@sapl/nestjs 1.0.0

package/dist/constraints/providers/ContentFilter.js

@@ -0,0 +1,224 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getHandler = getHandler;
+exports.predicateFromConditions = predicateFromConditions;
+const safe_regex2_1 = __importDefault(require("safe-regex2"));
+const BLACK_SQUARE = '\u2588';
+function getByPath(obj, segments) {
+    let current = obj;
+    for (const segment of segments) {
+        if (DANGEROUS_SEGMENTS.has(segment))
+            return undefined;
+        if (current == null || typeof current !== 'object')
+            return undefined;
+        current = current[segment];
+    }
+    return current;
+}
+function setByPath(obj, segments, value) {
+    let current = obj;
+    for (let i = 0; i < segments.length - 1; i++) {
+        if (DANGEROUS_SEGMENTS.has(segments[i]))
+            return;
+        if (current == null || typeof current !== 'object')
+            return;
+        current = current[segments[i]];
+    }
+    const target = segments[segments.length - 1];
+    if (DANGEROUS_SEGMENTS.has(target))
+        return;
+    if (current != null && typeof current === 'object') {
+        current[target] = value;
+    }
+}
+function deleteByPath(obj, segments) {
+    let current = obj;
+    for (let i = 0; i < segments.length - 1; i++) {
+        if (DANGEROUS_SEGMENTS.has(segments[i]))
+            return;
+        if (current == null || typeof current !== 'object')
+            return;
+        current = current[segments[i]];
+    }
+    const target = segments[segments.length - 1];
+    if (DANGEROUS_SEGMENTS.has(target))
+        return;
+    if (current != null && typeof current === 'object') {
+        delete current[target];
+    }
+}
+const DANGEROUS_SEGMENTS = new Set(['__proto__', 'constructor', 'prototype']);
+function validatePath(path) {
+    if (path.includes('..')) {
+        throw new Error(`Unsupported JSONPath: recursive descent ('..') in '${path}'. Only simple dot paths are supported (e.g., '$.field.nested').`);
+    }
+    if (path.includes('[')) {
+        throw new Error(`Unsupported JSONPath: bracket notation in '${path}'. Only simple dot paths are supported (e.g., '$.field.nested').`);
+    }
+    if (path.includes('*')) {
+        throw new Error(`Unsupported JSONPath: wildcard ('*') in '${path}'. Only simple dot paths are supported (e.g., '$.field.nested').`);
+    }
+}
+function validateSegments(segments, path) {
+    for (const segment of segments) {
+        if (DANGEROUS_SEGMENTS.has(segment)) {
+            throw new Error(`Unsafe path segment '${segment}' in '${path}'. Prototype-polluting paths are rejected.`);
+        }
+    }
+}
+function parsePath(path) {
+    validatePath(path);
+    let normalized = path;
+    if (normalized === '$')
+        return [];
+    if (normalized.startsWith('$.')) {
+        normalized = normalized.substring(2);
+    }
+    const segments = normalized.split('.');
+    validateSegments(segments, path);
+    return segments;
+}
+function blacken(value, replacement, discloseLeft, discloseRight, length) {
+    const chars = [...value];
+    if (chars.length === 0)
+        return value;
+    const left = Math.min(discloseLeft, chars.length);
+    const right = Math.min(discloseRight, Math.max(0, chars.length - left));
+    const maskedCount = chars.length - left - right;
+    if (maskedCount <= 0)
+        return value;
+    const finalLength = length !== undefined && length >= 0 ? length : maskedCount;
+    const prefix = chars.slice(0, left).join('');
+    const suffix = chars.slice(chars.length - right).join('');
+    const masked = replacement.repeat(finalLength);
+    return prefix + masked + suffix;
+}
+function requireTextual(action, key) {
+    if (action[key] == null) {
+        throw new Error(`An action does not declare '${key}'.`);
+    }
+    if (typeof action[key] !== 'string') {
+        throw new Error(`An action's '${key}' is not textual.`);
+    }
+    return action[key];
+}
+function applyAction(obj, action) {
+    if (action == null || typeof action !== 'object') {
+        throw new Error('An action in actions is not an object.');
+    }
+    const path = requireTextual(action, 'path');
+    const segments = parsePath(path);
+    const actionType = requireTextual(action, 'type').trim().toLowerCase();
+    switch (actionType) {
+        case 'delete': {
