@restorecommerce/acs-client 0.6.36 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +38 -0
- package/cfg/config.json +4 -70
- package/lib/acs/authz.d.ts +9 -7
- package/lib/acs/authz.js +60 -36
- package/lib/acs/authz.js.map +1 -1
- package/lib/acs/interfaces.d.ts +13 -75
- package/lib/acs/interfaces.js +1 -41
- package/lib/acs/interfaces.js.map +1 -1
- package/lib/acs/resolver.d.ts +9 -11
- package/lib/acs/resolver.js +52 -41
- package/lib/acs/resolver.js.map +1 -1
- package/lib/utils.d.ts +6 -4
- package/lib/utils.js +26 -24
- package/lib/utils.js.map +1 -1
- package/package.json +9 -7
- package/tsconfig.test.json +1 -2
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,44 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
## [1.0.1](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@1.0.0...@restorecommerce/acs-client@1.0.1) (2022-08-25)
|
|
7
|
+
|
|
8
|
+
**Note:** Version bump only for package @restorecommerce/acs-client
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
# [1.0.0](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@0.6.37...@restorecommerce/acs-client@1.0.0) (2022-08-25)
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
### Features
|
|
18
|
+
|
|
19
|
+
* move to fully typed grpc client and server ([ec9be2d](https://github.com/restorecommerce/libs/commit/ec9be2daff0823e9ba440a2845b7b1a7f2d74b50))
|
|
20
|
+
* move to fully typed grpc client and server ([aeee2f2](https://github.com/restorecommerce/libs/commit/aeee2f2b7ca470223d7bc42fd7cafd4bb8387796))
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
### Reverts
|
|
24
|
+
|
|
25
|
+
* Revert "BREAKING CHANGE: move to fully typed grpc client and server" ([2d584a7](https://github.com/restorecommerce/libs/commit/2d584a709632ae608f595a2c836deabd34f671d9))
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
### BREAKING CHANGES
|
|
29
|
+
|
|
30
|
+
* move to fully typed grpc client and server
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
## [0.6.37](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@0.6.36...@restorecommerce/acs-client@0.6.37) (2022-08-10)
|
|
37
|
+
|
|
38
|
+
**Note:** Version bump only for package @restorecommerce/acs-client
|
|
39
|
+
|
|
40
|
+
|
|
41
|
+
|
|
42
|
+
|
|
43
|
+
|
|
6
44
|
## [0.6.36](https://github.com/restorecommerce/libs/compare/@restorecommerce/acs-client@0.6.35...@restorecommerce/acs-client@0.6.36) (2022-07-07)
|
|
7
45
|
|
|
8
46
|
**Note:** Version bump only for package @restorecommerce/acs-client
|
package/cfg/config.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"logger": {
|
|
3
3
|
"console": {
|
|
4
4
|
"handleExceptions": false,
|
|
5
|
-
"level": "
|
|
5
|
+
"level": "silly",
|
|
6
6
|
"colorize": true,
|
|
7
7
|
"prettyPrint": true
|
|
8
8
|
}
|
|
@@ -28,66 +28,30 @@
|
|
|
28
28
|
]
|
|
29
29
|
},
|
|
30
30
|
"policy_setCreated": {
|
|
31
|
-
"protos": [
|
|
32
|
-
"io/restorecommerce/policy_set.proto"
|
|
33
|
-
],
|
|
34
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
35
31
|
"messageObject": "io.restorecommerce.policy_set.PolicySet"
|
|
36
32
|
},
|
|
37
33
|
"policy_setModified": {
|
|
38
|
-
"protos": [
|
|
39
|
-
"io/restorecommerce/policy_set.proto"
|
|
40
|
-
],
|
|
41
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
42
34
|
"messageObject": "io.restorecommerce.policy_set.PolicySet"
|
|
43
35
|
},
|
|
44
36
|
"policy_setDeleted": {
|
|
45
|
-
"protos": [
|
|
46
|
-
"io/restorecommerce/policy_set.proto"
|
|
47
|
-
],
|
|
48
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
49
37
|
"messageObject": "io.restorecommerce.policy_set.PolicySet"
|
|
50
38
|
},
|
|
51
39
|
"policyCreated": {
|
|
52
|
-
"protos": [
|
|
53
|
-
"io/restorecommerce/policy.proto"
|
|
54
|
-
],
|
|
55
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
56
40
|
"messageObject": "io.restorecommerce.policy.Policy"
|
|
57
41
|
},
|
|
58
42
|
"policyModified": {
|
|
59
|
-
"protos": [
|
|
60
|
-
"io/restorecommerce/policy.proto"
|
|
61
|
-
],
|
|
62
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
63
43
|
"messageObject": "io.restorecommerce.policy.Policy"
|
|
64
44
|
},
|
|
65
45
|
"policyDeleted": {
|
|
66
|
-
"protos": [
|
|
67
|
-
"io/restorecommerce/policy.proto"
|
|
68
|
-
],
|
|
69
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
70
46
|
"messageObject": "io.restorecommerce.policy.Policy"
|
|
71
47
|
},
|
|
72
48
|
"ruleCreated": {
|
|
73
|
-
"protos": [
|
|
74
|
-
"io/restorecommerce/rule.proto"
|
|
75
|
-
],
|
|
76
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
77
49
|
"messageObject": "io.restorecommerce.rule.Rule"
|
|
78
50
|
},
|
|
79
51
|
"ruleModified": {
|
|
80
|
-
"protos": [
|
|
81
|
-
"io/restorecommerce/rule.proto"
|
|
82
|
-
],
|
|
83
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
84
52
|
"messageObject": "io.restorecommerce.rule.Rule"
|
|
85
53
|
},
|
|
86
54
|
"ruleDeleted": {
|
|
87
|
-
"protos": [
|
|
88
|
-
"io/restorecommerce/rule.proto"
|
|
89
|
-
],
|
|
90
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
91
55
|
"messageObject": "io.restorecommerce.rule.Rule"
|
|
92
56
|
},
|
|
93
57
|
"evictACSCache": {
