@smythos/sre 1.5.43 → 1.5.45

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (233) hide show
  1. package/CHANGELOG +90 -90
  2. package/LICENSE +18 -18
  3. package/README.md +135 -135
  4. package/dist/index.js +13 -13
  5. package/dist/index.js.map +1 -1
  6. package/dist/types/Components/GenAILLM.class.d.ts +6 -0
  7. package/dist/types/helpers/AWSLambdaCode.helper.d.ts +8 -5
  8. package/dist/types/index.d.ts +1 -0
  9. package/dist/types/subsystems/LLMManager/LLM.service/connectors/Groq.class.d.ts +5 -0
  10. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/OpenAIConnector.class.d.ts +13 -1
  11. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ChatCompletionsApiInterface.d.ts +0 -4
  12. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ResponsesApiInterface.d.ts +44 -29
  13. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/constants.d.ts +4 -2
  14. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/utils.d.ts +6 -0
  15. package/dist/types/subsystems/LLMManager/LLM.service/connectors/openai/types.d.ts +0 -4
  16. package/dist/types/subsystems/LLMManager/ModelsProvider.service/connectors/SmythModelsProvider.class.d.ts +39 -0
  17. package/dist/types/types/LLM.types.d.ts +4 -1
  18. package/package.json +5 -2
  19. package/src/Components/APICall/APICall.class.ts +156 -156
  20. package/src/Components/APICall/AccessTokenManager.ts +130 -130
  21. package/src/Components/APICall/ArrayBufferResponse.helper.ts +58 -58
  22. package/src/Components/APICall/OAuth.helper.ts +294 -294
  23. package/src/Components/APICall/mimeTypeCategories.ts +46 -46
  24. package/src/Components/APICall/parseData.ts +167 -167
  25. package/src/Components/APICall/parseHeaders.ts +41 -41
  26. package/src/Components/APICall/parseProxy.ts +68 -68
  27. package/src/Components/APICall/parseUrl.ts +91 -91
  28. package/src/Components/APIEndpoint.class.ts +234 -234
  29. package/src/Components/APIOutput.class.ts +58 -58
  30. package/src/Components/AgentPlugin.class.ts +102 -102
  31. package/src/Components/Async.class.ts +155 -155
  32. package/src/Components/Await.class.ts +90 -90
  33. package/src/Components/Classifier.class.ts +158 -158
  34. package/src/Components/Component.class.ts +132 -132
  35. package/src/Components/ComponentHost.class.ts +38 -38
  36. package/src/Components/DataSourceCleaner.class.ts +92 -92
  37. package/src/Components/DataSourceIndexer.class.ts +181 -181
  38. package/src/Components/DataSourceLookup.class.ts +161 -161
  39. package/src/Components/ECMASandbox.class.ts +71 -71
  40. package/src/Components/FEncDec.class.ts +29 -29
  41. package/src/Components/FHash.class.ts +33 -33
  42. package/src/Components/FSign.class.ts +80 -80
  43. package/src/Components/FSleep.class.ts +25 -25
  44. package/src/Components/FTimestamp.class.ts +25 -25
  45. package/src/Components/FileStore.class.ts +78 -78
  46. package/src/Components/ForEach.class.ts +97 -97
  47. package/src/Components/GPTPlugin.class.ts +70 -70
  48. package/src/Components/GenAILLM.class.ts +586 -579
  49. package/src/Components/HuggingFace.class.ts +314 -314
  50. package/src/Components/Image/imageSettings.config.ts +70 -70
  51. package/src/Components/ImageGenerator.class.ts +502 -502
  52. package/src/Components/JSONFilter.class.ts +54 -54
  53. package/src/Components/LLMAssistant.class.ts +213 -213
  54. package/src/Components/LogicAND.class.ts +28 -28
  55. package/src/Components/LogicAtLeast.class.ts +85 -85
  56. package/src/Components/LogicAtMost.class.ts +86 -86
  57. package/src/Components/LogicOR.class.ts +29 -29
  58. package/src/Components/LogicXOR.class.ts +34 -34
  59. package/src/Components/MCPClient.class.ts +112 -112
  60. package/src/Components/MemoryDeleteKeyVal.class.ts +70 -70
  61. package/src/Components/MemoryReadKeyVal.class.ts +66 -66
  62. package/src/Components/MemoryWriteKeyVal.class.ts +62 -62
  63. package/src/Components/MemoryWriteObject.class.ts +97 -97
  64. package/src/Components/MultimodalLLM.class.ts +128 -128
  65. package/src/Components/OpenAPI.class.ts +72 -72
  66. package/src/Components/PromptGenerator.class.ts +122 -122
  67. package/src/Components/ScrapflyWebScrape.class.ts +159 -159
  68. package/src/Components/ServerlessCode.class.ts +123 -123
  69. package/src/Components/TavilyWebSearch.class.ts +98 -98
  70. package/src/Components/VisionLLM.class.ts +104 -104
  71. package/src/Components/ZapierAction.class.ts +127 -127
  72. package/src/Components/index.ts +97 -97
  73. package/src/Core/AgentProcess.helper.ts +240 -240
  74. package/src/Core/Connector.class.ts +123 -123
  75. package/src/Core/ConnectorsService.ts +197 -197
  76. package/src/Core/DummyConnector.ts +49 -49
  77. package/src/Core/HookService.ts +105 -105
  78. package/src/Core/SmythRuntime.class.ts +235 -235
  79. package/src/Core/SystemEvents.ts +16 -16
  80. package/src/Core/boot.ts +56 -56
  81. package/src/config.ts +15 -15
  82. package/src/constants.ts +126 -126
  83. package/src/data/hugging-face.params.json +579 -579
  84. package/src/helpers/AWSLambdaCode.helper.ts +588 -528
  85. package/src/helpers/BinaryInput.helper.ts +331 -331
  86. package/src/helpers/Conversation.helper.ts +1119 -1119
  87. package/src/helpers/ECMASandbox.helper.ts +54 -54
  88. package/src/helpers/JsonContent.helper.ts +97 -97
  89. package/src/helpers/LocalCache.helper.ts +97 -97
  90. package/src/helpers/Log.helper.ts +274 -274
  91. package/src/helpers/OpenApiParser.helper.ts +150 -150
  92. package/src/helpers/S3Cache.helper.ts +147 -147
  93. package/src/helpers/SmythURI.helper.ts +5 -5
  94. package/src/helpers/Sysconfig.helper.ts +77 -77
  95. package/src/helpers/TemplateString.helper.ts +243 -243
  96. package/src/helpers/TypeChecker.helper.ts +329 -329
  97. package/src/index.ts +4 -3
  98. package/src/index.ts.bak +4 -3
  99. package/src/subsystems/AgentManager/Agent.class.ts +1114 -1114
  100. package/src/subsystems/AgentManager/Agent.helper.ts +3 -3
  101. package/src/subsystems/AgentManager/AgentData.service/AgentDataConnector.ts +230 -230
  102. package/src/subsystems/AgentManager/AgentData.service/connectors/CLIAgentDataConnector.class.ts +66 -66
  103. package/src/subsystems/AgentManager/AgentData.service/connectors/LocalAgentDataConnector.class.ts +142 -142
  104. package/src/subsystems/AgentManager/AgentData.service/connectors/NullAgentData.class.ts +39 -39
