@synnaxlabs/client 0.30.0 → 0.31.0

package/examples/node/package.json

@@ -11,6 +11,6 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@synnaxlabs/client": "^0.26.1"
+    "@synnaxlabs/client": "^0.31.0"
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@synnaxlabs/client",
-  "version": "0.30.0",
+  "version": "0.31.0",
   "description": "The Synnax Client Library",
   "keywords": [
     "synnax",
@@ -26,8 +26,8 @@
   "dependencies": {
     "async-mutex": "^0.5.0",
     "zod": "3.23.8",
-    "@synnaxlabs/freighter": "0.30.0",
-    "@synnaxlabs/x": "0.30.0"
+    "@synnaxlabs/x": "0.31.0",
+    "@synnaxlabs/freighter": "0.31.0"
   },
   "devDependencies": {
     "@types/node": "^22.5.4",

package/src/access/client.ts

@@ -7,80 +7,14 @@
 // License, use of this software will be governed by the Apache License, Version 2.0,
 // included in the file licenses/APL.txt.
 
-import { sendRequired, type UnaryClient } from "@synnaxlabs/freighter";
-import { toArray } from "@synnaxlabs/x/toArray";
-import { z } from "zod";
+import { type UnaryClient } from "@synnaxlabs/freighter";
 
-import {
-  Key,
-  keyZ,
-  NewPolicyPayload,
-  newPolicyPayloadZ,
-  Policy,
-  policyZ,
-} from "@/access/payload";
-import { IDPayload, idZ } from "@/ontology/payload";
-
-const CREATE_ENDPOINT = "/access/policy/create";
-const DELETE_ENDPOINT = "/access/policy/delete";
-const RETRIEVE_ENDPOINT = "/access/policy/retrieve";
-
-const createReqZ = z.object({ policies: newPolicyPayloadZ.array() });
-const createResZ = z.object({ policies: policyZ.array() });
-
-const deleteReqZ = z.object({ keys: keyZ.array() });
-const deleteResZ = z.object({});
-
-const retrieveReqZ = z.object({ subject: idZ });
-const retrieveResZ = z.object({
-  policies: policyZ.array().optional().default([]),
-});
+import { policy } from "@/access/policy";
 
 export class Client {
-  private readonly client: UnaryClient;
+  readonly policy: policy.Client;
 
   constructor(client: UnaryClient) {
-    this.client = client;
-  }
-
-  async create(policies: NewPolicyPayload): Promise<Policy>;
-
-  async create(policies: NewPolicyPayload[]): Promise<Policy[]>;
-
-  async create(
-    policies: NewPolicyPayload | NewPolicyPayload[],
-  ): Promise<Policy | Policy[]> {
-    const single = !Array.isArray(policies);
-
-    const { policies: created } = await sendRequired<
-      typeof createReqZ,
-      typeof createResZ
-    >(
-      this.client,
-      CREATE_ENDPOINT,
-      { policies: toArray(policies) },
-      createReqZ,
-      createResZ,
-    );
-
-    return single ? created[0] : created;
-  }
-
-  async retrieve(subject: IDPayload): Promise<Policy[]> {
-    const { policies: retrieved } = await sendRequired<
-      typeof retrieveReqZ,
-      typeof retrieveResZ
-    >(this.client, RETRIEVE_ENDPOINT, { subject: subject }, retrieveReqZ, retrieveResZ);
-    return retrieved;
-  }
-
-  async delete(keys: Key | Key[]): Promise<void> {
-    await sendRequired<typeof deleteReqZ, typeof deleteResZ>(
-      this.client,
-      DELETE_ENDPOINT,
-      { keys: toArray(keys) },
-      deleteReqZ,
-      deleteResZ,
-    );
+    this.policy = new policy.Client(client);
   }
 }

package/src/access/payload.ts

@@ -9,27 +9,17 @@
 
 import { z } from "zod";
 
