@restorecommerce/acs-client 3.0.22 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -0
- package/lib/acs/authz.d.ts +4 -4
- package/lib/acs/authz.d.ts.map +1 -1
- package/lib/acs/authz.js +77 -108
- package/lib/acs/authz.js.map +1 -1
- package/lib/acs/cache.d.ts.map +1 -1
- package/lib/acs/cache.js +31 -65
- package/lib/acs/cache.js.map +1 -1
- package/lib/acs/decorators.d.ts +3 -3
- package/lib/acs/decorators.d.ts.map +1 -1
- package/lib/acs/decorators.js +39 -51
- package/lib/acs/decorators.js.map +1 -1
- package/lib/acs/errors.js +3 -9
- package/lib/acs/errors.js.map +1 -1
- package/lib/acs/interfaces.d.ts +10 -10
- package/lib/acs/interfaces.d.ts.map +1 -1
- package/lib/acs/interfaces.js +9 -18
- package/lib/acs/interfaces.js.map +1 -1
- package/lib/acs/middleware.js +3 -7
- package/lib/acs/middleware.js.map +1 -1
- package/lib/acs/resolver.d.ts +5 -5
- package/lib/acs/resolver.d.ts.map +1 -1
- package/lib/acs/resolver.js +75 -85
- package/lib/acs/resolver.js.map +1 -1
- package/lib/config.js +5 -9
- package/lib/config.js.map +1 -1
- package/lib/index.d.ts +9 -9
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +9 -25
- package/lib/index.js.map +1 -1
- package/lib/logger.js +7 -11
- package/lib/logger.js.map +1 -1
- package/lib/tsconfig.tsbuildinfo +1 -1
- package/lib/utils.d.ts +4 -4
- package/lib/utils.d.ts.map +1 -1
- package/lib/utils.js +82 -94
- package/lib/utils.js.map +1 -1
- package/package.json +10 -9
package/lib/acs/cache.js
CHANGED
|
@@ -1,36 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
-
if (mod && mod.__esModule) return mod;
|
|
20
|
-
var result = {};
|
|
21
|
-
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
-
__setModuleDefault(result, mod);
|
|
23
|
-
return result;
|
|
24
|
-
};
|
|
25
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
26
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
27
|
-
};
|
|
28
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
|
-
exports.setCacheStatus = exports.flushCache = exports.get = exports.getOrFill = exports.initializeCache = void 0;
|
|
30
|
-
const config_1 = require("../config");
|
|
31
|
-
const logger_1 = __importDefault(require("../logger"));
|
|
32
|
-
const crypto = __importStar(require("crypto"));
|
|
33
|
-
const redis_1 = require("redis");
|
|
1
|
+
import { cfg } from '../config.js';
|
|
2
|
+
import logger from '../logger.js';
|
|
3
|
+
import * as crypto from 'crypto';
|
|
4
|
+
import { createClient } from 'redis';
|
|
34
5
|
let attempted = false;
|
|
35
6
|
let redisInstance;
|
|
36
7
|
let ttl;
|
|
@@ -39,26 +10,26 @@ let redisSubjectInstance;
|
|
|
39
10
|
/**
|
|
40
11
|
* Initialize ACS Cache
|
|
41
12
|
*/
|
|
42
|
-
const initializeCache = async () => {
|
|
13
|
+
export const initializeCache = async () => {
|
|
43
14
|
if (attempted || !cacheEnabled) {
|
|
44
15
|
return;
|
|
45
16
|
}
|
|
46
17
|
attempted = true;
|
|
47
18
|
try {
|
|
48
|
-
const redisConfig =
|
|
49
|
-
const redisSubConfig =
|
|
19
|
+
const redisConfig = cfg.get('authorization:cache');
|
|
20
|
+
const redisSubConfig = cfg.get('redis');
|
|
50
21
|
if (redisConfig) {
|
|
51
|
-
redisConfig.database =
|
|
52
|
-
redisInstance =
|
|
53
|
-
redisInstance.on('error', (err) =>
|
|
22
|
+
redisConfig.database = cfg.get('authorization:cache:db-index');
|
|
23
|
+
redisInstance = createClient(redisConfig);
|
|
24
|
+
redisInstance.on('error', (err) => logger?.error('Redis Client Error in ACS cache', { code: err.code, message: err.message, stack: err.stack }));
|
|
54
25
|
await redisInstance.connect();
|
|
55
|
-
ttl =
|
|
26
|
+
ttl = cfg.get('authorization:cache:ttl');
|
|
56
27
|
}
|
|
57
28
|
if (redisSubConfig) {
|
|
58
29
|
// init redis subject instance
|
|
59
30
|
redisSubConfig.database = redisSubConfig['db-indexes']['db-subject'];
|
|
60
|
-
redisSubjectInstance =
|
|
61
|
-
redisSubjectInstance.on('error', (err) =>
|
|
31
|
+
redisSubjectInstance = createClient(redisSubConfig);
|
|
32
|
+
redisSubjectInstance.on('error', (err) => logger?.error('Redis Client Error in ACS cache', { code: err.code, message: err.message, stack: err.stack }));
|
|
62
33
|
await redisSubjectInstance.connect();
|
|
63
34
|
}
|
|
64
35
|
}
|
|
@@ -66,7 +37,6 @@ const initializeCache = async () => {
|
|
|
66
37
|
attempted = false;
|
|
67
38
|
}
|
|
68
39
|
};
|
|
69
|
-
exports.initializeCache = initializeCache;
|
|
70
40
|
/**
|
|
71
41
|
* Find the object in cache. If not found, compute it using the filler function
|
|
72
42
|
*
|
|
@@ -74,7 +44,7 @@ exports.initializeCache = initializeCache;
|
|
|
74
44
|
* @param filler The function to execute if key is not found in cache
|
|
75
45
|
* @param prefix The prefix to apply to the object key in the cache
|
|
76
46
|
*/
|
|
77
|
-
const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
47
|
+
export const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
78
48
|
if (!redisInstance || !cacheEnabled) {
|
|
79
49
|
return filler(keyData);
|
|
80
50
|
}
|
|
@@ -88,7 +58,7 @@ const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
|
88
58
|
const response = JSON.parse(redisKeyResponse);
|
|
89
59
|
const evaluation_cacheable = response?.evaluation_cacheable || response?.policy_sets?.some(policy_set => policy_set?.policies?.some(policy => policy?.evaluation_cacheable !== false && policy.rules?.some(rule => rule?.evaluation_cacheable)));
|
|
90
60
|
if (evaluation_cacheable) {
|
|
91
|
-
|
|
61
|
+
logger?.debug('Found key in cache: ' + redisKey);
|
|
92
62
|
return response;
|
|
93
63
|
}
|
|
94
64
|
}
|
|
@@ -96,7 +66,7 @@ const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
|
96
66
|
// when useCache is false, dont store in cache
|
|
97
67
|
return await filler(keyData);
|
|
98
68
|
}
|
|
99
|
-
|
|
69
|
+
logger?.debug('Filling cache key: ' + redisKey);
|
|
100
70
|
const acsResponse = await filler(keyData);
|
|
101
71
|
if (acsResponse) {
|
|
102
72
|
if (ttl) {
|
|
@@ -108,7 +78,6 @@ const getOrFill = async (keyData, filler, useCache, prefix) => {
|
|
|
108
78
|
}
|
|
109
79
|
return acsResponse;
|
|
110
80
|
};
|
|
111
|
-
exports.getOrFill = getOrFill;
|
|
112
81
|
/**
|
|
113
82
|
* Find the object in cache.