+            deleteByPath(obj, segments);
+            break;
+        }
+        case 'replace': {
+            if (!('replacement' in action)) {
+                throw new Error('The action does not specify a replacement.');
+            }
+            setByPath(obj, segments, action.replacement);
+            break;
+        }
+        case 'blacken': {
+            const currentValue = getByPath(obj, segments);
+            if (typeof currentValue !== 'string') {
+                throw new Error('The node identified by the path is not a text node.');
+            }
+            const replacementChar = action.replacement ?? BLACK_SQUARE;
+            if (typeof replacementChar !== 'string') {
+                throw new Error("'replacement' of 'blacken' action is not textual.");
+            }
+            const discloseLeft = action.discloseLeft ?? 0;
+            const discloseRight = action.discloseRight ?? 0;
+            if (typeof discloseLeft !== 'number' || typeof discloseRight !== 'number') {
+                throw new Error("'discloseLeft' and 'discloseRight' of 'blacken' action must be numbers.");
+            }
+            const blackenLength = action.length;
+            if (blackenLength !== undefined && (typeof blackenLength !== 'number' || blackenLength < 0)) {
+                throw new Error("'length' of 'blacken' action is not a valid non-negative number.");
+            }
+            const blackened = blacken(currentValue, replacementChar, discloseLeft, discloseRight, blackenLength);
+            setByPath(obj, segments, blackened);
+            break;
+        }
+        default:
+            throw new Error(`Unknown action type: '${actionType}'.`);
+    }
+}
+const compiledRegexCache = new Map();
+function precompileConditions(conditions) {
+    for (const condition of conditions) {
+        if (condition.type === '=~') {
+            const pattern = String(condition.value);
+            if (!compiledRegexCache.has(pattern)) {
+                if (!(0, safe_regex2_1.default)(pattern)) {
+                    throw new Error(`Unsafe regex pattern rejected (potential ReDoS): '${pattern}'.`);
+                }
+                compiledRegexCache.set(pattern, new RegExp(pattern));
+            }
+        }
+    }
+}
+function evaluateCondition(element, condition) {
+    const segments = parsePath(condition.path ?? '');
+    const actual = getByPath(element, segments);
+    const expected = condition.value;
+    const operator = condition.type;
+    switch (operator) {
+        case '==':
+            return actual === expected;
+        case '!=':
+            return actual !== expected;
+        case '>=':
+            return actual >= expected;
+        case '<=':
+            return actual <= expected;
+        case '>':
+            return actual > expected;
+        case '<':
+            return actual < expected;
+        case '=~':
+            return typeof actual === 'string' && compiledRegexCache.get(String(condition.value)).test(actual);
+        default:
+            throw new Error(`Not a valid predicate condition type: '${operator}'.`);
+    }
+}
+function meetsConditions(element, conditions) {
+    return conditions.every((condition) => evaluateCondition(element, condition));
+}
+function getHandler(constraint) {
+    const actions = constraint.actions ?? [];
+    const conditions = constraint.conditions ?? [];
+    precompileConditions(conditions);
+    return (value) => {
+        if (value == null)
+            return value;
+        const transform = (element) => {
+            if (element == null)
+                return element;
+            if (conditions.length > 0 && !meetsConditions(element, conditions)) {
+                return element;
+            }
+            const copy = structuredClone(element);
+            for (const action of actions) {
+                applyAction(copy, action);
+            }
+            return copy;
+        };
+        if (Array.isArray(value)) {
+            return value.map(transform);
+        }
+        return transform(value);
+    };
+}
+function predicateFromConditions(constraint) {
+    const conditions = constraint.conditions ?? [];
+    precompileConditions(conditions);
+    return (element) => meetsConditions(element, conditions);
+}
+//# sourceMappingURL=ContentFilter.js.map

