAG,gBAAgB;YACnB,IAAI,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACtD,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,OAAO,CACnB,OAAiC,EACjC,SAAiB,EACjB,SAAiB;QAEjB,MAAM,gBAAgB,GAAwB,MAAM,IAAI,CAAC,IAAI,CAC5D,kBAAkB,CAAC,QAAQ,EAC3B,OAAO,EACP,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;QAEF,MAAM,UAAU,GAAG,eAAe,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAEpE,OAAO;YACN,GAAG,gBAAgB;YACnB,IAAI,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;SACtD,CAAC;IACH,CAAC;IAIM,KAAK,CAAC,SAAS,CACrB,SAAiB,EACjB,SAAiB;QAEjB,OAAO,IAAI,CAAC,IAAI,CACf,kBAAkB,CAAC,UAAU,EAC7B,EAAE,EACF,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;IACH,CAAC;IAEM,UAAU,CAChB,UAA8B,EAC9B,SAAiB,EACjB,SAAiB;QAEjB,OAAO,IAAI,CAAC,IAAI,CACf,kBAAkB,CAAC,WAAW,EAC9B,UAAU,EACV,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CACzC,CAAC;IACH,CAAC;IAES,cAAc,CAAC,SAAiB,EAAE,SAAiB;QAC5D,OAAO;YACN,OAAO,EAAE;gBACR,kBAAkB,EAAE,IAAI,CAAC,OAAO;gBAChC,SAAS;gBACT,SAAS;aACT;SACD,CAAC;IACH,CAAC;CACD"}

package/dist/api/write/.export.d.ts

@@ -0,0 +1,2 @@
+export type { InsertRulesGroup } from "./insertRules.js";
+//# sourceMappingURL=.export.d.ts.map

package/dist/api/write/.export.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":".export.d.ts","sourceRoot":"","sources":["../../../src/api/write/.export.ts"],"names":[],"mappings":"AAcA,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/api/write/.export.js

@@ -0,0 +1 @@
+

package/dist/api/write/.export.js.map

@@ -0,0 +1 @@
+{"version":3,"file":".export.js","sourceRoot":"","sources":["../../../src/api/write/.export.ts"],"names":[],"mappings":""}

package/dist/api/write/insertRules.d.ts

@@ -0,0 +1,29 @@
+import { type ApiEndpoint, type ApiEndpointResponse } from "@prosopo/api-route";
+import { type Logger } from "@prosopo/common";
+import { type ZodType } from "zod";
+import type { AccessPolicy, PolicyScope, UserScope } from "#policy/rule.js";
+import { type UserScopeInput } from "#policy/ruleInput/userScopeInput.js";
+import type { AccessRulesWriter } from "#policy/rulesStorage.js";
+export type InsertRulesGroup = {
+    accessPolicy: AccessPolicy;
+    userScopes: UserScopeInput[];
+    policyScopes?: PolicyScope[];
+    groupId?: string;
+    expiresUnixTimestamp?: number;
+};
+type ParsedInsertRulesGroup = InsertRulesGroup & {
+    userScopes: UserScope[];
+};
+type ParsedInsertRuleGroups = ParsedInsertRulesGroup[];
+type InsertRulesSchema = ZodType<InsertRulesGroup[]>;
+export declare class InsertRulesEndpoint implements ApiEndpoint<InsertRulesSchema> {
+    private readonly accessRulesWriter;
+    private readonly logger;
+    constructor(accessRulesWriter: AccessRulesWriter, logger: Logger);
+    getRequestArgsSchema(): InsertRulesSchema;
+    processRequest(args: ParsedInsertRuleGroups): Promise<ApiEndpointResponse>;
+    protected createRuleGroups(groups: ParsedInsertRuleGroups): Promise<string[]>;
+    protected createRulesGroup(group: ParsedInsertRulesGroup): Promise<string[]>;
+}
+export {};
+//# sourceMappingURL=insertRules.d.ts.map