|
|
114
83
|
*
|
|
@@ -116,70 +85,67 @@ exports.getOrFill = getOrFill;
|
|
|
116
85
|
* @param filler The function to execute if key is not found in cache
|
|
117
86
|
* @param prefix The prefix to apply to the object key in the cache
|
|
118
87
|
*/
|
|
119
|
-
const get = async (key) => {
|
|
88
|
+
export const get = async (key) => {
|
|
120
89
|
if (!redisSubjectInstance) {
|
|
121
|
-
|
|
90
|
+
logger?.warn('No Redis Subject Instance!');
|
|
122
91
|
return;
|
|
123
92
|
}
|
|
124
93
|
const redisResponse = await redisSubjectInstance.get(key);
|
|
125
94
|
if (!redisResponse) {
|
|
126
|
-
|
|
95
|
+
logger?.info('Key does not exist', { key });
|
|
127
96
|
return;
|
|
128
97
|
}
|
|
129
98
|
if (redisResponse) {
|
|
130
|
-
|
|
99
|
+
logger?.debug('Found key in cache: ' + key);
|
|
131
100
|
return JSON.parse(redisResponse);
|
|
132
101
|
}
|
|
133
102
|
};
|
|
134
|
-
exports.get = get;
|
|
135
103
|
/**
|
|
136
104
|
* Flush the ACS cache
|
|
137
105
|
*
|
|
138
106
|
* @param prefix An optional prefix to flush instead of entire cache
|
|
139
107
|
*/
|
|
140
|
-
const flushCache = async (prefix) => {
|
|
108
|
+
export const flushCache = async (prefix) => {
|
|
141
109
|
if (!redisInstance || !cacheEnabled) {
|
|
142
|
-
|
|
110
|
+
logger?.info('Redis client not initialized in acs-client');
|
|
143
111
|
return;
|
|
144
112
|
}
|
|
145
113
|
if (prefix != undefined) {
|
|
146
114
|
const flushPattern = `acs:${prefix}:*`;
|
|
147
|
-
|
|
115
|
+
logger?.debug(`Flushing cache with pattern ${flushPattern}`);
|
|
148
116
|
let scanIterator;
|
|
149
117
|
try {
|
|
150
118
|
scanIterator = redisInstance.scanIterator({ MATCH: flushPattern, COUNT: 100 });
|
|
151
119
|
for await (const key of scanIterator) {
|
|
152
120
|
await redisInstance.del(key);
|
|
153
121
|
}
|
|
154
|
-
|
|
122
|
+
logger?.debug(`Successfully flushed cache pattern ${flushPattern}`);
|
|
155
123
|
return;
|
|
156
124
|
}
|
|
157
125
|
catch (err) {
|
|
158
|
-
|
|
126
|
+
logger?.error('Error flushing ACS cache', { code: err.code, message: err.message, stack: err.stack });
|
|
159
127
|
return;
|
|
160
128
|
}
|
|
161
129
|
}
|
|
162
|
-
|
|
130
|
+
logger?.debug('Flushing ACS cache');
|
|
163
131
|
const reply = await redisInstance.flushDb();
|
|
164
132
|
if (reply) {
|
|
165
|
-
|
|
133
|
+
logger?.debug('Flushed ACS cache');
|
|
166
134
|
}
|
|
167
135
|
};
|
|
168
|
-
exports.flushCache = flushCache;
|
|
169
136
|
/**
|
|
170
137
|
* Enable / Disable ACS Caching
|
|
171
138
|
*
|
|
172
139
|
* @param enabled Whether to enable or disable the cache
|
|
173
140
|
*/
|
|
174
|
-
const setCacheStatus = (enabled) => {
|
|
141
|
+
export const setCacheStatus = (enabled) => {
|
|
175
142
|
cacheEnabled = enabled;
|
|
176
143
|
if (enabled) {
|
|
177
|
-
|
|
178
|
-
|
|
144
|
+
logger?.debug('ACS Cache Enabled');
|
|
145
|
+
initializeCache();
|
|
179
146
|
}
|
|
180
147
|
else {
|
|
181
|
-
|
|
148
|
+
logger?.debug('ACS Cache Disabled');
|
|
182
149
|
}
|
|
183
150
|
};
|
|
184
|
-
exports.setCacheStatus = setCacheStatus;
|
|
185
151
|
//# sourceMappingURL=cache.js.map
|
package/lib/acs/cache.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/acs/cache.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/acs/cache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,MAAM,MAAM,cAAc,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,YAAY,EAAmB,MAAM,OAAO,CAAC;AAMtD,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,IAAI,aAAwC,CAAC;AAC7C,IAAI,GAAuB,CAAC;AAC5B,IAAI,YAAY,GAAG,IAAI,CAAC;AACxB,IAAI,oBAA+C,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,IAAI,EAAE;IACxC,IAAI,SAAS,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,OAAO;IACT,CAAC;IAED,SAAS,GAAG,IAAI,CAAC;IACjB,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnD,MAAM,cAAc,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,WAAW,EAAE,CAAC;YAChB,WAAW,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC/D,aAAa,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC1C,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,iCAAiC,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAClJ,MAAM,aAAa,CAAC,OAAO,EAAE,CAAC;YAC9B,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,cAAc,EAAE,CAAC;YACnB,8BAA8B;YAC9B,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC,YAAY,CAAC,CAAC;YACrE,oBAAoB,GAAG,YAAY,CAAC,cAAc,CAAC,CAAC;YACpD,oBAAoB,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,iCAAiC,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YACzJ,MAAM,oBAAoB,CAAC,OAAO,EAAE,CAAC;QACvC,CAAC;IACH,CAAC;IACD,OAAO,CAAC,EAAE,CAAC;QACT,SAAS,GAAG,KAAK,CAAC;IACpB,CAAC;AACH,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,EAAQ,OAAU,EAAE,MAA+B,EAC/E,QAAiB,EAAE,MAAe,EAAc,EAAE;IAClD,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;QACpC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvG,IAAI,QAAQ,GAAG,GAAG,SAAS,EAAE,CAAC;IAE9B,IAAI,MAAM,EAAE,CAAC;QACX,QAAQ,GAAG,GAAG,MAAM,GAAG,GAAG,QAAQ,CAAC;IACrC,CAAC;IACD,MAAM,gBAAgB,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC3D,IAAI,gBAAgB,IAAI,QAAQ,EAAE,CAAC;QACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAA2C,CAAC;QACxF,MAAM,oBAAoB,GAAG,QAAQ,EAAE,oBAAoB,IAAI,QAAQ,EAAE,WAAW,EAAE,IAAI,CACxF,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CACtC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,oBAAoB,KAAK,KAAK,IAAI,MAAM,CAAC,KAAK,EAAE,IAAI,CACpE,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,oBAAoB,CACnC,CACF,CACF,CAAC;QAEF,IAAI,oBAAoB,EAAE,CAAC;YACzB,MAAM,EAAE,KAAK,CAAC,sBAAsB,GAAG,QAAQ,CAAC,CAAC;YACjD,OAAO,QAAa,CAAC;QACvB,CAAC;IACH,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,8CAA8C;QAC9C,OAAO,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;IAED,MAAM,EAAE,KAAK,CAAC,qBAAqB,GAAG,QAAQ,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,WAAW,EAAE,CAAC;QAChB,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,aAAa,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;QACxE,CAAC;aAAM,CAAC;YACN,MAAM,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IACD,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,GAAW,EAAgB,EAAE;IACrD,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,MAAM,EAAE,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IACD,MAAM,aAAa,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1D,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,EAAE,IAAI,CAAC,oBAAoB,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;QAC5C,OAAO;IACT,CAAC;IACD,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,EAAE,KAAK,CAAC,sBAAsB,GAAG,GAAG,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACnC,CAAC;AACH,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,EAAE,MAAe,EAAE,EAAE;IAClD,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,EAAE,IAAI,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO;IACT,CAAC;IAED,IAAI,MAAM,IAAI,SAAS,EAAE,CAAC;QACxB,MAAM,YAAY,GAAG,OAAO,MAAM,IAAI,CAAC;QACvC,MAAM,EAAE,KAAK,CAAC,+BAA+B,YAAY,EAAE,CAAC,CAAC;QAC7D,IAAI,YAAY,CAAC;QACjB,IAAI,CAAC;YACH,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YAC/E,IAAI,KAAK,EAAE,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;gBACrC,MAAM,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAC/B,CAAC;YACD,MAAM,EAAE,KAAK,CAAC,sCAAsC,YAAY,EAAE,CAAC,CAAC;YACpE,OAAO;QACT,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,MAAM,EAAE,KAAK,CAAC,0BAA0B,EAAG,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,CAAC,CAAC;YACvG,OAAO;QACT,CAAC;IACH,CAAC;IACD,MAAM,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,CAAC;IAC5C,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,EAAE,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACrC,CAAC;AACH,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,OAAgB,EAAE,EAAE;IACjD,YAAY,GAAG,OAAO,CAAC;IAEvB,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,EAAE,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACnC,eAAe,EAAE,CAAC;IACpB,CAAC;SAAM,CAAC;QACN,MAAM,EAAE,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACtC,CAAC;AACH,CAAC,CAAC"}
|
package/lib/acs/decorators.d.ts
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import { type CallOptions } from 'nice-grpc';
|
|
2
2
|
import { Logger } from '@restorecommerce/logger';
|
|
3
3
|
import { Client } from '@restorecommerce/grpc-client';
|
|
4
|
-
import { UserServiceDefinition } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/user';
|
|
5
|
-
import { ResourceList } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base';
|
|
6
|
-
import { Operation, ACSResource, AuthZAction, ACSClientContext } from './interfaces';
|
|
4
|
+
import { UserServiceDefinition } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/user.js';
|
|
5
|
+
import { ResourceList } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base.js';
|
|
6
|
+
import { Operation, ACSResource, AuthZAction, ACSClientContext } from './interfaces.js';
|
|
7
7
|
export type DatabaseProvider = 'arangoDB' | 'postgres';
|
|
8
8
|
export type ACSClientContextFactory<T extends ResourceList> = (self: any, request: T, ...args: any) => Promise<ACSClientContext>;
|
|
9
9
|