  105. package/src/subsystems/AgentManager/AgentData.service/index.ts +18 -18
  106. package/src/subsystems/AgentManager/AgentLogger.class.ts +297 -297
  107. package/src/subsystems/AgentManager/AgentRequest.class.ts +51 -51
  108. package/src/subsystems/AgentManager/AgentRuntime.class.ts +559 -559
  109. package/src/subsystems/AgentManager/AgentSSE.class.ts +101 -101
  110. package/src/subsystems/AgentManager/AgentSettings.class.ts +52 -52
  111. package/src/subsystems/AgentManager/Component.service/ComponentConnector.ts +32 -32
  112. package/src/subsystems/AgentManager/Component.service/connectors/LocalComponentConnector.class.ts +60 -60
  113. package/src/subsystems/AgentManager/Component.service/index.ts +11 -11
  114. package/src/subsystems/AgentManager/EmbodimentSettings.class.ts +47 -47
  115. package/src/subsystems/AgentManager/ForkedAgent.class.ts +154 -154
  116. package/src/subsystems/AgentManager/OSResourceMonitor.ts +77 -77
  117. package/src/subsystems/ComputeManager/Code.service/CodeConnector.ts +98 -98
  118. package/src/subsystems/ComputeManager/Code.service/connectors/AWSLambdaCode.class.ts +172 -170
  119. package/src/subsystems/ComputeManager/Code.service/connectors/ECMASandbox.class.ts +131 -131
  120. package/src/subsystems/ComputeManager/Code.service/index.ts +13 -13
  121. package/src/subsystems/IO/CLI.service/CLIConnector.ts +47 -47
  122. package/src/subsystems/IO/CLI.service/index.ts +9 -9
  123. package/src/subsystems/IO/Log.service/LogConnector.ts +32 -32
  124. package/src/subsystems/IO/Log.service/connectors/ConsoleLog.class.ts +28 -28
  125. package/src/subsystems/IO/Log.service/index.ts +13 -13
  126. package/src/subsystems/IO/NKV.service/NKVConnector.ts +43 -43
  127. package/src/subsystems/IO/NKV.service/connectors/NKVLocalStorage.class.ts +234 -234
  128. package/src/subsystems/IO/NKV.service/connectors/NKVRAM.class.ts +204 -204
  129. package/src/subsystems/IO/NKV.service/connectors/NKVRedis.class.ts +182 -182
  130. package/src/subsystems/IO/NKV.service/index.ts +14 -14
  131. package/src/subsystems/IO/Router.service/RouterConnector.ts +21 -21
  132. package/src/subsystems/IO/Router.service/connectors/ExpressRouter.class.ts +48 -48
  133. package/src/subsystems/IO/Router.service/connectors/NullRouter.class.ts +40 -40
  134. package/src/subsystems/IO/Router.service/index.ts +11 -11
  135. package/src/subsystems/IO/Storage.service/SmythFS.class.ts +489 -489
  136. package/src/subsystems/IO/Storage.service/StorageConnector.ts +66 -66
  137. package/src/subsystems/IO/Storage.service/connectors/LocalStorage.class.ts +327 -327
  138. package/src/subsystems/IO/Storage.service/connectors/S3Storage.class.ts +482 -482
  139. package/src/subsystems/IO/Storage.service/index.ts +13 -13
  140. package/src/subsystems/IO/VectorDB.service/VectorDBConnector.ts +108 -108
  141. package/src/subsystems/IO/VectorDB.service/connectors/MilvusVectorDB.class.ts +454 -454
  142. package/src/subsystems/IO/VectorDB.service/connectors/PineconeVectorDB.class.ts +384 -384
  143. package/src/subsystems/IO/VectorDB.service/connectors/RAMVecrtorDB.class.ts +421 -421
  144. package/src/subsystems/IO/VectorDB.service/embed/BaseEmbedding.ts +107 -107
  145. package/src/subsystems/IO/VectorDB.service/embed/OpenAIEmbedding.ts +109 -109
  146. package/src/subsystems/IO/VectorDB.service/embed/index.ts +21 -21
  147. package/src/subsystems/IO/VectorDB.service/index.ts +14 -14
  148. package/src/subsystems/LLMManager/LLM.helper.ts +251 -251
  149. package/src/subsystems/LLMManager/LLM.inference.ts +339 -339
  150. package/src/subsystems/LLMManager/LLM.service/LLMConnector.ts +489 -489
  151. package/src/subsystems/LLMManager/LLM.service/LLMCredentials.helper.ts +171 -171
  152. package/src/subsystems/LLMManager/LLM.service/connectors/Anthropic.class.ts +659 -659
  153. package/src/subsystems/LLMManager/LLM.service/connectors/Bedrock.class.ts +400 -400
  154. package/src/subsystems/LLMManager/LLM.service/connectors/Echo.class.ts +77 -77
  155. package/src/subsystems/LLMManager/LLM.service/connectors/GoogleAI.class.ts +757 -757
  156. package/src/subsystems/LLMManager/LLM.service/connectors/Groq.class.ts +304 -291
  157. package/src/subsystems/LLMManager/LLM.service/connectors/Perplexity.class.ts +250 -250
  158. package/src/subsystems/LLMManager/LLM.service/connectors/VertexAI.class.ts +423 -423
  159. package/src/subsystems/LLMManager/LLM.service/connectors/openai/OpenAIConnector.class.ts +488 -455
  160. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ChatCompletionsApiInterface.ts +528 -528
  161. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/OpenAIApiInterface.ts +100 -100
  162. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/OpenAIApiInterfaceFactory.ts +81 -81
  163. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/ResponsesApiInterface.ts +1168 -853
  164. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/constants.ts +13 -37
  165. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/index.ts +4 -4
  166. package/src/subsystems/LLMManager/LLM.service/connectors/openai/apiInterfaces/utils.ts +11 -0
  167. package/src/subsystems/LLMManager/LLM.service/connectors/openai/types.ts +32 -37
  168. package/src/subsystems/LLMManager/LLM.service/connectors/xAI.class.ts +471 -471
  169. package/src/subsystems/LLMManager/LLM.service/index.ts +44 -44
  170. package/src/subsystems/LLMManager/ModelsProvider.service/ModelsProviderConnector.ts +300 -300
  171. package/src/subsystems/LLMManager/ModelsProvider.service/connectors/JSONModelsProvider.class.ts +252 -252
  172. package/src/subsystems/LLMManager/ModelsProvider.service/index.ts +11 -11
  173. package/src/subsystems/LLMManager/custom-models.ts +854 -854
  174. package/src/subsystems/LLMManager/models.ts +2540 -2540
  175. package/src/subsystems/LLMManager/paramMappings.ts +69 -69
  176. package/src/subsystems/MemoryManager/Cache.service/CacheConnector.ts +86 -86
  177. package/src/subsystems/MemoryManager/Cache.service/connectors/LocalStorageCache.class.ts +297 -297
  178. package/src/subsystems/MemoryManager/Cache.service/connectors/RAMCache.class.ts +201 -201
  179. package/src/subsystems/MemoryManager/Cache.service/connectors/RedisCache.class.ts +252 -252
  180. package/src/subsystems/MemoryManager/Cache.service/connectors/S3Cache.class.ts +373 -373
