npm - @schorts/shared-kernel - Versions diffs - 2.2.5 → 2.3.1 - Mend

@schorts/shared-kernel 2.2.5 → 2.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/CHANGELOG +14 -2
package/dist/cjs/index.js +1 -0
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/rbac/index.js +6 -0
package/dist/cjs/rbac/index.js.map +1 -0
package/dist/cjs/rbac/permission.js +3 -0
package/dist/cjs/rbac/permission.js.map +1 -0
package/dist/cjs/rbac/rbac-policy.js +18 -0
package/dist/cjs/rbac/rbac-policy.js.map +1 -0
package/dist/cjs/rbac/resource.js +3 -0
package/dist/cjs/rbac/resource.js.map +1 -0
package/dist/esm/index.js +1 -0
package/dist/esm/index.js.map +1 -1
package/dist/esm/rbac/index.js +6 -0
package/dist/esm/rbac/index.js.map +1 -0
package/dist/esm/rbac/permission.js +3 -0
package/dist/esm/rbac/permission.js.map +1 -0
package/dist/esm/rbac/rbac-policy.js +18 -0
package/dist/esm/rbac/rbac-policy.js.map +1 -0
package/dist/esm/rbac/resource.js +3 -0
package/dist/esm/rbac/resource.js.map +1 -0
package/dist/types/index.d.ts +1 -0
package/dist/types/index.d.ts.map +1 -1
package/dist/types/rbac/index.d.ts +4 -0
package/dist/types/rbac/index.d.ts.map +1 -0
package/dist/types/rbac/permission.d.ts +5 -0
package/dist/types/rbac/permission.d.ts.map +1 -0
package/dist/types/rbac/rbac-policy.d.ts +11 -0
package/dist/types/rbac/rbac-policy.d.ts.map +1 -0
package/dist/types/rbac/resource.d.ts +5 -0
package/dist/types/rbac/resource.d.ts.map +1 -0
package/package.json +6 -1
package/src/index.ts +1 -0
package/src/rbac/index.ts +4 -0
package/src/rbac/permission.ts +4 -0
package/src/rbac/rbac-policy.ts +26 -0
package/src/rbac/resource.ts +4 -0

package/CHANGELOG CHANGED Viewed

@@ -5,13 +5,25 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-### [2.2.4] - 2025-10-10
+## [2.3.1] - 2025-10-11
+### Changed
+- `userID` now is protected in the `RBACPolicy`.
+## [2.3.0] - 2025-10-10
+### Added
+- Added `RBAC` module.
+## [2.2.4] - 2025-10-10
 ### Changed
 - Remove `Optional` param in the `EnumValue`. Instead allow null values in the `allowedTypes` array.
-### [2.2.3] - 2025-10-10
+## [2.2.3] - 2025-10-10
 ### Changed

package/dist/cjs/index.js CHANGED Viewed

@@ -25,6 +25,7 @@ __exportStar(require("./i18n"), exports);
 __exportStar(require("./json-api"), exports);
 __exportStar(require("./messages"), exports);
 __exportStar(require("./models"), exports);
+__exportStar(require("./rbac"), exports);
 __exportStar(require("./result"), exports);
 __exportStar(require("./state-manager"), exports);
 __exportStar(require("./unit-of-work"), exports);

package/dist/cjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AACvB,6CAA2B;AAC3B,wCAAsB;AACtB,kDAAgC;AAChC,6CAA2B;AAC3B,+CAA6B;AAC7B,yCAAuB;AACvB,yCAAuB;AACvB,6CAA2B;AAC3B,6CAA2B;AAC3B,2CAAyB;AACzB,2CAAyB;AACzB,kDAAgC;AAChC,iDAA+B;AAC/B,0CAAwB;AACxB,kDAAgC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AACvB,6CAA2B;AAC3B,wCAAsB;AACtB,kDAAgC;AAChC,6CAA2B;AAC3B,+CAA6B;AAC7B,yCAAuB;AACvB,yCAAuB;AACvB,6CAA2B;AAC3B,6CAA2B;AAC3B,2CAAyB;AACzB,yCAAuB;AACvB,2CAAyB;AACzB,kDAAgC;AAChC,iDAA+B;AAC/B,0CAAwB;AACxB,kDAAgC"}