package/dist/api/write/insertRules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"insertRules.d.ts","sourceRoot":"","sources":["../../../src/api/write/insertRules.ts"],"names":[],"mappings":"AAcA,OAAO,EACN,KAAK,WAAW,EAChB,KAAK,mBAAmB,EAExB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAA0B,KAAK,MAAM,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,KAAK,OAAO,EAAK,MAAM,KAAK,CAAC;AACtC,OAAO,KAAK,EACX,YAAY,EAEZ,WAAW,EACX,SAAS,EACT,MAAM,iBAAiB,CAAC;AAKzB,OAAO,EACN,KAAK,cAAc,EAEnB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,KAAK,EAEX,iBAAiB,EACjB,MAAM,yBAAyB,CAAC;AAEjC,MAAM,MAAM,gBAAgB,GAAG;IAC9B,YAAY,EAAE,YAAY,CAAC;IAC3B,UAAU,EAAE,cAAc,EAAE,CAAC;IAG7B,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC9B,CAAC;AAEF,KAAK,sBAAsB,GAAG,gBAAgB,GAAG;IAChD,UAAU,EAAE,SAAS,EAAE,CAAC;CACxB,CAAC;AAEF,KAAK,sBAAsB,GAAG,sBAAsB,EAAE,CAAC;AAEvD,KAAK,iBAAiB,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;AAErD,qBAAa,mBAAoB,YAAW,WAAW,CAAC,iBAAiB,CAAC;IAExE,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM;gBADN,iBAAiB,EAAE,iBAAiB,EACpC,MAAM,EAAE,MAAM;IAGzB,oBAAoB,IAAI,iBAAiB;IAY1C,cAAc,CACnB,IAAI,EAAE,sBAAsB,GAC1B,OAAO,CAAC,mBAAmB,CAAC;cAsDf,gBAAgB,CAC/B,MAAM,EAAE,sBAAsB,GAC5B,OAAO,CAAC,MAAM,EAAE,CAAC;cAQJ,gBAAgB,CAC/B,KAAK,EAAE,sBAAsB,GAC3B,OAAO,CAAC,MAAM,EAAE,CAAC;CA8BpB"}

package/dist/api/write/insertRules.js

@@ -0,0 +1,102 @@
+import { ApiEndpointResponseStatus } from "@prosopo/api-route";
+import { LogLevel } from "@prosopo/common";
+import { z } from "zod";
+import { policyScopeInput, accessPolicyInput } from "../../ruleInput/policyInput.js";
+import { userScopeInput } from "../../ruleInput/userScopeInput.js";
+class InsertRulesEndpoint {
+  constructor(accessRulesWriter, logger) {
+    this.accessRulesWriter = accessRulesWriter;
+    this.logger = logger;
+  }
+  getRequestArgsSchema() {
+    return z.array(
+      z.object({
+        accessPolicy: accessPolicyInput,
+        policyScopes: z.array(policyScopeInput).optional(),
+        groupId: z.string().optional(),
+        userScopes: z.array(userScopeInput),
+        expiresUnixTimestamp: z.number().optional()
+      })
+    );
+  }
+  async processRequest(args) {
+    const timeoutPromise = new Promise((resolve) => {
+      setTimeout(() => {
+        resolve({
+          status: ApiEndpointResponseStatus.PROCESSING
+        });
+      }, 5e3);
+    });
+    const userScopesCount = args.reduce(
+      (userScopesCount2, group) => userScopesCount2 + group.userScopes.length,
+      0
+    );
+    const createRulesPromise = this.createRuleGroups(args).then((insertedIds) => {
+      this.logger.info(() => ({
+        msg: "Endpoint inserted access rules",
+        data: {
+          userScopesCount,
+          insertedCount: insertedIds.length,
+          uniqueIdsCount: new Set(insertedIds).size
+        }
+      }));
+      this.logger.debug(() => ({
+        msg: "Inserted access rules details",
+        data: {
+          insertedIds,
+          input: args
+        }
+      }));
+      return {
+        status: ApiEndpointResponseStatus.SUCCESS
+      };
+    }).catch((error) => {
+      if (LogLevel.enum.debug === this.logger.getLogLevel()) {
+        this.logger.error(() => ({
+          err: error,
+          data: { args },
+          msg: "Failed to insert access rules"
+        }));
+      }
+      return {
+        status: ApiEndpointResponseStatus.FAIL
+      };
+    });
+    return Promise.race([timeoutPromise, createRulesPromise]);
+  }
+  async createRuleGroups(groups) {
+    const ruleIdPromises = groups.map((group) => this.createRulesGroup(group));
+    const ruleIdSets = await Promise.all(ruleIdPromises);
+    return ruleIdSets.flat();
+  }
+  async createRulesGroup(group) {
+    const ruleEntries = [];
+    const policyScopes = group.policyScopes || [];
+    for (const userScope of group.userScopes) {
+      const ruleBase = {
+        ...group.accessPolicy,
+        ...userScope,
+        ...group.groupId ? { groupId: group.groupId } : {}
+      };
+      if (policyScopes.length > 0) {
+        for (const policyScope of policyScopes) {
+          ruleEntries.push({
+            rule: {
+              ...ruleBase,
+              ...policyScope
+            }
+          });
+        }
+      } else {
+        ruleEntries.push({
+          rule: ruleBase,
+          expiresUnixTimestamp: group.expiresUnixTimestamp
+        });
+      }
+    }
+    return this.accessRulesWriter.insertRules(ruleEntries);
+  }
+}
+export {
+  InsertRulesEndpoint
+};