export type ResourceFactory<T extends ResourceList> = (self: any, request: T, ...args: any) => Promise<ACSResource[]>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EACjB,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,EACL,MAAM,EAIP,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,qBAAqB,EACtB,MAAM,
|
|
1
|
+
{"version":3,"file":"decorators.d.ts","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EACjB,MAAM,WAAW,CAAC;AAEnB,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,EACL,MAAM,EAIP,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,qBAAqB,EACtB,MAAM,mFAAmF,CAAC;AAI3F,OAAO,EACL,YAAY,EAEb,MAAM,4FAA4F,CAAC;AAOpG,OAAO,EACL,SAAS,EACT,WAAW,EACX,WAAW,EACX,gBAAgB,EAIjB,MAAM,iBAAiB,CAAC;AAYzB,MAAM,MAAM,gBAAgB,GAAG,UAAU,GAAG,UAAU,CAAC;AACvD,MAAM,MAAM,uBAAuB,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAC;AACjI,MAAM,MAAM,eAAe,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;AACtH,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAC;AAC1H,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;AAC3G,MAAM,MAAM,eAAe,CAAC,CAAC,SAAS,YAAY,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC;AAE1G,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC,qBAAqB,CAAC,CAAC;IACtD,QAAQ,CAAC,qBAAqB,EAAE,gBAAgB,CAAC;IACjD,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,eAAO,MAAM,8BAA8B,GAAU,CAAC,SAAS,YAAY,QACnE,GAAG,WACA,CAAC,WACD,GAAG,KACX,OAAO,CAAC,gBAAgB,CAIzB,CAAC;AAEH,wBAAgB,sBAAsB,CAAC,CAAC,SAAS,YAAY,EAC3D,GAAG,aAAa,EAAE,MAAM,EAAE,GACzB,eAAe,CAAC,CAAC,CAAC,CAWpB;AAED,eAAO,MAAM,sBAAsB,GAAU,CAAC,SAAS,YAAY,QAC3D,GAAG,WACA,CAAC,WACD,GAAG,KACX,OAAO,CAAC,CAAC,CAYX,CAAC;AAEF,eAAO,MAAM,uBAAuB,GAAU,CAAC,SAAS,YAAY,QAC5D,GAAG,WACA,CAAC,WACD,GAAG,KACX,OAAO,CAAC,CAAC,CAqDX,CAAC;AAEF,oBAAY,MAAM;IAChB,OAAO,YAAY;IACnB,IAAI,SAAS;IACb,GAAG,QAAQ;CACZ;AAED,wBAAgB,SAAS,CAAC,GAAG,IAAI,EAAE,MAAM,EAAE,GAAG,WAAW,CAMxD;AAED,wBAAgB,yBAAyB,CAAC,CAAC,SAAS;IAAE,KAAI,GAAG,IAAI,EAAE,GAAG,GAAG,GAAG,CAAA;CAAE,EAAE,WAAW,EAAE,CAAC,GAAG,CAAC,CAsBjG;AAED,wBAAgB,0BAA0B,CAAC,CAAC,SAAS,YAAY,EAAE,MAAM,EAAE;IACzE,MAAM,EAAE,WAAW,CAAC;IACpB,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,CAAC,EAAE,gBAAgB,GAAG,uBAAuB,CAAC,CAAC,CAAC,CAAC;IACxD,QAAQ,CAAC,EAAE,WAAW,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;IAC9C,QAAQ,CAAC,EAAE,gBAAgB,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;IAClD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB,YAEW,GAAG,gBACG,MAAM,cACR,uBAAuB,CAAC,GAAG,CAAC,UAuF3C;AAED,wBAAgB,gBAAgB,CAAC,CAAC,SAAS,YAAY,EACrD,eAAe,GAAE,eAAe,CAAC,CAAC,CAA6B,YAGrD,GAAG,gBACG,MAAM,cACR,uBAAuB,CAAC,GAAG,CAAC,UAS3C;AAED,wBAAgB,iBAAiB,CAAC,CAAC,SAAS,YAAY,EACtD,gBAAgB,GAAE,gBAAgB,CAAC,CAAC,CAA8B,YAGxD,GAAG,gBACG,MAAM,cACR,uBAAuB,CAAC,GAAG,CAAC,UAS3C"}
|
package/lib/acs/decorators.js
CHANGED
|
@@ -1,38 +1,28 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
const
|
|
15
|
-
const access_control_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control");
|
|
16
|
-
const authz_1 = require("./authz");
|
|
17
|
-
const cache_1 = require("./cache");
|
|
18
|
-
const resolver_1 = require("./resolver");
|
|
19
|
-
const config_1 = require("../config");
|
|
20
|
-
const utils_1 = require("../utils");
|
|
21
|
-
const crypto_1 = require("crypto");
|
|
22
|
-
const filter_1 = require("@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/filter");
|
|
23
|
-
const DefaultACSClientContextFactory = async (self, request, context) => ({
|
|
1
|
+
import { Metadata, } from 'nice-grpc';
|
|
2
|
+
import { ServiceConfig } from '@restorecommerce/service-config';
|
|
3
|
+
import { Logger } from '@restorecommerce/logger';
|
|
4
|
+
import { createClient, createChannel, } from '@restorecommerce/grpc-client';
|
|
5
|
+
import { UserServiceDefinition } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/user.js';
|
|
6
|
+
import { Response_Decision } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control.js';
|
|
7
|
+
import { initAuthZ, } from './authz.js';
|
|
8
|
+
import { initializeCache, } from './cache.js';
|
|
9
|
+
import { accessRequest, } from './resolver.js';
|
|
10
|
+
import { cfg } from '../config.js';
|
|
11
|
+
import { _ } from '../utils.js';
|
|
12
|
+
import { randomUUID } from 'crypto';
|
|
13
|
+
import { Filter_Operation, Filter_ValueType } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/filter.js';
|
|
14
|
+
export const DefaultACSClientContextFactory = async (self, request, context) => ({
|
|
24
15
|
...context,
|
|
25
16
|
subject: request.subject,
|
|
26
17
|
resources: [],
|
|
27
18
|
});
|
|
28
|
-
|
|
29
|
-
function DefaultResourceFactory(...resourceNames) {
|
|
19
|
+
export function DefaultResourceFactory(...resourceNames) {
|
|
30
20
|
return async (self, request, context) => (resourceNames?.length ? resourceNames : [self.name])?.map(resourceName => ({