package/dist/constraints/providers/ContentFilter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ContentFilter.js","sourceRoot":"","sources":["../../../lib/constraints/providers/ContentFilter.ts"],"names":[],"mappings":";;;;;AAoNA,gCAyBC;AAED,0DAIC;AAnPD,8DAA+B;AAE/B,MAAM,YAAY,GAAG,QAAQ,CAAC;AAE9B,SAAS,SAAS,CAAC,GAAQ,EAAE,QAAkB;IAC7C,IAAI,OAAO,GAAG,GAAG,CAAC;IAClB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC;YAAE,OAAO,SAAS,CAAC;QACtD,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QACrE,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,SAAS,CAAC,GAAQ,EAAE,QAAkB,EAAE,KAAU;IACzD,IAAI,OAAO,GAAG,GAAG,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,IAAI,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO;QAChD,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ;YAAE,OAAO;QAC3D,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,IAAI,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,OAAO;IAC3C,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;IAC1B,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,GAAQ,EAAE,QAAkB;IAChD,IAAI,OAAO,GAAG,GAAG,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,IAAI,kBAAkB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO;QAChD,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ;YAAE,OAAO;QAC3D,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,IAAI,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC;QAAE,OAAO;IAC3C,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;QACnD,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC;IACzB,CAAC;AACH,CAAC;AAED,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;AAE9E,SAAS,YAAY,CAAC,IAAY;IAChC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,sDAAsD,IAAI,kEAAkE,CAC7H,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,8CAA8C,IAAI,kEAAkE,CACrH,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CACb,4CAA4C,IAAI,kEAAkE,CACnH,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAkB,EAAE,IAAY;IACxD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,wBAAwB,OAAO,SAAS,IAAI,4CAA4C,CACzF,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC7B,YAAY,CAAC,IAAI,CAAC,CAAC;IACnB,IAAI,UAAU,GAAG,IAAI,CAAC;IACtB,IAAI,UAAU,KAAK,GAAG;QAAE,OAAO,EAAE,CAAC;IAClC,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IACD,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACvC,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjC,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,OAAO,CACd,KAAa,EACb,WAAmB,EACnB,YAAoB,EACpB,aAAqB,EACrB,MAAe;IAEf,MAAM,KAAK,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACzB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAErC,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC;IACxE,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,GAAG,IAAI,GAAG,KAAK,CAAC;IAEhD,IAAI,WAAW,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnC,MAAM,WAAW,GAAG,MAAM,KAAK,SAAS,IAAI,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC;IAE/E,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAC/C,OAAO,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAClC,CAAC;AAED,SAAS,cAAc,CAAC,MAAW,EAAE,GAAW;IAC9C,IAAI,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,IAAI,CAAC,CAAC;IAC1D,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,gBAAgB,GAAG,mBAAmB,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,WAAW,CAAC,GAAQ,EAAE,MAAW;IACxC,IAAI,MAAM,IAAI,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,IAAI,GAAG,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,UAAU,GAAG,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAEvE,QAAQ,UAAU,EAAE,CAAC;QACnB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,YAAY,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC5B,MAAM;QACR,CAAC;QACD,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,IAAI,CAAC,CAAC,aAAa,IAAI,MAAM,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YACD,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YAC7C,MAAM;QACR,CAAC;QACD,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC9C,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;YACD,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,IAAI,YAAY,CAAC;YAC3D,IAAI,OAAO,eAAe,KAAK,QAAQ,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;YAC9C,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,CAAC;YAChD,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;gBAC1E,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAC;YAC7F,CAAC;YACD,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC;YACpC,IAAI,aAAa,KAAK,SAAS,IAAI,CAAC,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,GAAG,CAAC,CAAC,EAAE,CAAC;gBAC5F,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAC;YACtF,CAAC;YACD,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;YACrG,SAAS,CAAC,GAAG,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;YACpC,MAAM;QACR,CAAC;QACD;YACE,MAAM,IAAI,KAAK,CAAC,yBAAyB,UAAU,IAAI,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC;AAED,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAErD,SAAS,oBAAoB,CAAC,UAAiB;IAC7C,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,SAAS,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YACxC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBACrC,IAAI,CAAC,IAAA,qBAAI,EAAC,OAAO,CAAC,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,qDAAqD,OAAO,IAAI,CAAC,CAAC;gBACpF,CAAC;gBACD,kBAAkB,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAY,EAAE,SAAc;IACrD,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACjD,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC;IACjC,MAAM,QAAQ,GAAW,SAAS,CAAC,IAAI,CAAC;IAExC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,IAAI;YACP,OAAO,MAAM,KAAK,QAAQ,CAAC;QAC7B,KAAK,IAAI;YACP,OAAO,MAAM,KAAK,QAAQ,CAAC;QAC7B,KAAK,IAAI;YACP,OAAO,MAAM,IAAI,QAAQ,CAAC;QAC5B,KAAK,IAAI;YACP,OAAO,MAAM,IAAI,QAAQ,CAAC;QAC5B,KAAK,GAAG;YACN,OAAO,MAAM,GAAG,QAAQ,CAAC;QAC3B,KAAK,GAAG;YACN,OAAO,MAAM,GAAG,QAAQ,CAAC;QAC3B,KAAK,IAAI;YACP,OAAO,OAAO,MAAM,KAAK,QAAQ,IAAI,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrG;YACE,MAAM,IAAI,KAAK,CAAC,0CAA0C,QAAQ,IAAI,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,OAAY,EAAE,UAAiB;IACtD,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;AAChF,CAAC;AAED,SAAgB,UAAU,CAAC,UAAe;IACxC,MAAM,OAAO,GAAU,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC;IAChD,MAAM,UAAU,GAAU,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;IACtD,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAEjC,OAAO,CAAC,KAAU,EAAO,EAAE;QACzB,IAAI,KAAK,IAAI,IAAI;YAAE,OAAO,KAAK,CAAC;QAEhC,MAAM,SAAS,GAAG,CAAC,OAAY,EAAO,EAAE;YACtC,IAAI,OAAO,IAAI,IAAI;gBAAE,OAAO,OAAO,CAAC;YACpC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;gBACnE,OAAO,OAAO,CAAC;YACjB,CAAC;YACD,MAAM,IAAI,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;YACtC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC5B,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,uBAAuB,CAAC,UAAe;IACrD,MAAM,UAAU,GAAU,UAAU,CAAC,UAAU,IAAI,EAAE,CAAC;IACtD,oBAAoB,CAAC,UAAU,CAAC,CAAC;IACjC,OAAO,CAAC,OAAY,EAAW,EAAE,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;AACzE,CAAC"}