package/dist/api/write/insertRules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"insertRules.js","sourceRoot":"","sources":["../../../src/api/write/insertRules.ts"],"names":[],"mappings":"AAcA,OAAO,EAGN,yBAAyB,GACzB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAgB,QAAQ,EAAe,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAgB,CAAC,EAAE,MAAM,KAAK,CAAC;AAOtC,OAAO,EACN,iBAAiB,EACjB,gBAAgB,GAChB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAEN,cAAc,GACd,MAAM,qCAAqC,CAAC;AAwB7C,MAAM,OAAO,mBAAmB;IAC/B,YACkB,iBAAoC,EACpC,MAAc;QADd,sBAAiB,GAAjB,iBAAiB,CAAmB;QACpC,WAAM,GAAN,MAAM,CAAQ;IAC7B,CAAC;IAEG,oBAAoB;QAC1B,OAAO,CAAC,CAAC,KAAK,CACb,CAAC,CAAC,MAAM,CAAC;YACR,YAAY,EAAE,iBAAiB;YAC/B,YAAY,EAAE,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,QAAQ,EAAE;YAClD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC9B,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC;YACnC,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SACP,CAAC,CACtC,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CACnB,IAA4B;QAE5B,MAAM,cAAc,GAAG,IAAI,OAAO,CAAsB,CAAC,OAAO,EAAE,EAAE;YACnE,UAAU,CAAC,GAAG,EAAE;gBACf,OAAO,CAAC;oBACP,MAAM,EAAE,yBAAyB,CAAC,UAAU;iBAC5C,CAAC,CAAC;YACJ,CAAC,EAAE,IAAI,CAAC,CAAC;QACV,CAAC,CAAC,CAAC;QAEH,MAAM,eAAe,GAAG,IAAI,CAAC,MAAM,CAClC,CAAC,eAAe,EAAE,KAAK,EAAE,EAAE,CAAC,eAAe,GAAG,KAAK,CAAC,UAAU,CAAC,MAAM,EACrE,CAAC,CACD,CAAC;QAEF,MAAM,kBAAkB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC;aACpD,IAAI,CAAC,CAAC,WAAW,EAAE,EAAE;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,gCAAgC;gBACrC,IAAI,EAAE;oBACL,eAAe,EAAE,eAAe;oBAChC,aAAa,EAAE,WAAW,CAAC,MAAM;oBACjC,cAAc,EAAE,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI;iBACzC;aACD,CAAC,CAAC,CAAC;YAEJ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;gBACxB,GAAG,EAAE,+BAA+B;gBACpC,IAAI,EAAE;oBACL,WAAW;oBACX,KAAK,EAAE,IAAI;iBACX;aACD,CAAC,CAAC,CAAC;YAEJ,OAAO;gBACN,MAAM,EAAE,yBAAyB,CAAC,OAAO;aACzC,CAAC;QACH,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAChB,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;oBACxB,GAAG,EAAE,KAAK;oBACV,IAAI,EAAE,EAAE,IAAI,EAAE;oBACd,GAAG,EAAE,+BAA+B;iBACpC,CAAC,CAAC,CAAC;YACL,CAAC;YACD,OAAO;gBACN,MAAM,EAAE,yBAAyB,CAAC,IAAI;aACtC,CAAC;QACH,CAAC,CAAC,CAAC;QAGJ,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAC;IAC3D,CAAC;IAES,KAAK,CAAC,gBAAgB,CAC/B,MAA8B;QAE9B,MAAM,cAAc,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;QAE3E,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAErD,OAAO,UAAU,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;IAES,KAAK,CAAC,gBAAgB,CAC/B,KAA6B;QAE7B,MAAM,WAAW,GAAsB,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,EAAE,CAAC;QAE9C,KAAK,MAAM,SAAS,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YAC1C,MAAM,QAAQ,GAAe;gBAC5B,GAAG,KAAK,CAAC,YAAY;gBACrB,GAAG,SAAS;gBACZ,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACpD,CAAC;YAEF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;oBACxC,WAAW,CAAC,IAAI,CAAC;wBAChB,IAAI,EAAE;4BACL,GAAG,QAAQ;4BACX,GAAG,WAAW;yBACd;qBACD,CAAC,CAAC;gBACJ,CAAC;YACF,CAAC;iBAAM,CAAC;gBACP,WAAW,CAAC,IAAI,CAAC;oBAChB,IAAI,EAAE,QAAQ;oBACd,oBAAoB,EAAE,KAAK,CAAC,oBAAoB;iBAChD,CAAC,CAAC;YACJ,CAAC;QACF,CAAC;QAED,OAAO,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IACxD,CAAC;CACD"}