|
|
@@ -120,43 +84,13 @@
|
|
|
120
84
|
},
|
|
121
85
|
"client": {
|
|
122
86
|
"acs-srv": {
|
|
123
|
-
"address": "localhost:50061"
|
|
124
|
-
"proto": {
|
|
125
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
126
|
-
"protoPath": "io/restorecommerce/access_control.proto",
|
|
127
|
-
"services": {
|
|
128
|
-
"acs-srv": {
|
|
129
|
-
"packageName": "io.restorecommerce.access_control",
|
|
130
|
-
"serviceName": "Service"
|
|
131
|
-
}
|
|
132
|
-
}
|
|
133
|
-
}
|
|
87
|
+
"address": "localhost:50061"
|
|
134
88
|
},
|
|
135
89
|
"user": {
|
|
136
|
-
"address": "localhost:50051"
|
|
137
|
-
"proto": {
|
|
138
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
139
|
-
"protoPath": "io/restorecommerce/user.proto",
|
|
140
|
-
"services": {
|
|
141
|
-
"user": {
|
|
142
|
-
"packageName": "io.restorecommerce.user",
|
|
143
|
-
"serviceName": "Service"
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
}
|
|
90
|
+
"address": "localhost:50051"
|
|
147
91
|
},
|
|
148
92
|
"graph-srv": {
|
|
149
|
-
"address": "localhost:50053"
|
|
150
|
-
"proto": {
|
|
151
|
-
"protoRoot": "node_modules/@restorecommerce/protos/",
|
|
152
|
-
"protoPath": "io/restorecommerce/graph.proto",
|
|
153
|
-
"services": {
|
|
154
|
-
"graph": {
|
|
155
|
-
"packageName": "io.restorecommerce.graph",
|
|
156
|
-
"serviceName": "Service"
|
|
157
|
-
}
|
|
158
|
-
}
|
|
159
|
-
}
|
|
93
|
+
"address": "localhost:50053"
|
|
160
94
|
}
|
|
161
95
|
},
|
|
162
96
|
"authorization": {
|
package/lib/acs/authz.d.ts
CHANGED
|
@@ -1,17 +1,20 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { ACSClientContext, AuthZAction, AuthZContext, AuthZTarget, AuthZWhatIsAllowedTarget, DecisionResponse, IAuthZ, NoAuthTarget, NoAuthWhatIsAllowedTarget, PolicySetRQResponse, Request, Resource } from './interfaces';
|
|
2
|
+
import { ServiceClient } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control';
|
|
3
|
+
import { Attribute } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/attribute';
|
|
4
|
+
import { Subject, DeepPartial } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/auth';
|
|
2
5
|
export declare type Authorizer = ACSAuthZ;
|
|
3
6
|
export declare let authZ: Authorizer;
|
|
4
7
|
export declare const createActionTarget: (action: any) => Attribute[];
|
|
5
|
-
export declare const createSubjectTarget: (subject: Subject) => Attribute[];
|
|
8
|
+
export declare const createSubjectTarget: (subject: DeepPartial<Subject>) => Attribute[];
|
|
6
9
|
export declare const formatResourceType: (type: string, namespacePrefix?: string) => string;
|
|
7
10
|
export declare const createResourceTarget: (resource: Resource[], action: AuthZAction) => Attribute[];
|
|
8
11
|
export declare class UnAuthZ implements IAuthZ {
|
|
9
|
-
acs:
|
|
12
|
+
acs: ServiceClient;
|
|
10
13
|
/**
|
|
11
14
|
*
|
|
12
15
|
* @param acs Access Control Service definition (gRPC)
|
|
13
16
|
*/
|
|
14
|
-
constructor(acs:
|
|
17
|
+
constructor(acs: ServiceClient);
|
|
15
18
|
private encode;
|
|
16
19
|
isAllowed(request: Request<NoAuthTarget, AuthZContext>, ctx: ACSClientContext, useCache: boolean): Promise<DecisionResponse>;
|
|
17
20
|
whatIsAllowed(request: Request<NoAuthWhatIsAllowedTarget, AuthZContext>, ctx: ACSClientContext, useCache: boolean): Promise<PolicySetRQResponse>;
|
|
@@ -20,13 +23,12 @@ export declare class UnAuthZ implements IAuthZ {
|
|
|
20
23
|
* General authorizer. Marshalls data and requests access to the Access Control Service (ACS).
|
|
21
24
|
*/
|
|
22
25
|
export declare class ACSAuthZ implements IAuthZ {
|
|
23
|
-
acs:
|
|
24
|
-
ids: any;
|
|
26
|
+
acs: ServiceClient;
|
|
25
27
|
/**
|
|
26
28
|
*
|
|
27
29
|
* @param acs Access Control Service definition (gRPC)
|
|
28
30
|
*/
|
|
29
|
-
constructor(acs:
|
|
31
|
+
constructor(acs: ServiceClient, ids?: any);
|
|
30
32
|
/**
|
|
31
33
|
* Perform request to access-control-srv
|
|
32
34
|
* @param request - authZRequest containing subject, resources and action
|
package/lib/acs/authz.js
CHANGED
|
@@ -35,6 +35,12 @@ const logger_1 = __importDefault(require("../logger"));
|
|
|
35
35
|
const cache_1 = require("./cache");
|
|
36
36
|
const kafka_client_1 = require("@restorecommerce/kafka-client");
|
|
37
37
|
const utils_1 = require("../utils");
|
|
38
|
+
const access_control_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control");
|
|
39
|
+
const access_control_2 = require("@restorecommerce/rc-grpc-clients/dist/generated/io/restorecommerce/access_control");
|
|
40
|
+
const rule_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/rule");
|
|
41
|
+
const policy_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy");
|
|
42
|
+
const policy_set_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy_set");
|
|
43
|
+
(0, kafka_client_1.registerProtoMeta)(rule_1.protoMetadata, policy_1.protoMetadata, policy_set_1.protoMetadata);
|
|
38
44
|
const urns = config_1.cfg.get('authorization:urns');
|
|
39
45
|
const createActionTarget = (action) => {
|
|
40
46
|
if (_.isArray(action)) {
|
|
@@ -51,7 +57,8 @@ const createActionTarget = (action) => {
|
|
|
51
57
|
else {