package/dist/constraints/providers/ContentFilterPredicateProvider.d.ts

@@ -0,0 +1,6 @@
+import { FilterPredicateConstraintHandlerProvider } from '../api/index';
+export declare class ContentFilterPredicateProvider implements FilterPredicateConstraintHandlerProvider {
+    isResponsible(constraint: any): boolean;
+    getHandler(constraint: any): (element: any) => boolean;
+}
+//# sourceMappingURL=ContentFilterPredicateProvider.d.ts.map

package/dist/constraints/providers/ContentFilterPredicateProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ContentFilterPredicateProvider.d.ts","sourceRoot":"","sources":["../../../lib/constraints/providers/ContentFilterPredicateProvider.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,wCAAwC,EAAE,MAAM,cAAc,CAAC;AAGxE,qBAEa,8BACX,YAAW,wCAAwC;IAEnD,aAAa,CAAC,UAAU,EAAE,GAAG,GAAG,OAAO;IAIvC,UAAU,CAAC,UAAU,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,KAAK,OAAO;CAGvD"}

package/dist/constraints/providers/ContentFilterPredicateProvider.js

@@ -0,0 +1,26 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ContentFilterPredicateProvider = void 0;
+const common_1 = require("@nestjs/common");
+const SaplConstraintHandler_1 = require("../SaplConstraintHandler");
+const ContentFilter_1 = require("./ContentFilter");
+let ContentFilterPredicateProvider = class ContentFilterPredicateProvider {
+    isResponsible(constraint) {
+        return constraint?.type === 'jsonContentFilterPredicate';
+    }
+    getHandler(constraint) {
+        return (0, ContentFilter_1.predicateFromConditions)(constraint);
+    }
+};
+exports.ContentFilterPredicateProvider = ContentFilterPredicateProvider;
+exports.ContentFilterPredicateProvider = ContentFilterPredicateProvider = __decorate([
+    (0, common_1.Injectable)(),
+    (0, SaplConstraintHandler_1.SaplConstraintHandler)('filterPredicate')
+], ContentFilterPredicateProvider);
+//# sourceMappingURL=ContentFilterPredicateProvider.js.map