package/dist/cjs/rbac/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RBACPolicy = void 0;
+var rbac_policy_1 = require("./rbac-policy");
+Object.defineProperty(exports, "RBACPolicy", { enumerable: true, get: function () { return rbac_policy_1.RBACPolicy; } });
+//# sourceMappingURL=index.js.map

package/dist/cjs/rbac/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rbac/index.ts"],"names":[],"mappings":";;;AAGA,6CAA2C;AAAlC,yGAAA,UAAU,OAAA"}

package/dist/cjs/rbac/permission.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=permission.js.map

package/dist/cjs/rbac/permission.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"permission.js","sourceRoot":"","sources":["../../../src/rbac/permission.ts"],"names":[],"mappings":""}

package/dist/cjs/rbac/rbac-policy.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RBACPolicy = void 0;
+class RBACPolicy {
+    can(role, action, resource) {
+        const permissions = this.getPermissions(role);
+        return permissions.some((perm) => (perm.resource === '*' || perm.resource === resource.name) &&
+            (perm.action === action || perm.action === 'manage'));
+    }
+    canAccessOwnedResource(resource) {
+        return resource.owner_id === this.userID.value;
+    }
+    canWithOwnership(role, action, resource) {
+        return this.can(role, action, resource) && this.canAccessOwnedResource(resource);
+    }
+}
+exports.RBACPolicy = RBACPolicy;
+//# sourceMappingURL=rbac-policy.js.map

package/dist/cjs/rbac/rbac-policy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rbac-policy.js","sourceRoot":"","sources":["../../../src/rbac/rbac-policy.ts"],"names":[],"mappings":";;;AAIA,MAAsB,UAAU;IAI9B,GAAG,CAAC,IAAU,EAAE,MAA4B,EAAE,QAAkB;QAC9D,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAE9C,OAAO,WAAW,CAAC,IAAI,CACrB,CAAC,IAAI,EAAE,EAAE,CACP,CAAC,IAAI,CAAC,QAAQ,KAAK,GAAG,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,IAAI,CAAC;YAC1D,CAAC,IAAI,CAAC,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CACvD,CAAC;IACJ,CAAC;IAED,sBAAsB,CAAC,QAAkB;QACvC,OAAO,QAAQ,CAAC,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;IACjD,CAAC;IAED,gBAAgB,CAAC,IAAU,EAAE,MAA4B,EAAE,QAAkB;QAC3E,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACnF,CAAC;CACF;AArBD,gCAqBC"}

package/dist/cjs/rbac/resource.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=resource.js.map

package/dist/cjs/rbac/resource.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"resource.js","sourceRoot":"","sources":["../../../src/rbac/resource.ts"],"names":[],"mappings":""}

package/dist/esm/index.js CHANGED Viewed

@@ -25,6 +25,7 @@ __exportStar(require("./i18n"), exports);
 __exportStar(require("./json-api"), exports);
 __exportStar(require("./messages"), exports);
 __exportStar(require("./models"), exports);
+__exportStar(require("./rbac"), exports);
 __exportStar(require("./result"), exports);
 __exportStar(require("./state-manager"), exports);
 __exportStar(require("./unit-of-work"), exports);

package/dist/esm/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AACvB,6CAA2B;AAC3B,wCAAsB;AACtB,kDAAgC;AAChC,6CAA2B;AAC3B,+CAA6B;AAC7B,yCAAuB;AACvB,yCAAuB;AACvB,6CAA2B;AAC3B,6CAA2B;AAC3B,2CAAyB;AACzB,2CAAyB;AACzB,kDAAgC;AAChC,iDAA+B;AAC/B,0CAAwB;AACxB,kDAAgC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB;AACvB,6CAA2B;AAC3B,wCAAsB;AACtB,kDAAgC;AAChC,6CAA2B;AAC3B,+CAA6B;AAC7B,yCAAuB;AACvB,yCAAuB;AACvB,6CAA2B;AAC3B,6CAA2B;AAC3B,2CAAyB;AACzB,yCAAuB;AACvB,2CAAyB;AACzB,kDAAgC;AAChC,iDAA+B;AAC/B,0CAAwB;AACxB,kDAAgC"}