|
|
52
58
|
return [{
|
|
53
59
|
id: urns.actionID,
|
|
54
|
-
value: urns.action + `:${action.valueOf().toLowerCase()}
|
|
60
|
+
value: urns.action + `:${action.valueOf().toLowerCase()}`,
|
|
61
|
+
attribute: []
|
|
55
62
|
}];
|
|
56
63
|
}
|
|
57
64
|
};
|
|
@@ -60,27 +67,30 @@ const createSubjectTarget = (subject) => {
|
|
|
60
67
|
if (subject.unauthenticated) {
|
|
61
68
|
return [{
|
|
62
69
|
id: urns.unauthenticated_user,
|
|
63
|
-
value: 'true'
|
|
70
|
+
value: 'true',
|
|
71
|
+
attribute: []
|
|
64
72
|
}];
|
|
65
73
|
}
|
|
66
74
|
let flattened = [
|
|
67
75
|
{
|
|
68
76
|
id: urns.subjectID,
|
|
69
|
-
value: subject.id
|
|
77
|
+
value: subject.id,
|
|
78
|
+
attribute: []
|
|
70
79
|
}
|
|
71
80
|
];
|
|
72
81
|
if (subject.scope) {
|
|
73
|
-
|
|
82
|
+
flattened = flattened.concat([
|
|
74
83
|
{
|
|
75
84
|
id: urns.roleScopingEntity,
|
|
76
|
-
value: urns.orgScope
|
|
85
|
+
value: urns.orgScope,
|
|
86
|
+
attribute: []
|
|
77
87
|
},
|
|
78
88
|
{
|
|
79
89
|
id: urns.roleScopingInstance,
|
|
80
|
-
value: subject.scope
|
|
90
|
+
value: subject.scope,
|
|
91
|
+
attribute: []
|
|
81
92
|
}
|
|
82
|
-
];
|
|
83
|
-
flattened = flattened.concat(attributes);
|
|
93
|
+
]);
|
|
84
94
|
}
|
|
85
95
|
return flattened;
|
|
86
96
|
};
|
|
@@ -122,21 +132,24 @@ const createResourceTarget = (resource, action) => {
|
|
|
122
132
|
if (resourceType) {
|
|
123
133
|
flattened.push({
|
|
124
134
|
id: urns.entity,
|
|
125
|
-
value: urns.model + `:${resourceType}
|
|
135
|
+
value: urns.model + `:${resourceType}`,
|
|
136
|
+
attribute: []
|
|
126
137
|
});
|
|
127
138
|
}
|
|
128
139
|
// resource-id - urn:oasis:names:tc:xacml:1.0:resource:resource-id
|
|
129
140
|
if (resourceInstance && typeof resourceInstance === 'string') {
|
|
130
141
|
flattened.push({
|
|
131
142
|
id: urns.resourceID,
|
|
132
|
-
value: resourceInstance
|
|
143
|
+
value: resourceInstance,
|
|
144
|
+
attribute: []
|
|
133
145
|
});
|
|
134
146
|
}
|
|
135
147
|
else if (resourceInstance && _.isArray(resourceInstance) && resourceInstance.length > 0) {
|
|
136
148
|
resourceInstance.forEach((instance) => {
|
|
137
149
|
flattened.push({
|
|
138
150
|
id: urns.resourceID,
|
|
139
|
-
value: instance
|
|
151
|
+
value: instance,
|
|
152
|
+
attribute: []
|
|
140
153
|
});
|
|
141
154
|
});
|
|
142
155
|
}
|
|
@@ -145,7 +158,8 @@ const createResourceTarget = (resource, action) => {
|
|
|
145
158
|
resourceProperty.forEach((property) => {
|
|
146
159
|
flattened.push({
|
|
147
160
|
id: urns.property,
|
|
148
|
-
value: urns.model + `:${resourceType}#${property}
|
|
161
|
+
value: urns.model + `:${resourceType}#${property}`,
|
|
162
|
+
attribute: []
|
|
149
163
|
});
|
|
150
164
|
});
|
|
151
165
|
}
|
|
@@ -153,7 +167,8 @@ const createResourceTarget = (resource, action) => {
|
|
|
153
167
|
else {
|
|
154
168
|
flattened.push({
|
|
155
169
|
id: urns.operation,
|
|
156
|
-
value: resourceObj.resource
|
|
170
|
+
value: resourceObj.resource,
|
|
171
|
+
attribute: []
|
|
157
172
|
});
|
|
158
173
|
}
|
|
159
174
|
});
|
|
@@ -194,9 +209,14 @@ class UnAuthZ {
|
|
|
194
209
|
};
|
|
195
210
|
let response;
|
|
196
211
|
try {
|
|
197
|
-
|
|
212
|
+
const isAllowed = await (0, cache_1.getOrFill)(authZRequest, async (req) => {
|
|
198
213
|
return await this.acs.isAllowed(authZRequest);
|
|
199
214
|
}, useCache, 'UnAuthZ:isAllowed');
|
|
215
|
+
response = {
|
|
216
|
+
decision: isAllowed.decision,
|
|
217
|
+
obligation: (0, utils_1.mapResourceURNObligationProperties)(isAllowed.obligation),
|
|
218
|
+
operation_status: isAllowed.operation_status
|
|
219
|
+
};
|
|
200
220
|
}
|
|
201
221
|
catch (err) {
|
|
202
222
|
logger_1.default.error('Error invoking access-control-srv isAllowed operation', { code: err.code, message: err.message, stack: err.stack });
|
|
@@ -204,7 +224,7 @@ class UnAuthZ {
|
|
|
204
224
|
err.code = 500;
|
|
205
225
|
}
|
|
206
226
|
response = {
|
|
207
|
-
decision:
|
|
227
|
+
decision: access_control_2.Response_Decision.DENY,
|
|
208
228
|
operation_status: {
|
|
209
229
|
code: err.code,
|
|
210
230
|
message: err.message
|
|
@@ -214,9 +234,6 @@ class UnAuthZ {
|
|
|
214
234
|
if (_.isEmpty(response)) {
|
|
215
235
|
logger_1.default.error('Unexpected empty response from ACS');
|
|
216
236
|
}
|
|
217
|
-
if (response.obligation && response.obligation.length > 0) {
|
|
218
|
-
response.obligation = (0, utils_1.mapResourceURNObligationProperties)(response.obligation);
|
|
219
|
-
}
|
|
220
237
|
return response;
|
|
221
238
|
}
|
|
222
239
|
async whatIsAllowed(request, ctx, useCache) {
|
|
@@ -233,9 +250,13 @@ class UnAuthZ {
|
|
|
233
250
|
};
|
|
234
251
|
let response;
|
|
235
252
|
try {
|
|
236
|
-
|
|
253
|
+
const whatIsAllowed = await (0, cache_1.getOrFill)(authZRequest, async (req) => {
|
|
237
254
|
return await this.acs.whatIsAllowed(authZRequest);
|
|
238
255
|
}, useCache, 'UnAuthZ:whatIsAllowed');
|
|
256
|
+
response = {
|
|
257
|
+
...whatIsAllowed,
|
|
258
|
+
obligation: (0, utils_1.mapResourceURNObligationProperties)(whatIsAllowed.obligation)
|
|
259
|
+
}; // TODO Decision?