|
|
31
21
|
resource: resourceName,
|
|
32
22
|
id: request.items?.map((item) => item.id)
|
|
33
23
|
}));
|
|
34
24
|
}
|
|
35
|
-
const DefaultSubjectResolver = async (self, request, ...args) => {
|
|
25
|
+
export const DefaultSubjectResolver = async (self, request, ...args) => {
|
|
36
26
|
const subject = request?.subject;
|
|
37
27
|
if (subject?.id) {
|
|
38
28
|
delete subject.id;
|
|
@@ -45,17 +35,16 @@ const DefaultSubjectResolver = async (self, request, ...args) => {
|
|
|
45
35
|
}
|
|
46
36
|
return request;
|
|
47
37
|
};
|
|
48
|
-
|
|
49
|
-
const
|
|
50
|
-
const urns = config_1.cfg.get('authorization:urns');
|
|
38
|
+
export const DefaultMetaDataInjector = async (self, request, ...args) => {
|
|
39
|
+
const urns = cfg.get('authorization:urns');
|
|
51
40
|
const ids = [...new Set(request.items?.map((item) => item.id).filter(id => id) ?? []).values()];
|
|
52
41
|
const meta_map = ids.length ? await self.read({
|
|
53
42
|
filters: [{
|
|
54
43
|
filters: [{
|
|
55
44
|
field: '_key',
|
|
56
|
-
operation:
|
|
45
|
+
operation: Filter_Operation.in,
|
|
57
46
|
value: JSON.stringify(ids),
|
|
58
|
-
type:
|
|
47
|
+
type: Filter_ValueType.ARRAY,
|
|
59
48
|
}]
|
|
60
49
|
}],
|
|
61
50
|
limit: ids.length,
|
|
@@ -82,43 +71,42 @@ const DefaultMetaDataInjector = async (self, request, ...args) => {
|
|
|
82
71
|
value: request.subject.id
|
|
83
72
|
}],
|
|
84
73
|
} : undefined,
|
|
85
|
-
].filter(
|
|
86
|
-
item.id ??=
|
|
74
|
+
].filter(Boolean);
|
|
75
|
+
item.id ??= randomUUID().replaceAll('-', '');
|
|
87
76
|
});
|
|
88
77
|
return request;
|
|
89
78
|
};
|
|
90
|
-
|
|
91
|
-
var ByPass;
|
|
79
|
+
export var ByPass;
|
|
92
80
|
(function (ByPass) {
|
|
93
81
|
ByPass["SUBJECT"] = "SUBJECT";
|
|
94
82
|
ByPass["META"] = "META";
|
|
95
83
|
ByPass["ACS"] = "ACS";
|
|
96
|
-
})(ByPass || (
|
|
84
|
+
})(ByPass || (ByPass = {}));
|
|
97
85
|
;
|
|
98
|
-
function setByPass(...args) {
|
|
86
|
+
export function setByPass(...args) {
|
|
99
87
|
return {
|
|
100
|
-
metadata: new
|
|
88
|
+
metadata: new Metadata(args.map(arg => ['bypass', arg.toString()]))
|
|
101
89
|
};
|
|
102
90
|
}
|
|
103
|
-
function access_controlled_service(baseService) {
|
|
91
|
+
export function access_controlled_service(baseService) {
|
|
104
92
|
return class extends baseService {
|
|
105
93
|
__userService;
|
|
106
94
|
__acsDatabaseProvider;
|
|
107
95
|
constructor(...args) {
|
|
108
96
|
super(...args);
|
|
109
|
-
const cfg = args.find((arg) => (arg instanceof
|
|
110
|
-
const logger = args.find((arg) => (arg instanceof
|
|
97
|
+
const cfg = args.find((arg) => (arg instanceof ServiceConfig));
|
|
98
|
+
const logger = args.find((arg) => (arg instanceof Logger));
|
|
111
99
|
this.__acsDatabaseProvider = cfg.get('authorization:database') ?? 'arangoDB';
|
|
112
|
-
this.__userService =
|
|
100
|
+
this.__userService = createClient({
|
|
113
101
|
...cfg.get('client:user'),
|
|
114
102
|
logger
|
|
115
|
-
},
|
|
116
|
-
|
|
117
|
-
|
|
103
|
+
}, UserServiceDefinition, createChannel(cfg.get('client:user:address')));
|
|
104
|
+
initAuthZ(cfg, logger);
|
|
105
|
+
initializeCache();
|
|
118
106
|
}
|
|
119
107
|
};
|
|
120
108
|
}
|
|
121
|
-
function access_controlled_function(kwargs) {
|
|
109
|
+
export function access_controlled_function(kwargs) {
|
|
122
110
|
return function (target, propertyName, descriptor) {
|
|
123
111
|
const method = descriptor.value;
|
|
124
112
|
descriptor.value = async function () {
|
|
@@ -152,11 +140,11 @@ function access_controlled_function(kwargs) {
|
|
|
152
140
|
subject.id = user.payload.id;
|
|
153
141
|
}
|
|
154
142
|
}
|
|
155
|
-
const acsResponse = await
|
|
143
|
+
const acsResponse = await accessRequest(subject, resource ?? [], kwargs.action, acsContext, {
|
|
156
144
|
operation: kwargs.operation, database: database ?? that.__acsDatabaseProvider ?? 'arangoDB',
|
|
157
145
|
useCache: kwargs.useCache ?? false
|
|
158
146
|
});
|
|
159
|
-
if (acsResponse?.decision !==
|
|
147
|
+
if (acsResponse?.decision !== Response_Decision.PERMIT) {
|
|
160
148
|
return acsResponse;
|
|
161
149
|
}
|
|
162
150
|
if (request) {
|
|
@@ -167,7 +155,7 @@ function access_controlled_function(kwargs) {
|
|
|
167
155
|
const appResponse = await method.apply(this, arguments);
|
|
168
156
|
const property = acsResponse.obligations?.filter((o) => resource.some((r) => r.resource === o.resource)).flatMap(o => o.property).flatMap(p => [p, new RegExp(p)]);
|
|
169
157
|
// @ts-expect-error TS2339
|
|
170
|
-
return property?.length ?