package/dist/api/write/rehashRules.d.ts

@@ -0,0 +1,11 @@
+import { type ApiEndpoint, type ApiEndpointResponse } from "@prosopo/api-route";
+import type { Logger } from "@prosopo/common";
+import type { AccessRulesStorage } from "#policy/rulesStorage.js";
+export declare class RehashRulesEndpoint implements ApiEndpoint<undefined> {
+    private readonly accessRulesStorage;
+    private readonly logger;
+    constructor(accessRulesStorage: AccessRulesStorage, logger: Logger);
+    getRequestArgsSchema(): undefined;
+    processRequest(): Promise<ApiEndpointResponse>;
+}
+//# sourceMappingURL=rehashRules.d.ts.map

package/dist/api/write/rehashRules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rehashRules.d.ts","sourceRoot":"","sources":["../../../src/api/write/rehashRules.ts"],"names":[],"mappings":"AAcA,OAAO,EACN,KAAK,WAAW,EAChB,KAAK,mBAAmB,EAExB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAElE,qBAAa,mBAAoB,YAAW,WAAW,CAAC,SAAS,CAAC;IAEhE,OAAO,CAAC,QAAQ,CAAC,kBAAkB;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM;gBADN,kBAAkB,EAAE,kBAAkB,EACtC,MAAM,EAAE,MAAM;IAGzB,oBAAoB,IAAI,SAAS;IAElC,cAAc,IAAI,OAAO,CAAC,mBAAmB,CAAC;CAqDpD"}