package/dist/constraints/providers/ContentFilterPredicateProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ContentFilterPredicateProvider.js","sourceRoot":"","sources":["../../../lib/constraints/providers/ContentFilterPredicateProvider.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAA4C;AAC5C,oEAAiE;AAEjE,mDAA0D;AAInD,IAAM,8BAA8B,GAApC,MAAM,8BAA8B;IAGzC,aAAa,CAAC,UAAe;QAC3B,OAAO,UAAU,EAAE,IAAI,KAAK,4BAA4B,CAAC;IAC3D,CAAC;IAED,UAAU,CAAC,UAAe;QACxB,OAAO,IAAA,uCAAuB,EAAC,UAAU,CAAC,CAAC;IAC7C,CAAC;CACF,CAAA;AAVY,wEAA8B;yCAA9B,8BAA8B;IAF1C,IAAA,mBAAU,GAAE;IACZ,IAAA,6CAAqB,EAAC,iBAAiB,CAAC;GAC5B,8BAA8B,CAU1C"}

package/dist/constraints/providers/ContentFilteringProvider.d.ts

@@ -0,0 +1,7 @@
+import { MappingConstraintHandlerProvider } from '../api/index';
+export declare class ContentFilteringProvider implements MappingConstraintHandlerProvider {
+    isResponsible(constraint: any): boolean;
+    getPriority(): number;
+    getHandler(constraint: any): (value: any) => any;
+}
+//# sourceMappingURL=ContentFilteringProvider.d.ts.map

package/dist/constraints/providers/ContentFilteringProvider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ContentFilteringProvider.d.ts","sourceRoot":"","sources":["../../../lib/constraints/providers/ContentFilteringProvider.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gCAAgC,EAAE,MAAM,cAAc,CAAC;AAGhE,qBAEa,wBAAyB,YAAW,gCAAgC;IAC/E,aAAa,CAAC,UAAU,EAAE,GAAG,GAAG,OAAO;IAIvC,WAAW,IAAI,MAAM;IAIrB,UAAU,CAAC,UAAU,EAAE,GAAG,GAAG,CAAC,KAAK,EAAE,GAAG,KAAK,GAAG;CAGjD"}

package/dist/constraints/providers/ContentFilteringProvider.js

@@ -0,0 +1,29 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ContentFilteringProvider = void 0;
+const common_1 = require("@nestjs/common");
+const SaplConstraintHandler_1 = require("../SaplConstraintHandler");
+const ContentFilter_1 = require("./ContentFilter");
+let ContentFilteringProvider = class ContentFilteringProvider {
+    isResponsible(constraint) {
+        return constraint?.type === 'filterJsonContent';
+    }
+    getPriority() {
+        return 0;
+    }
+    getHandler(constraint) {
+        return (0, ContentFilter_1.getHandler)(constraint);
+    }
+};
+exports.ContentFilteringProvider = ContentFilteringProvider;
+exports.ContentFilteringProvider = ContentFilteringProvider = __decorate([
+    (0, common_1.Injectable)(),
+    (0, SaplConstraintHandler_1.SaplConstraintHandler)('mapping')
+], ContentFilteringProvider);
+//# sourceMappingURL=ContentFilteringProvider.js.map

package/dist/constraints/providers/ContentFilteringProvider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ContentFilteringProvider.js","sourceRoot":"","sources":["../../../lib/constraints/providers/ContentFilteringProvider.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAA4C;AAC5C,oEAAiE;AAEjE,mDAA6C;AAItC,IAAM,wBAAwB,GAA9B,MAAM,wBAAwB;IACnC,aAAa,CAAC,UAAe;QAC3B,OAAO,UAAU,EAAE,IAAI,KAAK,mBAAmB,CAAC;IAClD,CAAC;IAED,WAAW;QACT,OAAO,CAAC,CAAC;IACX,CAAC;IAED,UAAU,CAAC,UAAe;QACxB,OAAO,IAAA,0BAAU,EAAC,UAAU,CAAC,CAAC;IAChC,CAAC;CACF,CAAA;AAZY,4DAAwB;mCAAxB,wBAAwB;IAFpC,IAAA,mBAAU,GAAE;IACZ,IAAA,6CAAqB,EAAC,SAAS,CAAC;GACpB,wBAAwB,CAYpC"}

package/dist/enforcement-utils.d.ts

@@ -0,0 +1,7 @@
+import { Logger } from '@nestjs/common';
+import { EnforceOptions } from './EnforceOptions';
+import { SubscriptionContext } from './SubscriptionContext';
+import { ConstraintEnforcementService } from './constraints/ConstraintEnforcementService';
+export declare function applyDeny(options: EnforceOptions, ctx: SubscriptionContext, decision: any): any;
+export declare function handleDeny(logger: Logger, constraintService: ConstraintEnforcementService, decision: any, options: EnforceOptions, ctx: SubscriptionContext): any;
+//# sourceMappingURL=enforcement-utils.d.ts.map