  181. package/src/subsystems/MemoryManager/Cache.service/index.ts +15 -15
  182. package/src/subsystems/MemoryManager/LLMCache.ts +72 -72
  183. package/src/subsystems/MemoryManager/LLMContext.ts +124 -124
  184. package/src/subsystems/MemoryManager/LLMMemory.service/LLMMemoryConnector.ts +26 -26
  185. package/src/subsystems/MemoryManager/RuntimeContext.ts +266 -266
  186. package/src/subsystems/Security/AccessControl/ACL.class.ts +208 -208
  187. package/src/subsystems/Security/AccessControl/AccessCandidate.class.ts +82 -82
  188. package/src/subsystems/Security/AccessControl/AccessRequest.class.ts +52 -52
  189. package/src/subsystems/Security/Account.service/AccountConnector.ts +44 -44
  190. package/src/subsystems/Security/Account.service/connectors/AWSAccount.class.ts +76 -76
  191. package/src/subsystems/Security/Account.service/connectors/DummyAccount.class.ts +130 -130
  192. package/src/subsystems/Security/Account.service/connectors/JSONFileAccount.class.ts +159 -159
  193. package/src/subsystems/Security/Account.service/index.ts +14 -14
  194. package/src/subsystems/Security/Credentials.helper.ts +62 -62
  195. package/src/subsystems/Security/ManagedVault.service/ManagedVaultConnector.ts +38 -38
  196. package/src/subsystems/Security/ManagedVault.service/connectors/NullManagedVault.class.ts +53 -53
  197. package/src/subsystems/Security/ManagedVault.service/connectors/SecretManagerManagedVault.ts +154 -154
  198. package/src/subsystems/Security/ManagedVault.service/index.ts +12 -12
  199. package/src/subsystems/Security/SecureConnector.class.ts +110 -110
  200. package/src/subsystems/Security/Vault.service/Vault.helper.ts +30 -30
  201. package/src/subsystems/Security/Vault.service/VaultConnector.ts +29 -29
  202. package/src/subsystems/Security/Vault.service/connectors/HashicorpVault.class.ts +46 -46
  203. package/src/subsystems/Security/Vault.service/connectors/JSONFileVault.class.ts +221 -221
  204. package/src/subsystems/Security/Vault.service/connectors/NullVault.class.ts +54 -54
  205. package/src/subsystems/Security/Vault.service/connectors/SecretsManager.class.ts +140 -140
  206. package/src/subsystems/Security/Vault.service/index.ts +12 -12
  207. package/src/types/ACL.types.ts +104 -104
  208. package/src/types/AWS.types.ts +10 -10
  209. package/src/types/Agent.types.ts +61 -61
  210. package/src/types/AgentLogger.types.ts +17 -17
  211. package/src/types/Cache.types.ts +1 -1
  212. package/src/types/Common.types.ts +2 -2
  213. package/src/types/LLM.types.ts +496 -491
  214. package/src/types/Redis.types.ts +8 -8
  215. package/src/types/SRE.types.ts +64 -64
  216. package/src/types/Security.types.ts +14 -14
  217. package/src/types/Storage.types.ts +5 -5
  218. package/src/types/VectorDB.types.ts +86 -86
  219. package/src/utils/base64.utils.ts +275 -275
  220. package/src/utils/cli.utils.ts +68 -68
  221. package/src/utils/data.utils.ts +322 -322
  222. package/src/utils/date-time.utils.ts +22 -22
  223. package/src/utils/general.utils.ts +238 -238
  224. package/src/utils/index.ts +12 -12
  225. package/src/utils/lazy-client.ts +261 -261
  226. package/src/utils/numbers.utils.ts +13 -13
  227. package/src/utils/oauth.utils.ts +35 -35
  228. package/src/utils/string.utils.ts +414 -414
  229. package/src/utils/url.utils.ts +19 -19
  230. package/src/utils/validation.utils.ts +74 -74
  231. package/dist/bundle-analysis-lazy.html +0 -4949
  232. package/dist/bundle-analysis.html +0 -4949
  233. package/dist/types/utils/package-manager.utils.d.ts +0 -26
package/src/subsystems/IO/Storage.service/connectors/S3Storage.class.ts CHANGED
@@ -1,482 +1,482 @@
1
- //==[ SRE: S3Storage ]======================
2
-
3
- //#region = [Polyfill for CommonJS] =================================
4
-
5
- //S3 Methods fail in CommonJS build because they expect a global 'crypto' object with a 'getRandomValues' method
6
- //getRandomValues is supposed to be for browser environments, but it seems that CommonJS build leaks some browser related code to the packaged AWS-SDK
7
- import crypto from 'crypto';
8
-
9
- Object.defineProperty(global, 'crypto', {
10
- value: {
11
- getRandomValues: (arr: any) => crypto.randomBytes(arr.length),
12
- },
13
- });
14
- //#endregion
15
-
16
- import {
17
- DeleteObjectCommand,
18
- GetObjectCommand,
19
- GetObjectCommandOutput,
20
- HeadObjectCommand,
21
- HeadObjectCommandOutput,
22
- PutObjectCommand,
23
- PutObjectTaggingCommand,
24
- S3Client,
25
- S3ClientConfig,
26
- } from '@aws-sdk/client-s3';
27
-
28
- import { Logger } from '@sre/helpers/Log.helper';
29
- import { IStorageRequest, StorageConnector } from '@sre/IO/Storage.service/StorageConnector';
30
- import { ACL } from '@sre/Security/AccessControl/ACL.class';
31
- import { IAccessCandidate, IACL, TAccessLevel, TAccessResult, TAccessRole } from '@sre/types/ACL.types';
32
- import { AWSRegionConfig, AWSCredentials } from '@sre/types/AWS.types';
33
- import { StorageData, StorageMetadata } from '@sre/types/Storage.types';
34
- import { streamToBuffer } from '@sre/utils';
35
- import type { Readable } from 'stream';
36
-
37
- //import { SmythRuntime } from '@sre/Core/SmythRuntime.class';
38
- import { AccessRequest } from '@sre/Security/AccessControl/AccessRequest.class';
39
- import { AccessCandidate } from '@sre/Security/AccessControl/AccessCandidate.class';
40
- import { SecureConnector } from '@sre/Security/SecureConnector.class';
41
- import { checkAndInstallLifecycleRules, generateExpiryMetadata, ttlToExpiryDays } from '@sre/helpers/S3Cache.helper';
42
- import { ConnectorService } from '@sre/Core/ConnectorsService';
43
-
44
- const console = Logger('S3Storage');
45
-
46
- //export type S3Config = AWSCredentials & AWSRegionConfig & { bucket: string };
47
-
48
- //We need to flatten the S3Config type in order to make it work with the SDK
49
- export type S3Config = {
50
- region: string;
51
- accessKeyId: string;
52
- secretAccessKey: string;
53
- bucket: string;
54
- };
55
-
56
- export class S3Storage extends StorageConnector {
57
- public name = 'S3Storage';
58
- private client: S3Client;
59
- private bucket: string;
60
- private isInitialized: boolean = false;
61
- private initializationPromise: Promise<void> | null = null;
62
-
63
- constructor(protected _settings: S3Config) {
64
- super(_settings);
65
- //if (!SmythRuntime.Instance) throw new Error('SRE not initialized');