package/dist/api/write/rehashRules.js

@@ -0,0 +1,57 @@
+import { ApiEndpointResponseStatus } from "@prosopo/api-route";
+class RehashRulesEndpoint {
+  constructor(accessRulesStorage, logger) {
+    this.accessRulesStorage = accessRulesStorage;
+    this.logger = logger;
+  }
+  getRequestArgsSchema() {
+  }
+  async processRequest() {
+    await this.accessRulesStorage.fetchAllRuleIds(async (ruleIds) => {
+      this.logger.info(() => ({
+        msg: "Fetched rule ids batch",
+        data: {
+          count: ruleIds.length,
+          ruleIds
+        }
+      }));
+      const ruleEntries = await this.accessRulesStorage.fetchRules(ruleIds);
+      this.logger.info(() => ({
+        msg: "Fetched rules",
+        data: {
+          count: ruleEntries.length
+        }
+      }));
+      if (ruleEntries.length !== ruleIds.length) {
+        this.logger.warn(() => ({
+          msg: "Fetched rules count is not equal to the requested count",
+          data: {
+            fetchedCount: ruleEntries.length,
+            requestedCount: ruleIds.length
+          }
+        }));
+      }
+      await this.accessRulesStorage.deleteRules(ruleIds);
+      this.logger.info(() => ({
+        msg: "Deleted rules",
+        data: {
+          count: ruleIds.length
+        }
+      }));
+      await this.accessRulesStorage.insertRules(ruleEntries);
+      this.logger.info(() => ({
+        msg: "Inserted rules",
+        data: {
+          count: ruleEntries.length
+        }
+      }));
+    });
+    return {
+      status: ApiEndpointResponseStatus.SUCCESS,
+      data: {}
+    };
+  }
+}
+export {
+  RehashRulesEndpoint
+};

package/dist/api/write/rehashRules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rehashRules.js","sourceRoot":"","sources":["../../../src/api/write/rehashRules.ts"],"names":[],"mappings":"AAcA,OAAO,EAGN,yBAAyB,GACzB,MAAM,oBAAoB,CAAC;AAI5B,MAAM,OAAO,mBAAmB;IAC/B,YACkB,kBAAsC,EACtC,MAAc;QADd,uBAAkB,GAAlB,kBAAkB,CAAoB;QACtC,WAAM,GAAN,MAAM,CAAQ;IAC7B,CAAC;IAEG,oBAAoB,KAAe,CAAC;IAE3C,KAAK,CAAC,cAAc;QACnB,MAAM,IAAI,CAAC,kBAAkB,CAAC,eAAe,CAAC,KAAK,EAAE,OAAiB,EAAE,EAAE;YACzE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,wBAAwB;gBAC7B,IAAI,EAAE;oBACL,KAAK,EAAE,OAAO,CAAC,MAAM;oBACrB,OAAO;iBACP;aACD,CAAC,CAAC,CAAC;YAEJ,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAEtE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,eAAe;gBACpB,IAAI,EAAE;oBACL,KAAK,EAAE,WAAW,CAAC,MAAM;iBACzB;aACD,CAAC,CAAC,CAAC;YAEJ,IAAI,WAAW,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC;gBAC3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;oBACvB,GAAG,EAAE,yDAAyD;oBAC9D,IAAI,EAAE;wBACL,YAAY,EAAE,WAAW,CAAC,MAAM;wBAChC,cAAc,EAAE,OAAO,CAAC,MAAM;qBAC9B;iBACD,CAAC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,eAAe;gBACpB,IAAI,EAAE;oBACL,KAAK,EAAE,OAAO,CAAC,MAAM;iBACrB;aACD,CAAC,CAAC,CAAC;YAEJ,MAAM,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YAEvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBACvB,GAAG,EAAE,gBAAgB;gBACrB,IAAI,EAAE;oBACL,KAAK,EAAE,WAAW,CAAC,MAAM;iBACzB;aACD,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO;YACN,MAAM,EAAE,yBAAyB,CAAC,OAAO;YACzC,IAAI,EAAE,EAAE;SACR,CAAC;IACH,CAAC;CACD"}

package/dist/cjs/.export.cjs

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+require("./ruleInput/.export.cjs");
+const transformRule = require("./transformRule.cjs");
+const rule = require("./rule.cjs");
+const rulesStorage = require("./rulesStorage.cjs");
+const ruleRecord = require("./ruleRecord.cjs");
+const ruleInput = require("./ruleInput/ruleInput.cjs");
+const policyInput = require("./ruleInput/policyInput.cjs");
+const userScopeInput = require("./ruleInput/userScopeInput.cjs");
+exports.makeAccessRuleHash = transformRule.makeAccessRuleHash;
+exports.transformAccessRuleIntoRecord = transformRule.transformAccessRuleIntoRecord;
+exports.transformAccessRuleRecordIntoRule = transformRule.transformAccessRuleRecordIntoRule;
+exports.AccessPolicyType = rule.AccessPolicyType;
+exports.FilterScopeMatch = rulesStorage.FilterScopeMatch;
+exports.getUserScopeRecordFromAccessRuleRecord = ruleRecord.getUserScopeRecordFromAccessRuleRecord;
+exports.userScopeRecordFields = ruleRecord.userScopeRecordFields;
+exports.accessRuleInput = ruleInput.accessRuleInput;
+exports.accessPolicyInput = policyInput.accessPolicyInput;
+exports.policyScopeInput = policyInput.policyScopeInput;
+exports.userScopeInput = userScopeInput.userScopeInput;