|
|
158
|
+
return property?.length ? _.omitDeep(appResponse, property) : appResponse;
|
|
171
159
|
}
|
|
172
160
|
catch (err) {
|
|
173
161
|
that.logger?.error('Operation Status Error:', err);
|
|
@@ -181,7 +169,7 @@ function access_controlled_function(kwargs) {
|
|
|
181
169
|
};
|
|
182
170
|
};
|
|
183
171
|
}
|
|
184
|
-
function resolves_subject(subjectResolver = (
|
|
172
|
+
export function resolves_subject(subjectResolver = (DefaultSubjectResolver)) {
|
|
185
173
|
return function (target, propertyName, descriptor) {
|
|
186
174
|
const method = descriptor.value;
|
|
187
175
|
descriptor.value = async function () {
|
|
@@ -192,7 +180,7 @@ function resolves_subject(subjectResolver = (exports.DefaultSubjectResolver)) {
|
|
|
192
180
|
};
|
|
193
181
|
}
|
|
194
182
|
;
|
|
195
|
-
function injects_meta_data(metaDataInjector = (
|
|
183
|
+
export function injects_meta_data(metaDataInjector = (DefaultMetaDataInjector)) {
|
|
196
184
|
return function (target, propertyName, descriptor) {
|
|
197
185
|
const method = descriptor.value;
|
|
198
186
|
descriptor.value = async function () {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"decorators.js","sourceRoot":"","sources":["../../src/acs/decorators.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,GAET,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AAChE,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,EAEL,YAAY,EACZ,aAAa,GAEd,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,qBAAqB,EACtB,MAAM,mFAAmF,CAAC;AAC3F,OAAO,EACL,iBAAiB,EAClB,MAAM,6FAA6F,CAAC;AAKrG,OAAO,EACL,SAAS,GACV,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,eAAe,GAChB,MAAM,YAAY,CAAC;AAUpB,OAAO,EACL,aAAa,GACd,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACnC,OAAO,EAAE,CAAC,EAAE,MAAM,aAAa,CAAC;AAChC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AACpC,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,qFAAqF,CAAC;AAe7F,MAAM,CAAC,MAAM,8BAA8B,GAAG,KAAK,EACjD,IAAS,EACT,OAAU,EACV,OAAY,EACe,EAAE,CAAC,CAAC;IAC/B,GAAG,OAAO;IACV,OAAO,EAAE,OAAO,CAAC,OAAO;IACxB,SAAS,EAAE,EAAE;CACd,CAAC,CAAC;AAEH,MAAM,UAAU,sBAAsB,CACpC,GAAG,aAAuB;IAE1B,OAAO,KAAK,EACV,IAAS,EACT,OAAU,EACV,OAAY,EACZ,EAAE,CAAC,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,GAAG,CAC7D,YAAY,CAAC,EAAE,CAAC,CAAC;QACf,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;KAC/C,CAAC,CACH,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EACzC,IAAS,EACT,OAAU,EACV,GAAG,IAAS,EACA,EAAE;IACd,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,CAAC;IACjC,IAAI,OAAO,EAAE,EAAE,EAAE,CAAC;QAChB,OAAO,OAAO,CAAC,EAAE,CAAC;IACpB,CAAC;IACD,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;QACnB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5E,IAAI,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;YACtB,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG,KAAK,EAC1C,IAAS,EACT,OAAU,EACV,GAAG,IAAS,EACA,EAAE;IACd,MAAM,IAAI,GAAG,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CACrB,OAAO,CAAC,KAAK,EAAE,GAAG,CAChB,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAClB,CAAC,MAAM,CACN,EAAE,CAAC,EAAE,CAAC,EAAE,CACT,IAAI,EAAE,CACR,CAAC,MAAM,EAAE,CAAC,CAAC;IACZ,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC;QAC5C,OAAO,EAAE,CAAC;gBACR,OAAO,EAAE,CAAC;wBACR,KAAK,EAAE,MAAM;wBACb,SAAS,EAAE,gBAAgB,CAAC,EAAE;wBAC9B,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC;wBAC1B,IAAI,EAAE,gBAAgB,CAAC,KAAK;qBAC7B,CAAC;aACH,CAAC;QACF,KAAK,EAAE,GAAG,CAAC,MAAM;QACjB,OAAO,EAAE,OAAO,CAAC,OAAO;KACzB,CAAC,CAAC,IAAI,CACL,CAAC,QAA8B,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAChE,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CACrB,CAAC,GAAG,CACH,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAC7C,CAAC,CACH,CAAC,CAAC,CAAC,SAAS,CAAC;IAEd,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QAC9B,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,WAAW,KAAK,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;QAC9C,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK;YACnB,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBACvB,EAAE,EAAE,IAAI,CAAC,qBAAqB;gBAC9B,KAAK,EAAE,IAAI,CAAC,YAAY;gBACxB,UAAU,EAAE,CAAC;wBACX,EAAE,EAAE,IAAI,CAAC,aAAa;wBACtB,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK;qBAC7B,CAAC;aACH,CAAC,CAAC,CAAC,SAAS;YACb,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;gBACpB,EAAE,EAAE,IAAI,CAAC,qBAAqB;gBAC9B,KAAK,EAAE,IAAI,CAAC,IAAI;gBAChB,UAAU,EAAE,CAAC;wBACX,EAAE,EAAE,IAAI,CAAC,aAAa;wBACtB,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;qBAC1B,CAAC;aACH,CAAC,CAAC,CAAC,SAAS;SACd,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAClB,IAAI,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,CAAN,IAAY,MAIX;AAJD,WAAY,MAAM;IAChB,6BAAmB,CAAA;IACnB,uBAAa,CAAA;IACb,qBAAW,CAAA;AACb,CAAC,EAJW,MAAM,KAAN,MAAM,QAIjB;AAAA,CAAC;AAEF,MAAM,UAAU,SAAS,CAAC,GAAG,IAAc;IACzC,OAAO;QACL,QAAQ,EAAE,IAAI,QAAQ,CACpB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAC5C;KACF,CAAA;AACH,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAuC,WAAc;IAC5F,OAAO,KAAM,SAAQ,WAAW;QACd,aAAa,CAAgC;QAC7C,qBAAqB,CAAmB;QAExD,YAAY,GAAG,IAAS;YACtB,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;YACf,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,YAAY,aAAa,CAAC,CAAkB,CAAC;YACrF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,YAAY,MAAM,CAAC,CAAW,CAAC;YAC1E,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,GAAG,CAAC,wBAAwB,CAAC,IAAI,UAAU,CAAC;YAC7E,IAAI,CAAC,aAAa,GAAG,YAAY,CAC/B;gBACE,GAAG,GAAG,CAAC,GAAG,CAAC,aAAa,CAAC;gBACzB,MAAM;aACa,EACrB,qBAAqB,EACrB,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC,CAC9C,CAAC;YACF,SAAS,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YACvB,eAAe,EAAE,CAAC;QACpB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAyB,MAOlE;IACC,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAAwC;QAExC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAM,CAAC;QACjC,UAAU,CAAC,KAAK,GAAG,KAAK;YACtB,MAAM,IAAI,GAAG,IAA+B,CAAC;YAC7C,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC7B,MAAM,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC7B,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAErC,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;gBACvB,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YAC7C,CAAC;YAED,IAAI,CAAC;gBACH,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;oBACxB,MAAM,IAAI,KAAK,CAAC