package/dist/enforcement-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcement-utils.d.ts","sourceRoot":"","sources":["../lib/enforcement-utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAsB,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAE1F,wBAAgB,SAAS,CAAC,OAAO,EAAE,cAAc,EAAE,GAAG,EAAE,mBAAmB,EAAE,QAAQ,EAAE,GAAG,GAAG,GAAG,CAK/F;AAED,wBAAgB,UAAU,CACxB,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,4BAA4B,EAC/C,QAAQ,EAAE,GAAG,EACb,OAAO,EAAE,cAAc,EACvB,GAAG,EAAE,mBAAmB,GACvB,GAAG,CAeL"}

package/dist/enforcement-utils.js

@@ -0,0 +1,28 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.applyDeny = applyDeny;
+exports.handleDeny = handleDeny;
+const common_1 = require("@nestjs/common");
+function applyDeny(options, ctx, decision) {
+    if (options.onDeny) {
+        return options.onDeny(ctx, decision);
+    }
+    throw new common_1.ForbiddenException('Access denied by policy');
+}
+function handleDeny(logger, constraintService, decision, options, ctx) {
+    if (decision.decision === 'INDETERMINATE') {
+        logger.error(`PDP returned INDETERMINATE -- PDP may be unreachable or misconfigured`);
+    }
+    else {
+        logger.warn(`Access denied: ${decision.decision}`);
+    }
+    try {
+        const bundle = constraintService.bestEffortBundleFor(decision);
+        bundle.handleOnDecisionConstraints();
+    }
+    catch (error) {
+        logger.warn(`Best-effort obligation handlers failed on ${decision.decision}: ${error}`);
+    }
+    return applyDeny(options, ctx, decision);
+}
+//# sourceMappingURL=enforcement-utils.js.map

package/dist/enforcement-utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcement-utils.js","sourceRoot":"","sources":["../lib/enforcement-utils.ts"],"names":[],"mappings":";;AAKA,8BAKC;AAED,gCAqBC;AAjCD,2CAA4D;AAK5D,SAAgB,SAAS,CAAC,OAAuB,EAAE,GAAwB,EAAE,QAAa;IACxF,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,MAAM,IAAI,2BAAkB,CAAC,yBAAyB,CAAC,CAAC;AAC1D,CAAC;AAED,SAAgB,UAAU,CACxB,MAAc,EACd,iBAA+C,EAC/C,QAAa,EACb,OAAuB,EACvB,GAAwB;IAExB,IAAI,QAAQ,CAAC,QAAQ,KAAK,eAAe,EAAE,CAAC;QAC1C,MAAM,CAAC,KAAK,CAAC,uEAAuE,CAAC,CAAC;IACxF,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,kBAAkB,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,iBAAiB,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QAC/D,MAAM,CAAC,2BAA2B,EAAE,CAAC;IACvC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,6CAA6C,QAAQ,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO,SAAS,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;AAC3C,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,20 @@
+export { SaplModule } from './sapl.module';
+export { SAPL_MODULE_OPTIONS } from './sapl.constants';
+export { SaplModuleOptions, SaplModuleAsyncOptions } from './sapl.interfaces';
+export { Decision, AuthorizationDecision, AuthorizationSubscription } from './types';
+export { PdpService } from './pdp.service';
+export { PreEnforce } from './PreEnforce';
+export { PostEnforce } from './PostEnforce';
+export { EnforceTillDenied } from './EnforceTillDenied';
+export { EnforceDropWhileDenied } from './EnforceDropWhileDenied';
+export { EnforceRecoverableIfDenied } from './EnforceRecoverableIfDenied';
+export { SubscriptionOptions, EnforceOptions, SubscriptionField, OnDenyHandler, } from './EnforceOptions';
+export { StreamEventEmitter, EnforceTillDeniedOptions, EnforceDropWhileDeniedOptions, EnforceRecoverableOptions, OnStreamDenyHandler, OnStreamRecoverHandler, } from './StreamingEnforceOptions';
+export { SaplRequest, SubscriptionContext } from './SubscriptionContext';
+export { MethodInvocationContext } from './MethodInvocationContext';
+export { NO_RESOURCE_REPLACEMENT, Signal, Responsible, RunnableConstraintHandlerProvider, ConsumerConstraintHandlerProvider, MappingConstraintHandlerProvider, ErrorHandlerProvider, ErrorMappingConstraintHandlerProvider, FilterPredicateConstraintHandlerProvider, MethodInvocationConstraintHandlerProvider, } from './constraints/api/index';
+export { SaplConstraintHandler, ConstraintHandlerType, } from './constraints/SaplConstraintHandler';
+export { ConstraintEnforcementService } from './constraints/ConstraintEnforcementService';
+export { ConstraintHandlerBundle } from './constraints/ConstraintHandlerBundle';
+export { StreamingConstraintHandlerBundle } from './constraints/StreamingConstraintHandlerBundle';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAG9E,OAAO,EAAE,QAAQ,EAAE,qBAAqB,EAAE,yBAAyB,EAAE,MAAM,SAAS,CAAC;AAGrF,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAG3C,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAG1E,OAAO,EACL,mBAAmB,EACnB,cAAc,EACd,iBAAiB,EACjB,aAAa,GACd,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,6BAA6B,EAC7B,yBAAyB,EACzB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AACzE,OAAO,EAAE,uBAAuB,EAAE,MAAM,2BAA2B,CAAC;AAGpE,OAAO,EACL,uBAAuB,EACvB,MAAM,EACN,WAAW,EACX,iCAAiC,EACjC,iCAAiC,EACjC,gCAAgC,EAChC,oBAAoB,EACpB,qCAAqC,EACrC,wCAAwC,EACxC,yCAAyC,GAC1C,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,qBAAqB,EACrB,qBAAqB,GACtB,MAAM,qCAAqC,CAAC;AAG7C,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAC1F,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,EAAE,gCAAgC,EAAE,MAAM,gDAAgD,CAAC"}