66
-
67
- // Validate required configuration
68
- if (!_settings.bucket || _settings.bucket.trim() === '') {
69
- console.warn('S3 bucket name is required and cannot be empty, connector not initialized');
70
- return;
71
- }
72
-
73
- this.bucket = _settings.bucket;
74
- const clientConfig: any = {};
75
- if (_settings.region) clientConfig.region = _settings.region;
76
- if (_settings.accessKeyId && _settings.secretAccessKey) {
77
- clientConfig.credentials = {
78
- accessKeyId: _settings.accessKeyId,
79
- secretAccessKey: _settings.secretAccessKey,
80
- };
81
- }
82
-
83
- this.client = new S3Client(clientConfig);
84
- // Don't call initialize() synchronously in constructor
85
- // It will be called when needed by methods that require initialization
86
- }
87
-
88
- private async ensureInitialized(): Promise<void> {
89
- if (this.isInitialized) {
90
- return;
91
- }
92
-
93
- if (this.initializationPromise) {
94
- return this.initializationPromise;
95
- }
96
-
97
- this.initializationPromise = this.initialize();
98
- return this.initializationPromise;
99
- }
100
-
101
- private async initialize(): Promise<void> {
102
- if (!this.client) {
103
- console.warn('S3 client not initialized');
104
- return;
105
- }
106
- if (this.isInitialized) {
107
- return;
108
- }
109
-
110
- try {
111
- await checkAndInstallLifecycleRules(this.bucket, this.client);
112
- this.isInitialized = true;
113
- } catch (error) {
114
- console.error('Failed to initialize S3Storage:', error);
115
- // Reset the initialization promise so it can be retried
116
- this.initializationPromise = null;
117
- throw error;
118
- }
119
- }
120
-
121
- /**
122
- * Reads an object from the S3 bucket.
123
- *
124
- * @param {string} resourceId - The key of the object to be read.
125
- * @returns {Promise<any>} - A promise that resolves with the object data.
126
- */
127
-
128
- @SecureConnector.AccessControl
129
- public async read(acRequest: AccessRequest, resourceId: string) {
130
- await this.ensureInitialized();
131
-
132
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
133
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
134
- const params = {
135
- Bucket: this.bucket,
136
- Key: resourceId,
137
- };
138
-
139
- const s3HeadCommand = new HeadObjectCommand(params);
140
- const s3HeadData: HeadObjectCommandOutput = await this.client.send(s3HeadCommand);
141
-
142
- const expirationHeader = s3HeadData?.Expiration;
143
- if (expirationHeader) {
144
- const expirationDateMatch = expirationHeader.match(/expiry-date="([^"]+)"/);
145
- if (expirationDateMatch) {
146
- const expirationDate = new Date(expirationDateMatch[1]);
147
- const currentDate = new Date();
148
-
149
- if (currentDate > expirationDate) {
150
- const s3DeleteCommand = new DeleteObjectCommand(params);
151
- await this.client.send(s3DeleteCommand);
152
-
153
- return undefined;
154
- }
155
- }
156
- }
157
-
158
- const command = new GetObjectCommand(params);
159
-
160
- try {
161
- const response: GetObjectCommandOutput = await this.client.send(command);
162
- //const metadata = response.Metadata;
163
- return await streamToBuffer(response.Body as Readable);
164
- } catch (error) {
165
- if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
166
- return undefined;
167
- }
168
- console.error(`Error reading object from S3`, error.name, error.message);
169
- throw error;
170
- }
171
- }
172
-
173
- @SecureConnector.AccessControl
174
- async getMetadata(acRequest: AccessRequest, resourceId: string): Promise<StorageMetadata | undefined> {
175
- await this.ensureInitialized();
176
-
177
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
178
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
179
-
180
- try {
181
- const s3Metadata = await this.getS3Metadata(resourceId);
182
- return s3Metadata as StorageMetadata;
183
- } catch (error) {
184
- console.error(`Error getting access rights in S3`, error.name, error.message);
185
- throw error;
186
- }
187
- }
188
-
189
- @SecureConnector.AccessControl
190
- async setMetadata(acRequest: AccessRequest, resourceId: string, metadata: StorageMetadata) {
191
- await this.ensureInitialized();
192
-
193
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
194
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
195
-
196
- try {
197
- let s3Metadata = await this.getS3Metadata(resourceId);
198
- if (!s3Metadata) s3Metadata = {};
199
- //s3Metadata['x-amz-meta-data'] = metadata;
200
- s3Metadata = { ...s3Metadata, ...metadata };
201
- await this.setS3Metadata(resourceId, s3Metadata);
202
- } catch (error) {
203
- console.error(`Error setting access rights in S3`, error);
204
- throw error;
205
- }
206
- }
207
- /**
208
- * Writes an object to the S3 bucket.
209
- *
210
- * @param {string} resourceId - The key of the object to be written.
211
- * @param {any} value - The value of the object to be written.
212
- * @param {Metadata} metadata - Optional metadata to be associated with the object.
213
- * @returns {Promise<void>} - A promise that resolves when the object has been written.
214
- */
215
- @SecureConnector.AccessControl
216
- async write(acRequest: AccessRequest, resourceId: string, value: StorageData, acl?: IACL, metadata?: StorageMetadata): Promise<void> {
217
- await this.ensureInitialized();
218
-
219
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
220
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
221
- const accessCandidate = acRequest.candidate;
222
-
223
- let amzACL = ACL.from(acl).addAccess(accessCandidate.role, accessCandidate.id, TAccessLevel.Owner).ACL;
224
- let s3Metadata = {
225
- ...metadata,
226
- 'x-amz-meta-acl': amzACL,
227
- };
228
-
229
- const command = new PutObjectCommand({
230
- Bucket: this.bucket,
231
- Key: resourceId,
232
- Body: value,
233
- Metadata: this.serializeS3Metadata(s3Metadata),
234
- ContentType: s3Metadata['ContentType'],
235
- });
236
-
237
- try {
238
- const result: any = await this.client.send(command);
239
- } catch (error) {
240
- console.error(`Error writing object to S3`, error.name, error.message);
241
- //console.error(error);
242
- throw error;
243
- }
244
- }
245
-
246
- /**
247
- * Deletes an object from the S3 bucket.
248
- *
249
- * @param {string} resourceId - The key of the object to be deleted.
250
- * @returns {Promise<void>} - A promise that resolves when the object has been deleted.