-import { ontology } from "@/ontology";
-import { idZ } from "@/ontology/payload";
-
-export const keyZ = z.string().uuid();
-
-export type Key = z.infer<typeof keyZ>;
-
-export type Params = Key | Key[];
-
-export const policyZ = z.object({
-  key: keyZ,
-  subjects: idZ.array(),
-  objects: idZ.array(),
-  actions: z.string().array(),
-});
-export type Policy = z.infer<typeof policyZ>;
-
-export const newPolicyPayloadZ = policyZ.extend({ key: keyZ.optional() });
-export type NewPolicyPayload = z.infer<typeof newPolicyPayloadZ>;
-
-export const PolicyOntologyType = "policy" as ontology.ResourceType;
-
-export const ontologyID = (key: Key): ontology.ID =>
-  new ontology.ID({ type: PolicyOntologyType, key });
+export const actionZ = z.union([
+  z.literal("all"),
+  z.literal("create"),
+  z.literal("delete"),
+  z.literal("retrieve"),
+  z.literal("update"),
+]);
+export type Action = z.infer<typeof actionZ>;
+
+export const ALL_ACTION: Action = "all";
+export const CREATE_ACTION: Action = "create";
+export const DELETE_ACTION: Action = "delete";
+export const RETRIEVE_ACTION: Action = "retrieve";
+export const UPDATE_ACTION: Action = "update";

package/src/access/policy/client.ts

@@ -0,0 +1,65 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { type UnaryClient } from "@synnaxlabs/freighter";
+import { toArray } from "@synnaxlabs/x/toArray";
+
+import { type Key, type NewPolicy, type Policy } from "@/access/policy/payload";
+import { Retriever } from "@/access/policy/retriever";
+import { Writer } from "@/access/policy/writer";
+import { ontology } from "@/ontology";
+
+export class Client {
+  private readonly retriever: Retriever;
+  private readonly writer: Writer;
+
+  constructor(client: UnaryClient) {
+    this.retriever = new Retriever(client);
+    this.writer = new Writer(client);
+  }
+
+  async create(policy: NewPolicy): Promise<Policy>;
+
+  async create(policies: NewPolicy[]): Promise<Policy[]>;
+
+  async create(policies: NewPolicy | NewPolicy[]): Promise<Policy | Policy[]> {
+    const isMany = Array.isArray(policies);
+    const createdPolicies = await this.writer.create(policies);
+    return isMany ? createdPolicies : createdPolicies[0];
+  }
+
+  async retrieve(key: Key): Promise<Policy>;
+
+  async retrieve(keys: Key[]): Promise<Policy[]>;
+
+  async retrieve(keys: Key | Key[]): Promise<Policy | Policy[]> {
+    const isMany = Array.isArray(keys);
+    const res = await this.retriever.retrieve({ keys: toArray(keys) });
+    return isMany ? res : res[0];
+  }
+
+  async retrieveFor(subject: ontology.CrudeID): Promise<Policy[]>;
+
+  async retrieveFor(subjects: ontology.CrudeID[]): Promise<Policy[]>;
+
+  async retrieveFor(
+    subjects: ontology.CrudeID | ontology.CrudeID[],
+  ): Promise<Policy[]> {
+    const newIds = toArray(subjects).map((id) => new ontology.ID(id).payload);
+    return await this.retriever.retrieve({ subjects: newIds });
+  }
+
+  async delete(key: Key): Promise<void>;
+
+  async delete(keys: Key[]): Promise<void>;
+
+  async delete(keys: Key | Key[]): Promise<void> {
+    await this.writer.delete(keys);
+  }
+}

package/src/access/policy/external.ts

@@ -0,0 +1,11 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+export * from "@/access/policy/client";
+export * from "@/access/policy/payload";

package/src/access/policy/index.ts

@@ -0,0 +1,10 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+export * as policy from "@/access/policy/external";

package/src/access/policy/payload.ts

@@ -0,0 +1,45 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { z } from "zod";
+
+import { actionZ } from "@/access/payload";
+import { ontology } from "@/ontology";
+import { nullableArrayZ } from "@/util/zod";
+
+export const keyZ = z.string().uuid();
+export type Key = z.infer<typeof keyZ>;
+
+export const newPolicyZ = z.object({
+  key: keyZ.optional(),
+  subjects: ontology.crudeIDZ.array().or(ontology.crudeIDZ),
+  objects: ontology.crudeIDZ.array().or(ontology.crudeIDZ),
+  actions: actionZ.array().or(actionZ),
+});
+export type NewPolicy = z.input<typeof newPolicyZ>;
+
+export const policyZ = z.object({
+  key: keyZ,
+  subjects: nullableArrayZ(ontology.idZ),
+  objects: nullableArrayZ(ontology.idZ),
+  actions: nullableArrayZ(actionZ),
+});
+export type Policy = z.infer<typeof policyZ>;
+
+export const ONTOLOGY_TYPE: ontology.ResourceType = "policy";
+
+export const ontologyID = (key: Key): ontology.ID =>
+  new ontology.ID({ type: ONTOLOGY_TYPE, key });
+
+export const ALLOW_ALL_ONTOLOGY_TYPE: ontology.ResourceType = "allow_all";
+
+export const ALLOW_ALL_ONTOLOGY_ID = new ontology.ID({
+  type: ALLOW_ALL_ONTOLOGY_TYPE,
+  key: "",
+});