,sFAAsF,CAAC,CAAC;gBAC1G,CAAC;gBAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,UAAU;oBACvD,CAAC,CAAC,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC9C,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;gBAEnB,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,UAAU;oBACtD,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;gBAEpB,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,UAAU;oBACtD,CAAC,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;oBAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC;gBAEpB,MAAM,OAAO,GAAG,UAAU,EAAE,OAAO,CAAC;gBACpC,IAAI,OAAO,EAAE,CAAC;oBACZ,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC;gBACpB,CAAC;gBACD,IAAI,OAAO,EAAE,KAAK,EAAE,CAAC;oBACnB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;oBAC5E,IAAI,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;wBACtB,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC/B,CAAC;gBACH,CAAC;gBAED,MAAM,WAAW,GAA2C,MAAM,aAAa,CAC7E,OAAO,EACP,QAAQ,IAAI,EAAE,EACd,MAAM,CAAC,MAAM,EACb,UAAU,EACV;oBACE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,IAAI,IAAI,CAAC,qBAAqB,IAAI,UAAU;oBAC3F,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,KAAK;iBACnC,CACF,CAAC;gBAEF,IAAI,WAAW,EAAE,QAAQ,KAAK,iBAAiB,CAAC,MAAM,EAAE,CAAC;oBACvD,OAAO,WAAW,CAAC;gBACrB,CAAC;gBAED,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,GAAG,GAAG,WAAW,EAAE,iBAAiB,EAAE,IAAI,CAC9C,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,CAAC,CACxD,CAAC;oBACF,OAAO,CAAC,cAAc,GAAG,GAAG,EAAE,cAAc,CAAC;oBAC7C,OAAO,CAAC,gBAAgB,GAAG,GAAG,EAAE,gBAAgB,CAAC;gBACnD,CAAC;gBAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;gBACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,WAAW,EAAE,MAAM,CAC9C,CAAC,CAAa,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,CAAC,CACnE,CAAC,OAAO,CACP,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAChB,CAAC,OAAO,CACP,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CACxB,CAAC;gBAEF,0BAA0B;gBAC1B,OAAO,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YAC5E,CAAC;YACD,OAAO,GAAQ,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,yBAAyB,EAAE,GAAG,CAAC,CAAC;gBACnD,OAAO;oBACL,gBAAgB,EAAE;wBAChB,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG;wBACjD,OAAO,EAAE,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG;qBAC3C;iBACF,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,kBAAsC,CAAA,sBAAyB,CAAA;IAE/D,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAAwC;QAExC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAM,CAAC;QACjC,UAAU,CAAC,KAAK,GAAG,KAAK;YACtB,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC;YACnE,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAAA,CAAC;AAEF,MAAM,UAAU,iBAAiB,CAC/B,mBAAwC,CAAA,uBAA0B,CAAA;IAElE,OAAO,UACL,MAAW,EACX,YAAoB,EACpB,UAAwC;QAExC,MAAM,MAAM,GAAG,UAAU,CAAC,KAAM,CAAC;QACjC,UAAU,CAAC,KAAK,GAAG,KAAK;YACtB,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC;YACpE,OAAO,MAAM,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC;AAAA,CAAC"}
|
package/lib/acs/errors.js
CHANGED
|
@@ -1,10 +1,7 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.FailedPrecondition = exports.PermissionDenied = exports.Unauthenticated = void 0;
|
|
4
1
|
/**
|
|
5
2
|
* Unauthenticated means the caller could not be authenticated.
|
|
6
3
|
*/
|
|
7
|
-
class Unauthenticated extends Error {
|
|
4
|
+
export class Unauthenticated extends Error {
|
|
8
5
|
details;
|
|
9
6
|
name;
|
|
10
7
|
message;
|
|
@@ -17,12 +14,11 @@ class Unauthenticated extends Error {
|
|
|
17
14
|
this.code = code;
|
|
18
15
|
}
|
|
19
16
|
}
|
|
20
|
-
exports.Unauthenticated = Unauthenticated;
|
|
21
17
|
/**
|
|
22
18
|
* PermissionDenied indicates the caller does not have permission to
|
|
23
19
|
* execute the specified operation.
|
|
24
20
|
*/
|
|
25
|
-
class PermissionDenied extends Error {
|
|
21
|
+
export class PermissionDenied extends Error {
|
|
26
22
|
details;
|
|
27
23
|
name;
|
|
28
24
|
message;
|
|
@@ -35,13 +31,12 @@ class PermissionDenied extends Error {
|
|
|
35
31
|
this.code = code;
|
|
36
32
|
}
|
|
37
33
|
}
|
|
38
|
-
exports.PermissionDenied = PermissionDenied;
|
|
39
34
|
/**
|
|
40
35
|
* FailedPrecondition means the system is not in a state in which
|
|
41
36
|
* the operation can be executed. A precondition, for example a call
|
|
42
37
|
* to a different endpoint before this call is required.
|
|
43
38
|
*/
|
|
44
|
-
class FailedPrecondition extends Error {
|
|
39
|
+
export class FailedPrecondition extends Error {
|
|
45
40
|
details;
|
|
46
41
|
name;
|
|
47
42
|
message;
|
|
@@ -54,5 +49,4 @@ class FailedPrecondition extends Error {
|
|
|
54
49
|
this.code = code;
|
|
55
50
|
}
|
|
56
51
|
}
|
|
57
|
-
exports.FailedPrecondition = FailedPrecondition;
|
|
58
52
|
//# sourceMappingURL=errors.js.map
|
package/lib/acs/errors.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/acs/errors.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/acs/errors.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,YAAY,OAAe,EAAE,IAAY;QACvC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QAClC,IAAI,CAAC,OAAO,GAAG,iBAAiB,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAED;;;EAGE;AACF,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IACzC,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,YAAY,OAAe,EAAE,IAAY;QACvC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QAClC,IAAI,CAAC,OAAO,GAAG,mBAAmB,CAAC;QACnC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAC3C,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,OAAO,CAAS;IAChB,IAAI,CAAS;IACb,YAAY,OAAe,EAAE,IAAY;QACvC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QAClC,IAAI,CAAC,OAAO,GAAG,qBAAqB,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF"}
|
package/lib/acs/interfaces.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
import { Attribute } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/attribute';
|
|
2
|
-
import { RoleAssociation, Subject, DeepPartial } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/auth';
|
|
3
|
-
import { Meta } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/meta';
|
|
4
|
-
import { FilterOp } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base';
|
|
5
|
-
import { Response_Decision, ReverseQuery } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control';
|
|
6
|
-
import { Effect } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/rule';