251
- */
252
- @SecureConnector.AccessControl
253
- async delete(acRequest: AccessRequest, resourceId: string): Promise<void> {
254
- await this.ensureInitialized();
255
-
256
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
257
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
258
-
259
- const command = new DeleteObjectCommand({
260
- Bucket: this.bucket,
261
- Key: resourceId,
262
- });
263
-
264
- try {
265
- await this.client.send(command);
266
- } catch (error) {
267
- console.error(`Error deleting object from S3`, error.name, error.message);
268
- throw error;
269
- }
270
- }
271
-
272
- @SecureConnector.AccessControl
273
- async exists(acRequest: AccessRequest, resourceId: string): Promise<boolean> {
274
- await this.ensureInitialized();
275
-
276
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
277
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
278
- const command = new HeadObjectCommand({
279
- Bucket: this.bucket,
280
- Key: resourceId,
281
- });
282
-
283
- try {
284
- await this.client.send(command);
285
- return true;
286
- } catch (error) {
287
- if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
288
- return false;
289
- }
290
-
291
- console.error(`Error checking object existence in S3`, error.name, error.message);
292
- throw error;
293
- }
294
- }
295
-
296
- //this determines the access rights for the requested resource
297
- //the connector should check if the resource exists or not
298
- //if the resource exists we read it's ACL and return it
299
- //if the resource does not exist we return an write access ACL for the candidate
300
- public async getResourceACL(resourceId: string, candidate: IAccessCandidate) {
301
- await this.ensureInitialized();
302
-
303
- const s3Metadata = await this.getS3Metadata(resourceId);
304
- const exists = s3Metadata !== undefined; //undefined metadata means the resource does not exist
305
- //let acl: ACL = ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
306
-
307
- if (!exists) {
308
- //the resource does not exist yet, we grant write access to the candidate in order to allow the resource creation
309
- return new ACL().addAccess(candidate.role, candidate.id, TAccessLevel.Owner);
310
- }
311
- return ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
312
- }
313
-
314
- @SecureConnector.AccessControl
315
- async getACL(acRequest: AccessRequest, resourceId: string): Promise<ACL | undefined> {
316
- await this.ensureInitialized();
317
-
318
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
319
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
320
-
321
- try {
322
- const s3Metadata = await this.getS3Metadata(resourceId);
323
- return ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
324
- } catch (error) {
325
- console.error(`Error getting access rights in S3`, error.name, error.message);
326
- throw error;
327
- }
328
- }
329
-
330
- @SecureConnector.AccessControl
331
- async setACL(acRequest: AccessRequest, resourceId: string, acl: IACL) {
332
- await this.ensureInitialized();
333
-
334
- // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
335
- // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
336
-
337
- try {
338
- let s3Metadata = await this.getS3Metadata(resourceId);
339
- if (!s3Metadata) s3Metadata = {};
340
- //when setting ACL make sure to not lose ownership
341
- s3Metadata['x-amz-meta-acl'] = ACL.from(acl).addAccess(acRequest.candidate.role, acRequest.candidate.id, TAccessLevel.Owner).ACL;
342
- await this.setS3Metadata(resourceId, s3Metadata);
343
- } catch (error) {
344
- console.error(`Error setting access rights in S3`, error);
345
- throw error;
346
- }
347
- }
348
-
349
- @SecureConnector.AccessControl
350
- async expire(acRequest: AccessRequest, resourceId: string, ttl: number) {
351
- await this.ensureInitialized();
352
-
353
- const expiryMetadata = generateExpiryMetadata(ttlToExpiryDays(ttl)); // seconds to days
354
- const s3PutObjectTaggingCommand = new PutObjectTaggingCommand({
355
- Bucket: this.bucket,
356
- Key: resourceId,
357
- Tagging: { TagSet: [{ Key: expiryMetadata.Key, Value: expiryMetadata.Value }] },
358
- });
359
- await this.client.send(s3PutObjectTaggingCommand);
360
- }
361
-
362
- private migrateMetadata(metadata: Record<string, string>): Record<string, any> {
363
- if (!metadata.agentid && !metadata.teamid && !metadata.userid) return metadata as Record<string, any>;
364
- else {
365
- const convertibleItems = ['agentid', 'teamid', 'userid'];
366
- const aclHelper = new ACL();
367
-
368
- for (let key of convertibleItems) {
369
- if (!metadata[key]) continue;
370
- const role = key === 'agentid' ? TAccessRole.Agent : key === 'teamid' ? TAccessRole.Team : TAccessRole.User;
371
- aclHelper.addAccess(role, metadata[key].toString(), [TAccessLevel.Owner, TAccessLevel.Read, TAccessLevel.Write]);
372
- delete metadata[key];
373
- }
374
- aclHelper.migrated = true;
375
- const newMetadata: Record<string, any> = {
376
- 'x-amz-meta-acl': aclHelper.ACL,
377
- };
378
- //copy remaining metadata
379
- for (let key in metadata) {
380
- newMetadata[key] = metadata[key];
381
- }
382
-
383
- return newMetadata;
384
- }
385
- }
386
-
387
- private serializeS3Metadata(s3Metadata: Record<string, any>): Record<string, string> {
388
- let amzMetadata = {};
389
- if (s3Metadata['x-amz-meta-acl']) {
390
- //const acl: TACL = s3Metadata['x-amz-meta-acl'];
391
- if (s3Metadata['x-amz-meta-acl']) {
392
- amzMetadata['x-amz-meta-acl'] =
393
- typeof s3Metadata['x-amz-meta-acl'] == 'string'
394
- ? s3Metadata['x-amz-meta-acl']
395
- : ACL.from(s3Metadata['x-amz-meta-acl']).serializedACL;
396
- }
397
-
398
- delete s3Metadata['x-amz-meta-acl'];
399
- }
400
-
401
- for (let key in s3Metadata) {
402
- if (key == 'ContentType') continue; //skip ContentType as it can only be set when writing the object
403
- amzMetadata[key] = typeof s3Metadata[key] === 'string' ? s3Metadata[key] : JSON.stringify(s3Metadata[key]);
404
- }
405
-
406
- return amzMetadata;
407
- }
408
-
409
- private deserializeS3Metadata(amzMetadata: Record<string, string>): Record<string, any> {
410
- let metadata: Record<string, any> = {};
411
-
412
- for (let key in amzMetadata) {
413
- if (key === 'x-amz-meta-acl') {
414
- metadata[key] = ACL.from(amzMetadata[key]).ACL;
415
- continue;
416
- }
417
-
418
- try {
419
- metadata[key] = JSON.parse(amzMetadata[key]);
420
- } catch (error) {
421
- metadata[key] = amzMetadata[key];
422
- }
423
- }
424
- //TODO : Remove this migration code after all metadata is migrated
425
- // Context : an old ACL metadata format was used in initial implementation of Smyth Storage
426
- // We need to ensure compatibility with legacy format and seamlessly convert it when reading