package/dist/esm/rbac/index.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RBACPolicy = void 0;
+var rbac_policy_1 = require("./rbac-policy");
+Object.defineProperty(exports, "RBACPolicy", { enumerable: true, get: function () { return rbac_policy_1.RBACPolicy; } });
+//# sourceMappingURL=index.js.map

package/dist/esm/rbac/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rbac/index.ts"],"names":[],"mappings":";;;AAGA,6CAA2C;AAAlC,yGAAA,UAAU,OAAA"}

package/dist/esm/rbac/permission.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=permission.js.map

package/dist/esm/rbac/permission.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"permission.js","sourceRoot":"","sources":["../../../src/rbac/permission.ts"],"names":[],"mappings":""}

package/dist/esm/rbac/rbac-policy.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RBACPolicy = void 0;
+class RBACPolicy {
+    can(role, action, resource) {
+        const permissions = this.getPermissions(role);
+        return permissions.some((perm) => (perm.resource === '*' || perm.resource === resource.name) &&
+            (perm.action === action || perm.action === 'manage'));
+    }
+    canAccessOwnedResource(resource) {
+        return resource.owner_id === this.userID.value;
+    }
+    canWithOwnership(role, action, resource) {
+        return this.can(role, action, resource) && this.canAccessOwnedResource(resource);
+    }
+}
+exports.RBACPolicy = RBACPolicy;
+//# sourceMappingURL=rbac-policy.js.map

package/dist/esm/rbac/rbac-policy.js.map ADDED Viewed

@@ -0,0 +1 @@

package/dist/esm/rbac/resource.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=resource.js.map

package/dist/esm/rbac/resource.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"resource.js","sourceRoot":"","sources":["../../../src/rbac/resource.ts"],"names":[],"mappings":""}

package/dist/types/index.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ export * from "./i18n";
 export * from "./json-api";
 export * from "./messages";
 export * from "./models";
+export * from "./rbac";
 export * from "./result";
 export * from "./state-manager";
 export * from "./unit-of-work";

package/dist/types/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,YAAY,CAAC;AAC3B,cAAc,OAAO,CAAC;AACtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,cAAc,YAAY,CAAC;AAC3B,cAAc,YAAY,CAAC;AAC3B,cAAc,UAAU,CAAC;AACzB,cAAc,UAAU,CAAC;AACzB,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,iBAAiB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,YAAY,CAAC;AAC3B,cAAc,OAAO,CAAC;AACtB,cAAc,iBAAiB,CAAC;AAChC,cAAc,YAAY,CAAC;AAC3B,cAAc,cAAc,CAAC;AAC7B,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,cAAc,YAAY,CAAC;AAC3B,cAAc,YAAY,CAAC;AAC3B,cAAc,UAAU,CAAC;AACzB,cAAc,QAAQ,CAAC;AACvB,cAAc,UAAU,CAAC;AACzB,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,SAAS,CAAC;AACxB,cAAc,iBAAiB,CAAC"}

package/dist/types/rbac/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export type { Permission } from "./permission";
+export type { Resource } from "./resource";
+export { RBACPolicy } from "./rbac-policy";
+//# sourceMappingURL=index.d.ts.map

package/dist/types/rbac/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rbac/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC/C,YAAY,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAE3C,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC"}

package/dist/types/rbac/permission.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export type Permission = {
+    resource: string;
+    action: "read" | "write" | "delete" | "manage";
+};
+//# sourceMappingURL=permission.d.ts.map

package/dist/types/rbac/permission.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"permission.d.ts","sourceRoot":"","sources":["../../../src/rbac/permission.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;CAChD,CAAA"}