package/dist/index.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.StreamingConstraintHandlerBundle = exports.ConstraintHandlerBundle = exports.ConstraintEnforcementService = exports.SaplConstraintHandler = exports.Signal = exports.NO_RESOURCE_REPLACEMENT = exports.EnforceRecoverableIfDenied = exports.EnforceDropWhileDenied = exports.EnforceTillDenied = exports.PostEnforce = exports.PreEnforce = exports.PdpService = exports.SAPL_MODULE_OPTIONS = exports.SaplModule = void 0;
+// Module
+var sapl_module_1 = require("./sapl.module");
+Object.defineProperty(exports, "SaplModule", { enumerable: true, get: function () { return sapl_module_1.SaplModule; } });
+var sapl_constants_1 = require("./sapl.constants");
+Object.defineProperty(exports, "SAPL_MODULE_OPTIONS", { enumerable: true, get: function () { return sapl_constants_1.SAPL_MODULE_OPTIONS; } });
+// PDP
+var pdp_service_1 = require("./pdp.service");
+Object.defineProperty(exports, "PdpService", { enumerable: true, get: function () { return pdp_service_1.PdpService; } });
+// Decorators
+var PreEnforce_1 = require("./PreEnforce");
+Object.defineProperty(exports, "PreEnforce", { enumerable: true, get: function () { return PreEnforce_1.PreEnforce; } });
+var PostEnforce_1 = require("./PostEnforce");
+Object.defineProperty(exports, "PostEnforce", { enumerable: true, get: function () { return PostEnforce_1.PostEnforce; } });
+var EnforceTillDenied_1 = require("./EnforceTillDenied");
+Object.defineProperty(exports, "EnforceTillDenied", { enumerable: true, get: function () { return EnforceTillDenied_1.EnforceTillDenied; } });
+var EnforceDropWhileDenied_1 = require("./EnforceDropWhileDenied");
+Object.defineProperty(exports, "EnforceDropWhileDenied", { enumerable: true, get: function () { return EnforceDropWhileDenied_1.EnforceDropWhileDenied; } });
+var EnforceRecoverableIfDenied_1 = require("./EnforceRecoverableIfDenied");
+Object.defineProperty(exports, "EnforceRecoverableIfDenied", { enumerable: true, get: function () { return EnforceRecoverableIfDenied_1.EnforceRecoverableIfDenied; } });
+// Constraint handler API
+var index_1 = require("./constraints/api/index");
+Object.defineProperty(exports, "NO_RESOURCE_REPLACEMENT", { enumerable: true, get: function () { return index_1.NO_RESOURCE_REPLACEMENT; } });
+Object.defineProperty(exports, "Signal", { enumerable: true, get: function () { return index_1.Signal; } });
+// Constraint handler registration
+var SaplConstraintHandler_1 = require("./constraints/SaplConstraintHandler");
+Object.defineProperty(exports, "SaplConstraintHandler", { enumerable: true, get: function () { return SaplConstraintHandler_1.SaplConstraintHandler; } });
+// Constraint handler service
+var ConstraintEnforcementService_1 = require("./constraints/ConstraintEnforcementService");
+Object.defineProperty(exports, "ConstraintEnforcementService", { enumerable: true, get: function () { return ConstraintEnforcementService_1.ConstraintEnforcementService; } });
+var ConstraintHandlerBundle_1 = require("./constraints/ConstraintHandlerBundle");
+Object.defineProperty(exports, "ConstraintHandlerBundle", { enumerable: true, get: function () { return ConstraintHandlerBundle_1.ConstraintHandlerBundle; } });
+var StreamingConstraintHandlerBundle_1 = require("./constraints/StreamingConstraintHandlerBundle");
+Object.defineProperty(exports, "StreamingConstraintHandlerBundle", { enumerable: true, get: function () { return StreamingConstraintHandlerBundle_1.StreamingConstraintHandlerBundle; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../lib/index.ts"],"names":[],"mappings":";;;AAAA,SAAS;AACT,6CAA2C;AAAlC,yGAAA,UAAU,OAAA;AACnB,mDAAuD;AAA9C,qHAAA,mBAAmB,OAAA;AAM5B,MAAM;AACN,6CAA2C;AAAlC,yGAAA,UAAU,OAAA;AAEnB,aAAa;AACb,2CAA0C;AAAjC,wGAAA,UAAU,OAAA;AACnB,6CAA4C;AAAnC,0GAAA,WAAW,OAAA;AACpB,yDAAwD;AAA/C,sHAAA,iBAAiB,OAAA;AAC1B,mEAAkE;AAAzD,gIAAA,sBAAsB,OAAA;AAC/B,2EAA0E;AAAjE,wIAAA,0BAA0B,OAAA;AAoBnC,yBAAyB;AACzB,iDAWiC;AAV/B,gHAAA,uBAAuB,OAAA;AACvB,+FAAA,MAAM,OAAA;AAWR,kCAAkC;AAClC,6EAG6C;AAF3C,8HAAA,qBAAqB,OAAA;AAIvB,6BAA6B;AAC7B,2FAA0F;AAAjF,4IAAA,4BAA4B,OAAA;AACrC,iFAAgF;AAAvE,kIAAA,uBAAuB,OAAA;AAChC,mGAAkG;AAAzF,oJAAA,gCAAgC,OAAA"}