|
|
239
260
|
}
|
|
240
261
|
catch (err) {
|
|
241
262
|
logger_1.default.error('Error invoking access-control-srv whatIsAllowed operation', { code: err.code, message: err.message, stack: err.stack });
|
|
@@ -243,7 +264,7 @@ class UnAuthZ {
|
|
|
243
264
|
err.code = 500;
|
|
244
265
|
}
|
|
245
266
|
response = {
|
|
246
|
-
decision:
|
|
267
|
+
decision: access_control_2.Response_Decision.DENY,
|
|
247
268
|
operation_status: {
|
|
248
269
|
code: err.code,
|
|
249
270
|
message: err.message
|
|
@@ -253,9 +274,6 @@ class UnAuthZ {
|
|
|
253
274
|
if (_.isEmpty(response)) {
|
|
254
275
|
logger_1.default.error('Unexpected empty response from ACS');
|
|
255
276
|
}
|
|
256
|
-
if (response.obligation && response.obligation.length > 0) {
|
|
257
|
-
response.obligation = (0, utils_1.mapResourceURNObligationProperties)(response.obligation);
|
|
258
|
-
}
|
|
259
277
|
return response;
|
|
260
278
|
}
|
|
261
279
|
}
|
|
@@ -299,9 +317,14 @@ class ACSAuthZ {
|
|
|
299
317
|
};
|
|
300
318
|
let response;
|
|
301
319
|
try {
|
|
302
|
-
|
|
320
|
+
const isAllowed = await (0, cache_1.getOrFill)(cacheKey, async (req) => {
|
|
303
321
|
return await this.acs.isAllowed(authZRequest);
|
|
304
322
|
}, useCache, cachePrefix + ':isAllowed');
|
|
323
|
+
response = {
|
|
324
|
+
decision: isAllowed.decision,
|
|
325
|
+
obligation: (0, utils_1.mapResourceURNObligationProperties)(isAllowed.obligation),
|
|
326
|
+
operation_status: isAllowed.operation_status
|
|
327
|
+
};
|
|
305
328
|
}
|
|
306
329
|
catch (err) {
|
|
307
330
|
logger_1.default.error('Error invoking access-control-srv isAllowed operation', { code: err.code, message: err.message, stack: err.stack });
|
|
@@ -309,7 +332,7 @@ class ACSAuthZ {
|
|
|
309
332
|
err.code = 500;
|
|
310
333
|
}
|
|
311
334
|
response = {
|
|
312
|
-
decision:
|
|
335
|
+
decision: access_control_2.Response_Decision.DENY,
|
|
313
336
|
operation_status: {
|
|
314
337
|
code: err.code,
|
|
315
338
|
message: err.message
|
|
@@ -319,9 +342,6 @@ class ACSAuthZ {
|
|
|
319
342
|
if (_.isEmpty(response)) {
|
|
320
343
|
logger_1.default.error('Unexpected empty response from ACS');
|
|
321
344
|
}
|
|
322
|
-
if (response.obligation && response.obligation.length > 0) {
|
|
323
|
-
response.obligation = (0, utils_1.mapResourceURNObligationProperties)(response.obligation);
|
|
324
|
-
}
|
|
325
345
|
return response;
|
|
326
346
|
}
|
|
327
347
|
/**
|
|
@@ -346,9 +366,13 @@ class ACSAuthZ {
|
|
|
346
366
|
authZRequest.context.resources = this.encode(ctx.resources);
|
|
347
367
|
let response;
|
|
348
368
|
try {
|
|
349
|
-
|
|
369
|
+
const whatIsAllowed = await (0, cache_1.getOrFill)(authZRequest, async (req) => {
|
|
350
370
|
return await this.acs.whatIsAllowed(authZRequest);
|
|
351
371
|
}, useCache, cachePrefix + ':whatIsAllowed');
|
|
372
|
+
response = {
|
|
373
|
+
...whatIsAllowed,
|
|
374
|
+
obligation: (0, utils_1.mapResourceURNObligationProperties)(whatIsAllowed.obligation)
|
|
375
|
+
}; // TODO Decision?
|
|
352
376
|
}
|
|
353
377
|
catch (err) {
|
|
354
378
|
logger_1.default.error('Error invoking access-control-srv whatIsAllowed operation', { code: err.code, message: err.message, stack: err.stack });
|
|
@@ -356,7 +380,7 @@ class ACSAuthZ {
|
|
|
356
380
|
err.code = 500;
|
|
357
381
|
}
|
|
358
382
|
response = {
|
|
359
|
-
decision:
|
|
383
|
+
decision: access_control_2.Response_Decision.DENY,
|
|
360
384
|
operation_status: {
|
|
361
385
|
code: err.code,
|
|
362
386
|
message: err.message
|
|
@@ -366,9 +390,6 @@ class ACSAuthZ {
|
|
|
366
390
|
if (_.isEmpty(response)) {
|
|
367
391
|
logger_1.default.error('Unexpected empty response from ACS');
|
|
368
392
|
}
|
|
369
|
-
if (response.obligation && response.obligation.length > 0) {
|
|
370
|
-
response.obligation = (0, utils_1.mapResourceURNObligationProperties)(response.obligation);
|
|
371
|
-
}
|
|
372
393
|
return response;
|
|
373
394
|
}
|
|
374
395
|
encode(object) {
|
|
@@ -425,9 +446,12 @@ const initAuthZ = async (config) => {
|
|
|
425
446
|
if (authzCfg.enabled) {
|
|
426
447
|
const grpcClientConfig = config_1.cfg.get('client');
|
|
427
448
|
const grpcACSConfig = grpcClientConfig['acs-srv'];
|
|
428
|
-
const
|
|
429
|
-
const
|
|
430
|
-
|
|
449
|
+
const channel = (0, grpc_client_1.createChannel)(grpcACSConfig.address);
|
|
450
|
+
const acsClient = (0, grpc_client_1.createClient)({
|
|
451
|
+
...grpcACSConfig,
|
|
452
|
+
logger: logger_1.default
|
|
453
|
+
}, access_control_1.ServiceDefinition, channel);
|
|
454
|
+
exports.authZ = new ACSAuthZ(acsClient);
|
|
431
455
|
// listeners for rules / policies / policySets modified, so as to
|
|
432
456
|
// delete the Cache as it would be invalid if ACS resources are modified
|
|
433
457
|
if (kafkaCfg && kafkaCfg.evictACSCache) {
|