|
|
7
|
-
import { PolicySetRQ } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy_set';
|
|
8
|
-
import { PolicyRQ } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy';
|
|
9
|
-
import { RuleRQ, Target as AttributeTarget } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/rule';
|
|
10
|
-
import { Response_Decision as Decision, Context, Response } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control';
|
|
1
|
+
import { Attribute } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/attribute.js';
|
|
2
|
+
import { RoleAssociation, Subject, DeepPartial } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/auth.js';
|
|
3
|
+
import { Meta } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/meta.js';
|
|
4
|
+
import { FilterOp } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/resource_base.js';
|
|
5
|
+
import { Response_Decision, ReverseQuery } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control.js';
|
|
6
|
+
import { Effect } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/rule.js';
|
|
7
|
+
import { PolicySetRQ } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy_set.js';
|
|
8
|
+
import { PolicyRQ } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/policy.js';
|
|
9
|
+
import { RuleRQ, Target as AttributeTarget } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/rule.js';
|
|
10
|
+
import { Response_Decision as Decision, Context, Response } from '@restorecommerce/rc-grpc-clients/dist/generated-server/io/restorecommerce/access_control.js';
|
|
11
11
|
export { Decision, Context, RuleRQ, PolicyRQ, PolicySetRQ, Response as ACSResponse, AttributeTarget, };
|
|
12
12
|
export declare enum AuthZAction {
|
|
13
13
|
CREATE = "CREATE",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/acs/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"interfaces.d.ts","sourceRoot":"","sources":["../../src/acs/interfaces.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,wFAAwF,CAAC;AACnH,OAAO,EACL,eAAe,EACf,OAAO,EACP,WAAW,EACZ,MAAM,mFAAmF,CAAC;AAC3F,OAAO,EAAE,IAAI,EAAE,MAAM,mFAAmF,CAAC;AACzG,OAAO,EAAE,QAAQ,EAAE,MAAM,4FAA4F,CAAC;AACtH,OAAO,EACL,iBAAiB,EACjB,YAAY,EACb,MAAM,6FAA6F,CAAC;AACrG,OAAO,EAAE,MAAM,EAAE,MAAM,mFAAmF,CAAC;AAC3G,OAAO,EACL,WAAW,EACZ,MAAM,yFAAyF,CAAC;AACjG,OAAO,EACL,QAAQ,EACT,MAAM,qFAAqF,CAAC;AAC7F,OAAO,EACL,MAAM,EACN,MAAM,IAAI,eAAe,EAC1B,MAAM,mFAAmF,CAAC;AAC3F,OAAO,EACL,iBAAiB,IAAI,QAAQ,EAC7B,OAAO,EACP,QAAQ,EACT,MAAM,6FAA6F,CAAC;AAErG,OAAO,EACL,QAAQ,EACR,OAAO,EACP,MAAM,EACN,QAAQ,EACR,WAAW,EACX,QAAQ,IAAI,WAAW,EACvB,eAAe,GAChB,CAAC;AAEF,oBAAY,WAAW;IACrB,MAAM,WAAW;IACjB,IAAI,SAAS;IACb,MAAM,WAAW;IACjB,MAAM,WAAW;IACjB,OAAO,YAAY;IACnB,IAAI,SAAS;IACb,GAAG,MAAM;CACV;AAED,oBAAY,SAAS;IACnB,SAAS,cAAc;IACvB,aAAa,kBAAkB;CAChC;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE;QACJ,OAAO,CAAC,EAAE,IAAI,CAAC;QACf,QAAQ,CAAC,EAAE,IAAI,CAAC;QAChB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,MAAM,EAAE,SAAS,EAAE,CAAC;KACrB,CAAC;IACF,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IAC/B,SAAS,CAAC,EAAE,WAAW,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,QAAQ;IACvB,QAAQ,EAAE,UAAU,GAAG,UAAU,CAAC;CACnC;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;CAGZ;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,iBAAiB,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,CAAC,EAAE,eAAe,EAAE,CAAC;IACtC,mBAAmB,CAAC,EAAE,iBAAiB,EAAE,CAAC;CAC3C;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG;IACxC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;CAC5B,CAAC;AAEF,MAAM,WAAW,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO;IAClD,QAAQ,EAAE,QAAQ,CAAC;IACnB,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,OAAO,CAAC,OAAO,EAAE,QAAQ;IACxC,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,QAAQ,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,KAAK,CAAC,QAAQ,EAAE,QAAQ,GAAG,GAAG,EAAE,SAAS,GAAG,WAAW,EAAE,OAAO,GAAG,WAAW;IAC7F;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,EAAE,QAAQ,CAAC,EACxE,GAAG,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE,oBAAoB,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;CACtG;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,EAAE,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;AACtE,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC,mBAAmB,EAAE,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;AAEnF,MAAM,MAAM,wBAAwB,GAAG,MAAM,CAAC,OAAO,EAAE,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;AACnF,MAAM,MAAM,yBAAyB,GAAG,MAAM,CAAC,mBAAmB,EAAE,WAAW,EAAE,EAAE,WAAW,CAAC,CAAC;AAEhG,MAAM,WAAW,YAAY;IAE3B,QAAQ,EAAE,GAAG,CAAC;CACf;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,IAAI,CAAC;IACX,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB;AAED,MAAM,WAAW,YAAa,SAAQ,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC;IACtE,MAAM,EAAE,WAAW,CAAC;IACpB,OAAO,EAAE,YAAY,CAAC;CACvB;AAED,MAAM,WAAW,aAAc,SAAQ,QAAQ;IAC7C,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,MAAO,SAAQ,KAAK,CAAC,OAAO,GAAG,mBAAmB,EAAE,YAAY,EAAE,WAAW,EAAE,EAAE,WAAW,CAAC;IAC5G,aAAa,EAAE,CACb,OAAO,EAAE,OAAO,CAAC,wBAAwB,GAAG,yBAAyB,EAAE,YAAY,CAAC,EACpF,GAAG,EAAE,gBAAgB,EACrB,QAAQ,EAAE,OAAO,EACjB,oBAAoB,EAAE,MAAM,KACzB,OAAO,CAAC,mBAAmB,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,eAAgB,SAAQ,WAAW;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,sBAAsB,CAAC;CACjC;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,mBAAmB,CAAC;CAC3B;AAED,MAAM,WAAW,mBAAmB;IAClC,eAAe,EAAE,IAAI,CAAC;CACvB;AAED,MAAM,WAAW,SAAS;IACxB,iBAAiB,EAAE,eAAe,EAAE,CAAC;IAErC,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,4BAA4B;IAC3C,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,eAAe,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAGD,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,QAAQ,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,gBAAgB,EAAE,GAAG,CAAC;CACvB;AAGD,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG;IAC/C,OAAO,CAAC,EAAE,iBAAiB,EAAE,CAAC;IAC9B,iBAAiB,CAAC,EAAE,eAAe,EAAE,CAAC;IACtC,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,iBAAiB,CAAC;CAC9B,CAAC;AAEF,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,SAAS,EAAE,CAAC;IACtB,SAAS,EAAE,SAAS,EAAE,CAAC;IACvB,OAAO,EAAE,SAAS,EAAE,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,QAAQ,CAAC,EAAE,UAAU,GAAG,UAAU,CAAC;IACnC,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB"}
|