package/dist/types/rbac/rbac-policy.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { Permission } from './permission';
+import { Resource } from './resource';
+import { ValueObject } from '../value-objects';
+export declare abstract class RBACPolicy<Role extends string, UserID extends ValueObject> {
+    protected abstract userID: UserID;
+    abstract getPermissions(role: Role): Permission[];
+    can(role: Role, action: Permission['action'], resource: Resource): boolean;
+    canAccessOwnedResource(resource: Resource): boolean;
+    canWithOwnership(role: Role, action: Permission['action'], resource: Resource): boolean;
+}
+//# sourceMappingURL=rbac-policy.d.ts.map

package/dist/types/rbac/rbac-policy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rbac-policy.d.ts","sourceRoot":"","sources":["../../../src/rbac/rbac-policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,8BAAsB,UAAU,CAAC,IAAI,SAAS,MAAM,EAAE,MAAM,SAAS,WAAW;IAC9E,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,cAAc,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,EAAE;IAEjD,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO;IAU1E,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO;IAInD,gBAAgB,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,QAAQ,GAAG,OAAO;CAGxF"}

package/dist/types/rbac/resource.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export type Resource = {
+    name: string;
+    owner_id?: string;
+};
+//# sourceMappingURL=resource.d.ts.map

package/dist/types/rbac/resource.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"resource.d.ts","sourceRoot":"","sources":["../../../src/rbac/resource.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@schorts/shared-kernel",
-  "version": "2.2.5",
+  "version": "2.3.1",
   "description": "A modular, type-safe foundation for building expressive, maintainable applications. This package provides core abstractions for domain modeling, HTTP integration, authentication, state management, and more — designed to be framework-agnostic and highly extensible.",
   "main": "./dist/cjs/index.js",
   "module": "./dist/esm/index.js",
@@ -66,6 +66,11 @@
       "require": "./dist/cjs/models/index.js",
       "types": "./dist/types/models/index.d.ts"
     },
+    "./rbac": {
+      "import": "./dist/esm/rbac/index.js",
+      "require": "./dist/cjs/rbac/index.js",
+      "types": "./dist/types/rbac/index.d.ts"
+    },
     "./result": {
       "import": "./dist/esm/result/index.js",
       "require": "./dist/cjs/result/index.js",

package/src/index.ts CHANGED Viewed

@@ -9,6 +9,7 @@ export * from "./i18n";
 export * from "./json-api";
 export * from "./messages";
 export * from "./models";
+export * from "./rbac";
 export * from "./result";
 export * from "./state-manager";
 export * from "./unit-of-work";

package/src/rbac/index.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export type { Permission } from "./permission";
+export type { Resource } from "./resource";
+export { RBACPolicy } from "./rbac-policy";

package/src/rbac/permission.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export type Permission = {
+  resource: string;
+  action: "read" | "write" | "delete" | "manage";
+}

package/src/rbac/rbac-policy.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import { Permission } from './permission';
+import { Resource } from './resource';
+import { ValueObject } from '../value-objects';
+export abstract class RBACPolicy<Role extends string, UserID extends ValueObject> {
+  protected abstract userID: UserID;
+  abstract getPermissions(role: Role): Permission[];
+  can(role: Role, action: Permission['action'], resource: Resource): boolean {
+    const permissions = this.getPermissions(role);
+    return permissions.some(
+      (perm) =>
+        (perm.resource === '*' || perm.resource === resource.name) &&
+        (perm.action === action || perm.action === 'manage')
+    );
+  }
+  canAccessOwnedResource(resource: Resource): boolean {
+    return resource.owner_id === this.userID.value;
+  }
+  canWithOwnership(role: Role, action: Permission['action'], resource: Resource): boolean {
+    return this.can(role, action, resource) && this.canAccessOwnedResource(resource);
+  }
+}

package/src/rbac/resource.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export type Resource = {
+  name: string;
+  owner_id?: string;
+};