package/lib/acs/authz.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authz.js","sourceRoot":"","sources":["../../src/acs/authz.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA4B;AAC5B,6CAIsB;AACtB,8DAA0D;AAC1D,sCAA8C;AAC9C,uDAA+B;AAC/B,mCAAgD;AAChD,gEAAuD;AACvD,oCAA8D;AAI9D,MAAM,IAAI,GAAG,YAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAEpC,MAAM,kBAAkB,GAAG,CAAC,MAAW,EAAe,EAAE;IAC7D,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;QACrB,IAAI,UAAU,GAAG,EAAE,CAAC;QACpB,KAAK,IAAI,UAAU,IAAI,MAAM,EAAE;YAC7B,UAAU,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAC;YAChD,UAAU,CAAC,IAAI,CAAC;gBACd,EAAE,EAAE,IAAI,CAAC,QAAQ;gBACjB,KAAK,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,EAAE;aACtC,CAAC,CAAC;SACJ;QACD,OAAO,UAAU,CAAC;KACnB;SACI;QACH,OAAO,CAAC;gBACN,EAAE,EAAE,IAAI,CAAC,QAAQ;gBACjB,KAAK,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,EAAE;aAC1D,CAAC,CAAC;KACJ;AACH,CAAC,CAAC;AAlBW,QAAA,kBAAkB,sBAkB7B;AAEK,MAAM,mBAAmB,GAAG,CAAC,OAAgB,EAAe,EAAE;IACnE,IAAI,OAAO,CAAC,eAAe,EAAE;QAC3B,OAAO,CAAC;gBACN,EAAE,EAAE,IAAI,CAAC,oBAAoB;gBAC7B,KAAK,EAAE,MAAM;aACd,CAAC,CAAC;KACJ;IACD,IAAI,SAAS,GAAG;QACd;YACE,EAAE,EAAE,IAAI,CAAC,SAAS;YAClB,KAAK,EAAE,OAAO,CAAC,EAAE;SAClB;KAAC,CAAC;IAEL,IAAI,OAAO,CAAC,KAAK,EAAE;QACjB,IAAI,UAAU,GAAG;YACf;gBACE,EAAE,EAAE,IAAI,CAAC,iBAAiB;gBAC1B,KAAK,EAAE,IAAI,CAAC,QAAQ;aACrB;YACD;gBACE,EAAE,EAAE,IAAI,CAAC,mBAAmB;gBAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;aACrB;SACF,CAAC;QACF,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;KAC1C;IACD,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AA3BW,QAAA,mBAAmB,uBA2B9B;AAEK,MAAM,kBAAkB,GAAG,CAAC,IAAY,EAAE,eAAwB,EAAU,EAAE;IACnF,mDAAmD;IACnD,MAAM,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpC,IAAI,eAAe,EAAE;QACnB,OAAO,GAAG,eAAe,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;KACjD;SAAM;QACL,OAAO,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;KAC9B;AACH,CAAC,CAAC;AAZW,QAAA,kBAAkB,sBAY7B;AAEK,MAAM,oBAAoB,GAAG,CAAC,QAAoB,EAAE,MAAmB,EAAE,EAAE;IAChF,MAAM,SAAS,GAAgB,EAAE,CAAC;IAClC,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QAC/B,IAAI,MAAM,IAAI,wBAAW,CAAC,OAAO,EAAE;YACjC,IAAI,qBAAqB,GAAG,WAAW,CAAC,QAAQ,CAAC;YACjD,IAAI,gBAAgB,GAAG,WAAW,CAAC,EAAE,CAAC;YACtC,IAAI,gBAAgB,GAAG,WAAW,CAAC,QAAQ,CAAC;YAC5C,IAAI,iBAAiB,EAAE,YAAY,CAAC;YAEpC,IAAI,qBAAqB,IAAI,qBAAqB,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;gBACpE,iBAAiB,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,qBAAqB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC3F,sEAAsE;gBACtE,0CAA0C;gBAC1C,YAAY,GAAG,qBAAqB,CAAC,KAAK,CAAC,qBAAqB,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;aACxF;iBAAM;gBACL,YAAY,GAAG,qBAAqB,CAAC;aACtC;YAED,sDAAsD;YACtD,MAAM,YAAY,GAAG,IAAA,0BAAkB,EAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;YACzE,IAAI,YAAY,EAAE;gBAChB,SAAS,CAAC,IAAI,CAAC;oBACb,EAAE,EAAE,IAAI,CAAC,MAAM;oBACf,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,EAAE;iBACvC,CAAC,CAAC;aACJ;YAED,kEAAkE;YAClE,IAAI,gBAAgB,IAAI,OAAO,gBAAgB,KAAK,QAAQ,EAAE;gBAC5D,SAAS,CAAC,IAAI,CAAC;oBACb,EAAE,EAAE,IAAI,CAAC,UAAU;oBACnB,KAAK,EAAE,gBAAgB;iBACxB,CAAC,CAAC;aACJ;iBAAM,IAAI,gBAAgB,IAAI,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gBACzF,gBAAgB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACpC,SAAS,CAAC,IAAI,CAAC;wBACb,EAAE,EAAE,IAAI,CAAC,UAAU;wBACnB,KAAK,EAAE,QAAQ;qBAChB,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;aACJ;YAED,0DAA0D;YAC1D,IAAI,gBAAgB,IAAI,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAClF,gBAAgB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACpC,SAAS,CAAC,IAAI,CAAC;wBACb,EAAE,EAAE,IAAI,CAAC,QAAQ;wBACjB,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,IAAI,QAAQ,EAAE;qBACnD,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;aACJ;SACF;aAAM;YACL,SAAS,CAAC,IAAI,CAAC;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS;gBAClB,KAAK,EAAE,WAAW,CAAC,QAAQ;aAC5B,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AA5DW,QAAA,oBAAoB,wBA4D/B;AAEF,MAAa,OAAO;IAElB;;;OAGG;IACH,YAAY,GAAQ;QAClB,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAEO,MAAM,CAAC,MAAW;QACxB,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACrB,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;aAC9C;iBAAM;gBACL,OAAO;oBACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;iBAC3C,CAAC;aACH;SACF;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAA4C,EAAE,GAAqB,EAAE,QAAiB;QACpG,MAAM,YAAY,GAAG;YACnB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;gBACjD,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBACpD,SAAS,EAAE,IAAA,4BAAoB,EAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;aAChF;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;aACtC;SACF,CAAC;QAEF,IAAI,QAA0B,CAAC;QAC/B,IAAI;YACF,QAAQ,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACrD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,CAAC,EAAE,QAAQ,EAAE,mBAAmB,CAAC,CAAC;SACnC;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,uDAAuD,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YAClI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,qBAAQ,CAAC,IAAI;gBACvB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,IAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YACvD,QAAQ,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;SAC/E;QAED,OAAO,QAAQ,CAAC;IAElB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAAyD,EAC3E,GAAqB,EAAE,QAAiB;QACxC,MAAM,YAAY,GAAG;YACnB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;gBACjD,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBACpD,SAAS,EAAE,IAAA,4BAAoB,EAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;aAChF;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;aACtC;SACF,CAAC;QACF,IAAI,QAA6B,CAAC;QAClC,IAAI;YACF,QAAQ,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACrD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;YACpD,CAAC,EAAE,QAAQ,EAAE,uBAAuB,CAAC,CAAC;SACvC;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,2DAA2D,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACvI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,qBAAQ,CAAC,IAAI;gBACvB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,IAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YACvD,QAAQ,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;SAC/E;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AA5GD,0BA4GC;AAED;;GAEG;AACH,MAAa,QAAQ;IAGnB;;;OAGG;IACH,YAAY,GAAQ,EAAE,GAAS;QAC7B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,OAA2C,EAAE,GAAqB,EAAE,QAAQ;QAC1F,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,YAAY,CAAC,OAAO,GAAG;YACrB,OAAO,EAAE,EAAE;YACX,SAAS,EAAE,EAAE;YACb,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SAChD,CAAC;QACF,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACxD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE;YAC3C,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,GAAG,GAAG,WAAW,CAAC;SAC7D;QAED,YAAY,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,YAAY,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE5D,oFAAoF;QACpF,8EAA8E;QAC9E,4EAA4E;QAC5E,IAAI,QAAQ,GAAG;YACb,MAAM,EAAE,YAAY,CAAC,MAAM;SAC5B,CAAC;QACF,IAAI,QAA0B,CAAC;QAC/B,IAAI;YACF,QAAQ,GAAG,MAAM,IAAA,iBAAS,EAAC,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACjD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,CAAC,EAAE,QAAQ,EAAE,WAAW,GAAG,YAAY,CAAC,CAAC;SAC1C;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,uDAAuD,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACnI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,qBAAQ,CAAC,IAAI;gBACvB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,IAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YACvD,QAAQ,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;SAC/E;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;MAKE;IACF,KAAK,CAAC,aAAa,CAAC,OAAwD,EAC1E,GAAqB,EAAE,QAAiB;QACxC,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,YAAY,CAAC,OAAO,GAAG;YACrB,OAAO,EAAE,EAAE;YACX,SAAS,EAAE,EAAE;YACb,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SAChD,CAAC;QACF,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAExD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE;YAC3C,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,GAAG,GAAG,WAAW,CAAC;SAC7D;QAED,YAAY,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,YAAY,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE5D,IAAI,QAA6B,CAAC;QAClC,IAAI;YACF,QAAQ,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACrD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;YACpD,CAAC,EAAE,QAAQ,EAAE,WAAW,GAAG,gBAAgB,CAAC,CAAC;SAC9C;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,2DAA2D,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACvI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,qBAAQ,CAAC,IAAI;gBACvB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,IAAG,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,GAAE,CAAC,EAAE;YACvD,QAAQ,CAAC,UAAU,GAAG,IAAA,0CAAkC,EAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;SAC/E;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,MAAM,CAAC,MAAW;QACxB,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACrB,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;aAC9C;iBAAM;gBACL,OAAO;oBACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;iBAC3C,CAAC;aACH;SACF;IACH,CAAC;IAED,cAAc,CAAC,OAAsE;QACnF,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACnD,MAAM,YAAY,GAAQ;YACxB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,MAAM,CAAC;gBAClC,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC;aACtC;SACF,CAAC;QACF,YAAY,CAAC,MAAM,CAAC,SAAS,GAAG,IAAA,4BAAoB,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACvE,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AAnJD,4BAmJC;AAED,MAAM,SAAS,GAAG;IAChB,mBAAmB;IACnB,oBAAoB;IACpB,mBAAmB;IACnB,eAAe;IACf,gBAAgB;IAChB,eAAe;IACf,aAAa;IACb,cAAc;IACd,aAAa;CACd,CAAC;AAEF,MAAM,aAAa,GAAG,KAAK,EAAE,GAAQ,EACnC,OAAY,EAAE,MAAW,EAAE,SAAiB,EAAgB,EAAE;IAC9D,IAAI,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE;QACrC,2CAA2C;QAC3C,gBAAM,CAAC,IAAI,CAAC,kBAAkB,SAAS,+BAA+B,CAAC,CAAC;QACxE,MAAM,IAAA,kBAAU,GAAE,CAAC;KACpB;AACH,CAAC,CAAC;AAEK,MAAM,SAAS,GAAG,KAAK,EAAE,MAAY,EAA4B,EAAE;IACxE,IAAI,CAAC,aAAK,EAAE;QACV,IAAI,MAAM,EAAE;YACV,IAAA,qBAAY,EAAC,MAAM,CAAC,CAAC;SACtB;QACD,MAAM,QAAQ,GAAG,YAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,YAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzC,wCAAwC;QACxC,IAAI,QAAQ,CAAC,OAAO,EAAE;YACpB,MAAM,gBAAgB,GAAG,YAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,aAAa,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,SAAS,GAAG,IAAI,wBAAU,CAAC,aAAa,EAAE,gBAAM,CAAC,CAAC;YACxD,MAAM,GAAG,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC;YACjC,aAAK,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,CAAC;YAC1B,iEAAiE;YACjE,wEAAwE;YACxE,IAAI,QAAQ,IAAI,QAAQ,CAAC,aAAa,EAAE;gBACtC,MAAM,MAAM,GAAG,IAAI,qBAAM,CAAC,QAAQ,EAAE,gBAAM,CAAC,CAAC;gBAC5C,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;gBACrB,KAAK,IAAI,UAAU,IAAI,QAAQ,CAAC,aAAa,EAAE;oBAC7C,IAAI,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;oBAClD,IAAI,KAAK,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;oBAC/C,IAAI,QAAQ,CAAC,MAAM,EAAE;wBACnB,KAAK,IAAI,SAAS,IAAI,QAAQ,CAAC,MAAM,EAAE;4BACrC,MAAM,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;yBAC1C;qBACF;iBACF;aACF;YACD,OAAO,aAAK,CAAC;SACd;KACF;IACD,OAAO,aAAK,CAAC;AACf,CAAC,CAAC;AAjCW,QAAA,SAAS,aAiCpB"}
|
|
1
|
+