package/dist/pdp.service.d.ts

@@ -0,0 +1,17 @@
+import { Observable } from 'rxjs';
+import { SaplModuleOptions } from './sapl.interfaces';
+import { AuthorizationDecision, AuthorizationSubscription } from './types';
+export declare class PdpService {
+    private readonly options;
+    private readonly logger;
+    private readonly timeoutMs;
+    private readonly retryBaseDelay;
+    private readonly retryMaxDelay;
+    private readonly maxRetries;
+    private readonly decideOnceUrl;
+    private readonly decideUrl;
+    constructor(options: SaplModuleOptions);
+    decideOnce(subscription: AuthorizationSubscription): Promise<AuthorizationDecision>;
+    decide(subscription: AuthorizationSubscription): Observable<AuthorizationDecision>;
+}
+//# sourceMappingURL=pdp.service.d.ts.map

package/dist/pdp.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pdp.service.d.ts","sourceRoot":"","sources":["../lib/pdp.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAsC,MAAM,MAAM,CAAC;AAEtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,yBAAyB,EAAY,MAAM,SAAS,CAAC;AA+CrF,qBACa,UAAU;IAWnB,OAAO,CAAC,QAAQ,CAAC,OAAO;IAV1B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA+B;IACtD,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAS;IACvC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;gBAIhB,OAAO,EAAE,iBAAiB;IAyBvC,UAAU,CAAC,YAAY,EAAE,yBAAyB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAgEzF,MAAM,CAAC,YAAY,EAAE,yBAAyB,GAAG,UAAU,CAAC,qBAAqB,CAAC;CAsKnF"}