427
- metadata = this.migrateMetadata(metadata) as Record<string, any>;
428
-
429
- return metadata;
430
- }
431
-
432
- private async getS3Metadata(resourceId: string): Promise<Record<string, any> | undefined> {
433
- try {
434
- const command = new HeadObjectCommand({
435
- Bucket: this.bucket,
436
- Key: resourceId,
437
- });
438
- const response: HeadObjectCommandOutput = await this.client.send(command);
439
- const s3RawMetadata = response.Metadata;
440
- if (!s3RawMetadata || Object.keys(s3RawMetadata).length === 0) return {};
441
-
442
- let metadata: Record<string, any> = this.deserializeS3Metadata(s3RawMetadata);
443
-
444
- if (!metadata['ContentType']) metadata['ContentType'] = response.ContentType ? response.ContentType : 'application/octet-stream';
445
- return metadata;
446
- } catch (error) {
447
- if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
448
- return undefined;
449
- }
450
- console.error(`Error reading object metadata from S3`, error.name, error.message);
451
- throw error;
452
- }
453
- }
454
-
455
- private async setS3Metadata(resourceId: string, metadata: Record<string, any>): Promise<void> {
456
- try {
457
- // Get the current object content
458
- const getObjectCommand = new GetObjectCommand({
459
- Bucket: this.bucket,
460
- Key: resourceId,
461
- });
462
- const objectData: GetObjectCommandOutput = await this.client.send(getObjectCommand);
463
-
464
- // Read the object's content
465
- const bufferBody = await streamToBuffer(objectData.Body as Readable);
466
-
467
- const amzMetadata = this.serializeS3Metadata(metadata);
468
- // Put the object back with the new metadata and the same content
469
- const putObjectCommand = new PutObjectCommand({
470
- Bucket: this.bucket,
471
- Key: resourceId,
472
- Body: bufferBody,
473
- Metadata: amzMetadata,
474
- });
475
-
476
- await this.client.send(putObjectCommand);
477
- } catch (error) {
478
- console.error(`Error setting object metadata in S3`, error.name, error.message);
479
- throw error;
480
- }
481
- }
482
- }
1
+ //==[ SRE: S3Storage ]======================
2
+
3
+ //#region = [Polyfill for CommonJS] =================================
4
+
5
+ //S3 Methods fail in CommonJS build because they expect a global 'crypto' object with a 'getRandomValues' method
6
+ //getRandomValues is supposed to be for browser environments, but it seems that CommonJS build leaks some browser related code to the packaged AWS-SDK
7
+ import crypto from 'crypto';
8
+
9
+ Object.defineProperty(global, 'crypto', {
10
+ value: {
11
+ getRandomValues: (arr: any) => crypto.randomBytes(arr.length),
12
+ },
13
+ });
14
+ //#endregion
15
+
16
+ import {
17
+ DeleteObjectCommand,
18
+ GetObjectCommand,
19
+ GetObjectCommandOutput,
20
+ HeadObjectCommand,
21
+ HeadObjectCommandOutput,
22
+ PutObjectCommand,
23
+ PutObjectTaggingCommand,
24
+ S3Client,
25
+ S3ClientConfig,
26
+ } from '@aws-sdk/client-s3';
27
+
28
+ import { Logger } from '@sre/helpers/Log.helper';
29
+ import { IStorageRequest, StorageConnector } from '@sre/IO/Storage.service/StorageConnector';
30
+ import { ACL } from '@sre/Security/AccessControl/ACL.class';
31
+ import { IAccessCandidate, IACL, TAccessLevel, TAccessResult, TAccessRole } from '@sre/types/ACL.types';
32
+ import { AWSRegionConfig, AWSCredentials } from '@sre/types/AWS.types';
33
+ import { StorageData, StorageMetadata } from '@sre/types/Storage.types';
34
+ import { streamToBuffer } from '@sre/utils';
35
+ import type { Readable } from 'stream';
36
+
37
+ //import { SmythRuntime } from '@sre/Core/SmythRuntime.class';
38
+ import { AccessRequest } from '@sre/Security/AccessControl/AccessRequest.class';
39
+ import { AccessCandidate } from '@sre/Security/AccessControl/AccessCandidate.class';
40
+ import { SecureConnector } from '@sre/Security/SecureConnector.class';
41
+ import { checkAndInstallLifecycleRules, generateExpiryMetadata, ttlToExpiryDays } from '@sre/helpers/S3Cache.helper';
42
+ import { ConnectorService } from '@sre/Core/ConnectorsService';
43
+
44
+ const console = Logger('S3Storage');
45
+
46
+ //export type S3Config = AWSCredentials & AWSRegionConfig & { bucket: string };
47
+
48
+ //We need to flatten the S3Config type in order to make it work with the SDK
49
+ export type S3Config = {
50
+ region: string;
51
+ accessKeyId: string;
52
+ secretAccessKey: string;
53
+ bucket: string;
54
+ };
55
+
56
+ export class S3Storage extends StorageConnector {
57
+ public name = 'S3Storage';
58
+ private client: S3Client;
59
+ private bucket: string;
60
+ private isInitialized: boolean = false;
61
+ private initializationPromise: Promise<void> | null = null;
62
+
63
+ constructor(protected _settings: S3Config) {
64
+ super(_settings);
65
+ //if (!SmythRuntime.Instance) throw new Error('SRE not initialized');
66
+
67
+ // Validate required configuration
68
+ if (!_settings.bucket || _settings.bucket.trim() === '') {
69
+ console.warn('S3 bucket name is required and cannot be empty, connector not initialized');
70
+ return;
71
+ }
72
+
73
+ this.bucket = _settings.bucket;
74
+ const clientConfig: any = {};
75
+ if (_settings.region) clientConfig.region = _settings.region;
76
+ if (_settings.accessKeyId && _settings.secretAccessKey) {
77
+ clientConfig.credentials = {
78
+ accessKeyId: _settings.accessKeyId,
79
+ secretAccessKey: _settings.secretAccessKey,
80
+ };
81
+ }
82
+
83
+ this.client = new S3Client(clientConfig);
84
+ // Don't call initialize() synchronously in constructor
85
+ // It will be called when needed by methods that require initialization
86
+ }
87
+
88
+ private async ensureInitialized(): Promise<void> {
89
+ if (this.isInitialized) {
90
+ return;
91
+ }
92
+
93
+ if (this.initializationPromise) {
94
+ return this.initializationPromise;
95
+ }
96
+
97
+ this.initializationPromise = this.initialize();
98
+ return this.initializationPromise;
99
+ }
100
+
101
+ private async initialize(): Promise<void> {
102
+ if (!this.client) {
103
+ console.warn('S3 client not initialized');
104
+ return;
105
+ }
106
+ if (this.isInitialized) {
107
+ return;
108
+ }
109
+
110
+ try {
111
+ await checkAndInstallLifecycleRules(this.bucket, this.client);
112
+ this.isInitialized = true;
113
+ } catch (error) {
114
+ console.error('Failed to initialize S3Storage:', error);
115
+ // Reset the initialization promise so it can be retried
116
+ this.initializationPromise = null;
117
+ throw error;
118
+ }
119
+ }
120
+
121
+ /**
122
+ * Reads an object from the S3 bucket.
123
+ *
124
+ * @param {string} resourceId - The key of the object to be read.
125
+ * @returns {Promise<any>} - A promise that resolves with the object data.