package/dist/cjs/api/.export.cjs

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+require("./delete/.export.cjs");
+require("./read/.export.cjs");
+require("./write/.export.cjs");
+const ruleApiRoutes = require("./ruleApiRoutes.cjs");
+const rulesApiClient = require("./rulesApiClient.cjs");
+exports.AccessRuleApiRoutes = ruleApiRoutes.AccessRuleApiRoutes;
+exports.accessRuleApiPaths = ruleApiRoutes.accessRuleApiPaths;
+exports.getExpressApiRuleRateLimits = ruleApiRoutes.getExpressApiRuleRateLimits;
+exports.AccessRulesApiClient = rulesApiClient.AccessRulesApiClient;

package/dist/cjs/api/delete/.export.cjs

@@ -0,0 +1 @@
+"use strict";

package/dist/cjs/api/delete/deleteAllRules.cjs

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const apiRoute = require("@prosopo/api-route");
+class DeleteAllRulesEndpoint {
+  constructor(accessRulesStorage, logger) {
+    this.accessRulesStorage = accessRulesStorage;
+    this.logger = logger;
+  }
+  getRequestArgsSchema() {
+  }
+  async processRequest() {
+    const deletedCount = await this.accessRulesStorage.deleteAllRules();
+    this.logger.info(() => ({
+      msg: "Endpoint deleted all access rules",
+      data: { deletedCount }
+    }));
+    return {
+      status: apiRoute.ApiEndpointResponseStatus.SUCCESS,
+      data: {
+        deleted_count: deletedCount
+      }
+    };
+  }
+}
+exports.DeleteAllRulesEndpoint = DeleteAllRulesEndpoint;

package/dist/cjs/api/delete/deleteRuleGroups.cjs

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const apiRoute = require("@prosopo/api-route");
+const zod = require("zod");
+const rulesStorage = require("../../rulesStorage.cjs");
+class DeleteRuleGroupsEndpoint {
+  constructor(accessRulesStorage, logger) {
+    this.accessRulesStorage = accessRulesStorage;
+    this.logger = logger;
+  }
+  getRequestArgsSchema() {
+    return zod.z.array(
+      zod.z.object({
+        clientIds: zod.z.string().array(),
+        groupId: zod.z.string()
+      })
+    );
+  }
+  async processRequest(args) {
+    const foundRuleIdPromises = args.flatMap(
+      (ruleToDelete) => ruleToDelete.clientIds.map(
+        (clientId) => this.accessRulesStorage.findRuleIds({
+          policyScope: {
+            clientId
+          },
+          policyScopeMatch: rulesStorage.FilterScopeMatch.Exact,
+          groupId: ruleToDelete.groupId
+        })
+      )
+    );
+    const foundRuleIds = await Promise.all(foundRuleIdPromises);
+    const ruleIds = foundRuleIds.flat();
+    const uniqueRuleIds = [...new Set(ruleIds)];
+    if (uniqueRuleIds.length > 0) {
+      await this.accessRulesStorage.deleteRules(uniqueRuleIds);
+    }
+    this.logger.info(() => ({
+      msg: "Endpoint deleted rule groups",
+      data: {
+        args,
+        uniqueRuleIds
+      }
+    }));
+    return {
+      status: apiRoute.ApiEndpointResponseStatus.SUCCESS,
+      data: {
+        deleted_count: uniqueRuleIds.length
+      }
+    };
+  }
+}
+exports.DeleteRuleGroupsEndpoint = DeleteRuleGroupsEndpoint;