{"version":3,"file":"authz.js","sourceRoot":"","sources":["../../src/acs/authz.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA4B;AAC5B,6CAasB;AACtB,8DAA2E;AAC3E,sCAA8C;AAC9C,uDAA+B;AAC/B,mCAAgD;AAChD,gEAA0E;AAC1E,oCAA8D;AAC9D,6HAGkG;AAClG,sHAAsH;AAGtH,yGAA2H;AAC3H,6GAA+H;AAC/H,qHAAsI;AAEtI,IAAA,gCAAiB,EACf,oBAAQ,EACR,sBAAU,EACV,0BAAa,CACd,CAAC;AAIF,MAAM,IAAI,GAAG,YAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAEpC,MAAM,kBAAkB,GAAG,CAAC,MAAW,EAAe,EAAE;IAC7D,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;QACrB,IAAI,UAAU,GAAG,EAAE,CAAC;QACpB,KAAK,IAAI,UAAU,IAAI,MAAM,EAAE;YAC7B,UAAU,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,CAAC;YAChD,UAAU,CAAC,IAAI,CAAC;gBACd,EAAE,EAAE,IAAI,CAAC,QAAQ;gBACjB,KAAK,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,UAAU,EAAE;aACtC,CAAC,CAAC;SACJ;QACD,OAAO,UAAU,CAAC;KACnB;SACI;QACH,OAAO,CAAC;gBACN,EAAE,EAAE,IAAI,CAAC,QAAQ;gBACjB,KAAK,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,WAAW,EAAE,EAAE;gBACzD,SAAS,EAAE,EAAE;aACd,CAAC,CAAC;KACJ;AACH,CAAC,CAAC;AAnBW,QAAA,kBAAkB,sBAmB7B;AAEK,MAAM,mBAAmB,GAAG,CAAC,OAA6B,EAAe,EAAE;IAChF,IAAI,OAAO,CAAC,eAAe,EAAE;QAC3B,OAAO,CAAC;gBACN,EAAE,EAAE,IAAI,CAAC,oBAAoB;gBAC7B,KAAK,EAAE,MAAM;gBACb,SAAS,EAAE,EAAE;aACd,CAAC,CAAC;KACJ;IACD,IAAI,SAAS,GAAgB;QAC3B;YACE,EAAE,EAAE,IAAI,CAAC,SAAS;YAClB,KAAK,EAAE,OAAO,CAAC,EAAE;YACjB,SAAS,EAAE,EAAE;SACd;KACF,CAAC;IAEF,IAAI,OAAO,CAAC,KAAK,EAAE;QACjB,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC;YAC3B;gBACE,EAAE,EAAE,IAAI,CAAC,iBAAiB;gBAC1B,KAAK,EAAE,IAAI,CAAC,QAAQ;gBACpB,SAAS,EAAE,EAAE;aACd;YACD;gBACE,EAAE,EAAE,IAAI,CAAC,mBAAmB;gBAC5B,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,SAAS,EAAE,EAAE;aACd;SACF,CAAC,CAAC;KACJ;IACD,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AA/BW,QAAA,mBAAmB,uBA+B9B;AAEK,MAAM,kBAAkB,GAAG,CAAC,IAAY,EAAE,eAAwB,EAAU,EAAE;IACnF,mDAAmD;IACnD,MAAM,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QAC/C,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpC,IAAI,eAAe,EAAE;QACnB,OAAO,GAAG,eAAe,IAAI,MAAM,IAAI,MAAM,EAAE,CAAC;KACjD;SAAM;QACL,OAAO,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC;KAC9B;AACH,CAAC,CAAC;AAZW,QAAA,kBAAkB,sBAY7B;AAEK,MAAM,oBAAoB,GAAG,CAAC,QAAoB,EAAE,MAAmB,EAAE,EAAE;IAChF,MAAM,SAAS,GAAgB,EAAE,CAAC;IAClC,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QAC/B,IAAI,MAAM,IAAI,wBAAW,CAAC,OAAO,EAAE;YACjC,IAAI,qBAAqB,GAAG,WAAW,CAAC,QAAQ,CAAC;YACjD,IAAI,gBAAgB,GAAG,WAAW,CAAC,EAAE,CAAC;YACtC,IAAI,gBAAgB,GAAG,WAAW,CAAC,QAAQ,CAAC;YAC5C,IAAI,iBAAiB,EAAE,YAAY,CAAC;YAEpC,IAAI,qBAAqB,IAAI,qBAAqB,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;gBACpE,iBAAiB,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,qBAAqB,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC3F,sEAAsE;gBACtE,0CAA0C;gBAC1C,YAAY,GAAG,qBAAqB,CAAC,KAAK,CAAC,qBAAqB,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;aACxF;iBAAM;gBACL,YAAY,GAAG,qBAAqB,CAAC;aACtC;YAED,sDAAsD;YACtD,MAAM,YAAY,GAAG,IAAA,0BAAkB,EAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;YACzE,IAAI,YAAY,EAAE;gBAChB,SAAS,CAAC,IAAI,CAAC;oBACb,EAAE,EAAE,IAAI,CAAC,MAAM;oBACf,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,EAAE;oBACtC,SAAS,EAAE,EAAE;iBACd,CAAC,CAAC;aACJ;YAED,kEAAkE;YAClE,IAAI,gBAAgB,IAAI,OAAO,gBAAgB,KAAK,QAAQ,EAAE;gBAC5D,SAAS,CAAC,IAAI,CAAC;oBACb,EAAE,EAAE,IAAI,CAAC,UAAU;oBACnB,KAAK,EAAE,gBAAgB;oBACvB,SAAS,EAAE,EAAE;iBACd,CAAC,CAAC;aACJ;iBAAM,IAAI,gBAAgB,IAAI,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gBACzF,gBAAgB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACpC,SAAS,CAAC,IAAI,CAAC;wBACb,EAAE,EAAE,IAAI,CAAC,UAAU;wBACnB,KAAK,EAAE,QAAQ;wBACf,SAAS,EAAE,EAAE;qBACd,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;aACJ;YAED,0DAA0D;YAC1D,IAAI,gBAAgB,IAAI,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE;gBAClF,gBAAgB,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACpC,SAAS,CAAC,IAAI,CAAC;wBACb,EAAE,EAAE,IAAI,CAAC,QAAQ;wBACjB,KAAK,EAAE,IAAI,CAAC,KAAK,GAAG,IAAI,YAAY,IAAI,QAAQ,EAAE;wBAClD,SAAS,EAAE,EAAE;qBACd,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;aACJ;SACF;aAAM;YACL,SAAS,CAAC,IAAI,CAAC;gBACb,EAAE,EAAE,IAAI,CAAC,SAAS;gBAClB,KAAK,EAAE,WAAW,CAAC,QAAQ;gBAC3B,SAAS,EAAE,EAAE;aACd,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAjEW,QAAA,oBAAoB,wBAiE/B;AAEF,MAAa,OAAO;IAElB;;;OAGG;IACH,YAAY,GAAkB;QAC5B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAEO,MAAM,CAAC,MAAW;QACxB,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACrB,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;aAC9C;iBAAM;gBACL,OAAO;oBACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;iBAC3C,CAAC;aACH;SACF;IACH,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAA4C,EAAE,GAAqB,EAAE,QAAiB;QACpG,MAAM,YAAY,GAAG;YACnB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;gBACjD,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBACpD,SAAS,EAAE,IAAA,4BAAoB,EAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;aAChF;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;aACtC;SACF,CAAC;QAEF,IAAI,QAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,SAAS,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBAC5D,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,CAAC,EAAE,QAAQ,EAAE,mBAAmB,CAAC,CAAC;YAElC,QAAQ,GAAG;gBACT,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,UAAU,EAAE,IAAA,0CAAkC,EAAC,SAAS,CAAC,UAAU,CAAC;gBACpE,gBAAgB,EAAE,SAAS,CAAC,gBAAgB;aAC7C,CAAC;SACH;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,uDAAuD,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YAClI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,kCAAiB,CAAC,IAAI;gBAChC,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,OAAO,QAAQ,CAAC;IAElB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAAyD,EAC3E,GAAqB,EAAE,QAAiB;QACxC,MAAM,YAAY,GAAG;YACnB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;gBACjD,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBACpD,SAAS,EAAE,IAAA,4BAAoB,EAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;aAChF;YACD,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;gBAC5C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;aACtC;SACF,CAAC;QACF,IAAI,QAA6B,CAAC;QAClC,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBAChE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;YACpD,CAAC,EAAE,QAAQ,EAAE,uBAAuB,CAAC,CAAC;YAEtC,QAAQ,GAAG;gBACT,GAAG,aAAa;gBAChB,UAAU,EAAE,IAAA,0CAAkC,EAAC,aAAa,CAAC,UAAU,CAAC;aAClE,CAAC,CAAC,iBAAiB;SAC5B;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,2DAA2D,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACvI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,kCAAiB,CAAC,IAAI;gBAChC,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AA/GD,0BA+GC;AAED;;GAEG;AACH,MAAa,QAAQ;IAEnB;;;OAGG;IACH,YAAY,GAAkB,EAAE,GAAS;QACvC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,OAA2C,EAAE,GAAqB,EAAE,QAAQ;QAC1F,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,YAAY,CAAC,OAAO,GAAG;YACrB,OAAO,EAAE,EAAE;YACX,SAAS,EAAE,EAAE;YACb,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SAChD,CAAC;QACF,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACxD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE;YAC3C,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,GAAG,GAAG,WAAW,CAAC;SAC7D;QAED,YAAY,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,YAAY,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE5D,oFAAoF;QACpF,8EAA8E;QAC9E,4EAA4E;QAC5E,IAAI,QAAQ,GAAG;YACb,MAAM,EAAE,YAAY,CAAC,MAAM;SAC5B,CAAC;QACF,IAAI,QAA0B,CAAC;QAC/B,IAAI;YACF,MAAM,SAAS,GAAG,MAAM,IAAA,iBAAS,EAAC,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBACxD,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;YAChD,CAAC,EAAE,QAAQ,EAAE,WAAW,GAAG,YAAY,CAAC,CAAC;YAEzC,QAAQ,GAAG;gBACT,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,UAAU,EAAE,IAAA,0CAAkC,EAAC,SAAS,CAAC,UAAU,CAAC;gBACpE,gBAAgB,EAAE,SAAS,CAAC,gBAAgB;aAC7C,CAAC;SACH;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,uDAAuD,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACnI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,kCAAiB,CAAC,IAAI;gBAChC,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;MAKE;IACF,KAAK,CAAC,aAAa,CAAC,OAAwD,EAC1E,GAAqB,EAAE,QAAiB;QACxC,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,YAAY,CAAC,OAAO,GAAG;YACrB,OAAO,EAAE,EAAE;YACX,SAAS,EAAE,EAAE;YACb,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;SAChD,CAAC;QACF,MAAM,OAAO,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAExD,IAAI,WAAW,GAAG,UAAU,CAAC;QAE7B,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE;YAC3C,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,GAAG,GAAG,WAAW,CAAC;SAC7D;QAED,YAAY,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,YAAY,CAAC,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAE5D,IAAI,QAA6B,CAAC;QAClC,IAAI;YACF,MAAM,aAAa,GAAG,MAAM,IAAA,iBAAS,EAAC,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;gBAChE,OAAO,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;YACpD,CAAC,EAAE,QAAQ,EAAE,WAAW,GAAG,gBAAgB,CAAC,CAAC;YAE7C,QAAQ,GAAG;gBACT,GAAG,aAAa;gBAChB,UAAU,EAAE,IAAA,0CAAkC,EAAC,aAAa,CAAC,UAAU,CAAC;aAClE,CAAC,CAAC,iBAAiB;SAC5B;QAAC,OAAO,GAAG,EAAE;YACZ,gBAAM,CAAC,KAAK,CAAC,2DAA2D,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACvI,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE;gBACb,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;aAChB;YACD,QAAQ,GAAG;gBACT,QAAQ,EAAE,kCAAiB,CAAC,IAAI;gBAChC,gBAAgB,EAAE;oBAChB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB;aACF,CAAC;SACH;QAED,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;YACvB,gBAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;SACpD;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,MAAM,CAAC,MAAW;QACxB,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;gBACrB,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;aAC9C;iBAAM;gBACL,OAAO;oBACL,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;iBAC3C,CAAC;aACH;SACF;IACH,CAAC;IAED,cAAc,CAAC,OAAsE;QACnF,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACnD,MAAM,YAAY,GAAQ;YACxB,MAAM,EAAE;gBACN,MAAM,EAAE,IAAA,0BAAkB,EAAC,MAAM,CAAC;gBAClC,OAAO,EAAE,IAAA,2BAAmB,EAAC,OAAO,CAAC;aACtC;SACF,CAAC;QACF,YAAY,CAAC,MAAM,CAAC,SAAS,GAAG,IAAA,4BAAoB,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACvE,OAAO,YAAY,CAAC;IACtB,CAAC;CACF;AArJD,4BAqJC;AAED,MAAM,SAAS,GAAG;IAChB,mBAAmB;IACnB,oBAAoB;IACpB,mBAAmB;IACnB,eAAe;IACf,gBAAgB;IAChB,eAAe;IACf,aAAa;IACb,cAAc;IACd,aAAa;CACd,CAAC;AAEF,MAAM,aAAa,GAAG,KAAK,EAAE,GAAQ,EACnC,OAAY,EAAE,MAAW,EAAE,SAAiB,EAAgB,EAAE;IAC9D,IAAI,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE;QACrC,2CAA2C;QAC3C,gBAAM,CAAC,IAAI,CAAC,kBAAkB,SAAS,+BAA+B,CAAC,CAAC;QACxE,MAAM,IAAA,kBAAU,GAAE,CAAC;KACpB;AACH,CAAC,CAAC;AAEK,MAAM,SAAS,GAAG,KAAK,EAAE,MAAY,EAA4B,EAAE;IACxE,IAAI,CAAC,aAAK,EAAE;QACV,IAAI,MAAM,EAAE;YACV,IAAA,qBAAY,EAAC,MAAM,CAAC,CAAC;SACtB;QACD,MAAM,QAAQ,GAAG,YAAG,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,YAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzC,wCAAwC;QACxC,IAAI,QAAQ,CAAC,OAAO,EAAE;YACpB,MAAM,gBAAgB,GAAG,YAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,aAAa,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,OAAO,GAAG,IAAA,2BAAa,EAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,SAAS,GAAkB,IAAA,0BAAY,EAAC;gBAC5C,GAAG,aAAa;gBAChB,MAAM,EAAN,gBAAM;aACP,EAAE,kCAAiB,EAAE,OAAO,CAAC,CAAC;YAC/B,aAAK,GAAG,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC;YAChC,iEAAiE;YACjE,wEAAwE;YACxE,IAAI,QAAQ,IAAI,QAAQ,CAAC,aAAa,EAAE;gBACtC,MAAM,MAAM,GAAG,IAAI,qBAAM,CAAC,QAAQ,EAAE,gBAAM,CAAC,CAAC;gBAC5C,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;gBACrB,KAAK,IAAI,UAAU,IAAI,QAAQ,CAAC,aAAa,EAAE;oBAC7C,IAAI,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;oBAClD,IAAI,KAAK,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;oBAC/C,IAAI,QAAQ,CAAC,MAAM,EAAE;wBACnB,KAAK,IAAI,SAAS,IAAI,QAAQ,CAAC,MAAM,EAAE;4BACrC,MAAM,KAAK,CAAC,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;yBAC1C;qBACF;iBACF;aACF;YACD,OAAO,aAAK,CAAC;SACd;KACF;IACD,OAAO,aAAK,CAAC;AACf,CAAC,CAAC;AApCW,QAAA,SAAS,aAoCpB"}
|