126
+ */
127
+
128
+ @SecureConnector.AccessControl
129
+ public async read(acRequest: AccessRequest, resourceId: string) {
130
+ await this.ensureInitialized();
131
+
132
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
133
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
134
+ const params = {
135
+ Bucket: this.bucket,
136
+ Key: resourceId,
137
+ };
138
+
139
+ const s3HeadCommand = new HeadObjectCommand(params);
140
+ const s3HeadData: HeadObjectCommandOutput = await this.client.send(s3HeadCommand);
141
+
142
+ const expirationHeader = s3HeadData?.Expiration;
143
+ if (expirationHeader) {
144
+ const expirationDateMatch = expirationHeader.match(/expiry-date="([^"]+)"/);
145
+ if (expirationDateMatch) {
146
+ const expirationDate = new Date(expirationDateMatch[1]);
147
+ const currentDate = new Date();
148
+
149
+ if (currentDate > expirationDate) {
150
+ const s3DeleteCommand = new DeleteObjectCommand(params);
151
+ await this.client.send(s3DeleteCommand);
152
+
153
+ return undefined;
154
+ }
155
+ }
156
+ }
157
+
158
+ const command = new GetObjectCommand(params);
159
+
160
+ try {
161
+ const response: GetObjectCommandOutput = await this.client.send(command);
162
+ //const metadata = response.Metadata;
163
+ return await streamToBuffer(response.Body as Readable);
164
+ } catch (error) {
165
+ if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
166
+ return undefined;
167
+ }
168
+ console.error(`Error reading object from S3`, error.name, error.message);
169
+ throw error;
170
+ }
171
+ }
172
+
173
+ @SecureConnector.AccessControl
174
+ async getMetadata(acRequest: AccessRequest, resourceId: string): Promise<StorageMetadata | undefined> {
175
+ await this.ensureInitialized();
176
+
177
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
178
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
179
+
180
+ try {
181
+ const s3Metadata = await this.getS3Metadata(resourceId);
182
+ return s3Metadata as StorageMetadata;
183
+ } catch (error) {
184
+ console.error(`Error getting access rights in S3`, error.name, error.message);
185
+ throw error;
186
+ }
187
+ }
188
+
189
+ @SecureConnector.AccessControl
190
+ async setMetadata(acRequest: AccessRequest, resourceId: string, metadata: StorageMetadata) {
191
+ await this.ensureInitialized();
192
+
193
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
194
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
195
+
196
+ try {
197
+ let s3Metadata = await this.getS3Metadata(resourceId);
198
+ if (!s3Metadata) s3Metadata = {};
199
+ //s3Metadata['x-amz-meta-data'] = metadata;
200
+ s3Metadata = { ...s3Metadata, ...metadata };
201
+ await this.setS3Metadata(resourceId, s3Metadata);
202
+ } catch (error) {
203
+ console.error(`Error setting access rights in S3`, error);
204
+ throw error;
205
+ }
206
+ }
207
+ /**
208
+ * Writes an object to the S3 bucket.
209
+ *
210
+ * @param {string} resourceId - The key of the object to be written.
211
+ * @param {any} value - The value of the object to be written.
212
+ * @param {Metadata} metadata - Optional metadata to be associated with the object.
213
+ * @returns {Promise<void>} - A promise that resolves when the object has been written.
214
+ */
215
+ @SecureConnector.AccessControl
216
+ async write(acRequest: AccessRequest, resourceId: string, value: StorageData, acl?: IACL, metadata?: StorageMetadata): Promise<void> {
217
+ await this.ensureInitialized();
218
+
219
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
220
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
221
+ const accessCandidate = acRequest.candidate;
222
+
223
+ let amzACL = ACL.from(acl).addAccess(accessCandidate.role, accessCandidate.id, TAccessLevel.Owner).ACL;
224
+ let s3Metadata = {
225
+ ...metadata,
226
+ 'x-amz-meta-acl': amzACL,
227
+ };
228
+
229
+ const command = new PutObjectCommand({
230
+ Bucket: this.bucket,
231
+ Key: resourceId,
232
+ Body: value,
233
+ Metadata: this.serializeS3Metadata(s3Metadata),
234
+ ContentType: s3Metadata['ContentType'],
235
+ });
236
+
237
+ try {
238
+ const result: any = await this.client.send(command);
239
+ } catch (error) {
240
+ console.error(`Error writing object to S3`, error.name, error.message);
241
+ //console.error(error);
242
+ throw error;
243
+ }
244
+ }
245
+
246
+ /**
247
+ * Deletes an object from the S3 bucket.
248
+ *
249
+ * @param {string} resourceId - The key of the object to be deleted.
250
+ * @returns {Promise<void>} - A promise that resolves when the object has been deleted.
251
+ */
252
+ @SecureConnector.AccessControl
253
+ async delete(acRequest: AccessRequest, resourceId: string): Promise<void> {
254
+ await this.ensureInitialized();
255
+
256
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
257
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
258
+
259
+ const command = new DeleteObjectCommand({
260
+ Bucket: this.bucket,
261
+ Key: resourceId,
262
+ });
263
+
264
+ try {
265
+ await this.client.send(command);
266
+ } catch (error) {
267
+ console.error(`Error deleting object from S3`, error.name, error.message);
268
+ throw error;
269
+ }
270
+ }
271
+
272
+ @SecureConnector.AccessControl
273
+ async exists(acRequest: AccessRequest, resourceId: string): Promise<boolean> {
274
+ await this.ensureInitialized();
275
+
276
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
277
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
278
+ const command = new HeadObjectCommand({
279
+ Bucket: this.bucket,
280
+ Key: resourceId,
281
+ });
282
+
283
+ try {
284
+ await this.client.send(command);
285
+ return true;
286
+ } catch (error) {
287
+ if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
288
+ return false;
289
+ }
290
+
291
+ console.error(`Error checking object existence in S3`, error.name, error.message);
292
+ throw error;
293
+ }
294
+ }
295
+
296
+ //this determines the access rights for the requested resource
297
+ //the connector should check if the resource exists or not
298
+ //if the resource exists we read it's ACL and return it
299
+ //if the resource does not exist we return an write access ACL for the candidate
300
+ public async getResourceACL(resourceId: string, candidate: IAccessCandidate) {
301
+ await this.ensureInitialized();
302
+
303
+ const s3Metadata = await this.getS3Metadata(resourceId);
304
+ const exists = s3Metadata !== undefined; //undefined metadata means the resource does not exist
305
+ //let acl: ACL = ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
306
+
307
+ if (!exists) {
308
+ //the resource does not exist yet, we grant write access to the candidate in order to allow the resource creation
309
+ return new ACL().addAccess(candidate.role, candidate.id, TAccessLevel.Owner);
310
+ }
311
+ return ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
312
+ }
313
+
314
+ @SecureConnector.AccessControl
315
+ async getACL(acRequest: AccessRequest, resourceId: string): Promise<ACL | undefined> {
316
+ await this.ensureInitialized();
317
+
318
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
319
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
320
+
321
+ try {
322
+ const s3Metadata = await this.getS3Metadata(resourceId);
323
+ return ACL.from(s3Metadata?.['x-amz-meta-acl'] as IACL);
324
+ } catch (error) {
325
+ console.error(`Error getting access rights in S3`, error.name, error.message);
326
+ throw error;
327
+ }
328
+ }
329
+
330
+ @SecureConnector.AccessControl
331
+ async setACL(acRequest: AccessRequest, resourceId: string, acl: IACL) {
332
+ await this.ensureInitialized();
333
+
334
+ // const accessTicket = await this.getAccessTicket(resourceId, acRequest);
335
+ // if (accessTicket.access !== TAccessResult.Granted) throw new Error('Access Denied');
336
+
337
+ try {
338
+ let s3Metadata = await this.getS3Metadata(resourceId);
339
+ if (!s3Metadata) s3Metadata = {};
340
+ //when setting ACL make sure to not lose ownership
341
+ s3Metadata['x-amz-meta-acl'] = ACL.from(acl).addAccess(acRequest.candidate.role, acRequest.candidate.id, TAccessLevel.Owner).ACL;
342
+ await this.setS3Metadata(resourceId, s3Metadata);
343
+ } catch (error) {
344
+ console.error(`Error setting access rights in S3`, error);
345
+ throw error;
346
+ }
347
+ }
348
+
349
+ @SecureConnector.AccessControl
350
+ async expire(acRequest: AccessRequest, resourceId: string, ttl: number) {
351
+ await this.ensureInitialized();
352
+
353
+ const expiryMetadata = generateExpiryMetadata(ttlToExpiryDays(ttl)); // seconds to days
354
+ const s3PutObjectTaggingCommand = new PutObjectTaggingCommand({
355
+ Bucket: this.bucket,
356
+ Key: resourceId,
357
+ Tagging: { TagSet: [{ Key: expiryMetadata.Key, Value: expiryMetadata.Value }] },
358
+ });
359
+ await this.client.send(s3PutObjectTaggingCommand);
360
+ }
361
+
362
+ private migrateMetadata(metadata: Record<string, string>): Record<string, any> {
363
+ if (!metadata.agentid && !metadata.teamid && !metadata.userid) return metadata as Record<string, any>;
364
+ else {
365
+ const convertibleItems = ['agentid', 'teamid', 'userid'];
366
+ const aclHelper = new ACL();
367
+
368
+ for (let key of convertibleItems) {
369
+ if (!metadata[key]) continue;
370
+ const role = key === 'agentid' ? TAccessRole.Agent : key === 'teamid' ? TAccessRole.Team : TAccessRole.User;
371
+ aclHelper.addAccess(role, metadata[key].toString(), [TAccessLevel.Owner, TAccessLevel.Read, TAccessLevel.Write]);
372
+ delete metadata[key];
373
+ }
374
+ aclHelper.migrated = true;
375
+ const newMetadata: Record<string, any> = {
376
+ 'x-amz-meta-acl': aclHelper.ACL,
377
+ };
378
+ //copy remaining metadata
379
+ for (let key in metadata) {
380
+ newMetadata[key] = metadata[key];
381
+ }
382
+
383
+ return newMetadata;
384
+ }
385
+ }
386
+
387
+ private serializeS3Metadata(s3Metadata: Record<string, any>): Record<string, string> {
388
+ let amzMetadata = {};
389
+ if (s3Metadata['x-amz-meta-acl']) {
390
+ //const acl: TACL = s3Metadata['x-amz-meta-acl'];
391
+ if (s3Metadata['x-amz-meta-acl']) {
392
+ amzMetadata['x-amz-meta-acl'] =
393
+ typeof s3Metadata['x-amz-meta-acl'] == 'string'
394
+ ? s3Metadata['x-amz-meta-acl']
395
+ : ACL.from(s3Metadata['x-amz-meta-acl']).serializedACL;
396
+ }
397
+
398
+ delete s3Metadata['x-amz-meta-acl'];
399
+ }
400
+
401
+ for (let key in s3Metadata) {
402
+ if (key == 'ContentType') continue; //skip ContentType as it can only be set when writing the object
403
+ amzMetadata[key] = typeof s3Metadata[key] === 'string' ? s3Metadata[key] : JSON.stringify(s3Metadata[key]);
404
+ }
405
+
406
+ return amzMetadata;
407
+ }
408
+
409
+ private deserializeS3Metadata(amzMetadata: Record<string, string>): Record<string, any> {
410
+ let metadata: Record<string, any> = {};
411
+
412
+ for (let key in amzMetadata) {
413
+ if (key === 'x-amz-meta-acl') {
414
+ metadata[key] = ACL.from(amzMetadata[key]).ACL;
415
+ continue;
416
+ }
417
+
418
+ try {
419
+ metadata[key] = JSON.parse(amzMetadata[key]);
420
+ } catch (error) {
421
+ metadata[key] = amzMetadata[key];
422
+ }
423
+ }
424
+ //TODO : Remove this migration code after all metadata is migrated
425
+ // Context : an old ACL metadata format was used in initial implementation of Smyth Storage
426
+ // We need to ensure compatibility with legacy format and seamlessly convert it when reading
427
+ metadata = this.migrateMetadata(metadata) as Record<string, any>;
428
+
429
+ return metadata;
430
+ }
431
+
432
+ private async getS3Metadata(resourceId: string): Promise<Record<string, any> | undefined> {
433
+ try {
434
+ const command = new HeadObjectCommand({
435
+ Bucket: this.bucket,
436
+ Key: resourceId,
437
+ });
438
+ const response: HeadObjectCommandOutput = await this.client.send(command);
439
+ const s3RawMetadata = response.Metadata;
440
+ if (!s3RawMetadata || Object.keys(s3RawMetadata).length === 0) return {};
441
+
442
+ let metadata: Record<string, any> = this.deserializeS3Metadata(s3RawMetadata);
443
+
444
+ if (!metadata['ContentType']) metadata['ContentType'] = response.ContentType ? response.ContentType : 'application/octet-stream';
445
+ return metadata;
446
+ } catch (error) {
447
+ if (error.name === 'NotFound' || error.name === 'NoSuchKey') {
448
+ return undefined;
449
+ }
450
+ console.error(`Error reading object metadata from S3`, error.name, error.message);
451
+ throw error;
452
+ }
453
+ }
454
+
455
+ private async setS3Metadata(resourceId: string, metadata: Record<string, any>): Promise<void> {
456
+ try {
457
+ // Get the current object content
458
+ const getObjectCommand = new GetObjectCommand({
459
+ Bucket: this.bucket,
460
+ Key: resourceId,
461
+ });
462
+ const objectData: GetObjectCommandOutput = await this.client.send(getObjectCommand);
463
+
464
+ // Read the object's content
465
+ const bufferBody = await streamToBuffer(objectData.Body as Readable);
466
+
467
+ const amzMetadata = this.serializeS3Metadata(metadata);
468
+ // Put the object back with the new metadata and the same content
469
+ const putObjectCommand = new PutObjectCommand({
470
+ Bucket: this.bucket,
471
+ Key: resourceId,
472
+ Body: bufferBody,
473
+ Metadata: amzMetadata,
474
+ });
475
+
476
+ await this.client.send(putObjectCommand);
477
+ } catch (error) {
478
+ console.error(`Error setting object metadata in S3`, error.name, error.message);
479
+ throw error;
480
+ }
481
+ }
482
+ }