package/src/access/policy/policy.spec.ts

@@ -0,0 +1,331 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { id } from "@synnaxlabs/x";
+import { describe, expect, test } from "vitest";
+
+import { policy } from "@/access/policy";
+import { channel } from "@/channel";
+import Synnax from "@/client";
+import { AuthError } from "@/errors";
+import { label } from "@/label";
+import { HOST, newClient, PORT } from "@/setupspecs";
+import { user } from "@/user";
+import { schematic } from "@/workspace/schematic";
+
+const client = newClient();
+
+describe("Policy", () => {
+  describe("create", () => {
+    describe("one", () => {
+      test("without key", async () => {
+        const policy = await client.access.policy.create({
+          subjects: user.ONTOLOGY_TYPE,
+          objects: [user.ONTOLOGY_TYPE, channel.ONTOLOGY_TYPE],
+          actions: "delete",
+        });
+        expect(policy.key).exist;
+        expect(policy.subjects.length).toEqual(1);
+        expect(policy.subjects[0].key).toEqual("");
+        expect(policy.subjects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policy.objects.length).toEqual(2);
+        expect(policy.objects[0].key).toEqual("");
+        expect(policy.objects[1].key).toEqual("");
+        expect(policy.objects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policy.objects[1].type).toEqual(channel.ONTOLOGY_TYPE);
+        expect(policy.actions).toEqual(["delete"]);
+        await client.access.policy.delete(policy.key);
+      });
+      test("missing subjects", async () => {
+        const policy = await client.access.policy.create({
+          subjects: [],
+          objects: [],
+          actions: [],
+        });
+        expect(policy.key).exist;
+        expect(policy.subjects).toHaveLength(0);
+        expect(policy.objects).toHaveLength(0);
+        expect(policy.actions).toHaveLength(0);
+        const retrievedPolicy = await client.access.policy.retrieve(policy.key);
+        expect(retrievedPolicy).toMatchObject(policy);
+      });
+      test("missing objects", async () => {
+        const policy = await client.access.policy.create({
+          subjects: user.ontologyID("1"),
+          objects: [],
+          actions: [],
+        });
+        expect(policy.key).exist;
+        expect(policy.subjects.length).toEqual(1);
+        expect(policy.subjects[0].key).toEqual("1");
+        expect(policy.subjects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policy.objects).toHaveLength(0);
+        expect(policy.actions).toHaveLength(0);
+        const retrievedPolicy = await client.access.policy.retrieve(policy.key);
+        expect(retrievedPolicy).toMatchObject(policy);
+      });
+      test("with key", async () => {
+        const policy = await client.access.policy.create({
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: "1" },
+            { type: channel.ONTOLOGY_TYPE, key: "2" },
+          ],
+          objects: { type: channel.ONTOLOGY_TYPE, key: "3" },
+          actions: ["delete", "retrieve"],
+        });
+        expect(policy.key).exist;
+        expect(policy.subjects.length).toEqual(2);
+        expect(policy.subjects[0].key).toEqual("1");
+        expect(policy.subjects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policy.subjects[1].key).toEqual("2");
+        expect(policy.subjects[1].type).toEqual(channel.ONTOLOGY_TYPE);
+        expect(policy.objects.length).toEqual(1);
+        expect(policy.objects[0].key).toEqual("3");
+        expect(policy.objects[0].type).toEqual(channel.ONTOLOGY_TYPE);
+        expect(policy.actions).toEqual(["delete", "retrieve"]);
+        await client.access.policy.delete(policy.key);
+      });
+    });
+    describe("many", () => {
+      test("with keys", async () => {
+        const policiesToCreate: policy.NewPolicy[] = [
+          {
+            subjects: [{ type: user.ONTOLOGY_TYPE, key: "10" }],
+            objects: [
+              { type: user.ONTOLOGY_TYPE, key: "20" },
+              { type: schematic.ONTOLOGY_TYPE, key: "21" },
+            ],
+            actions: ["retrieve"],
+          },
+          {
+            subjects: [
+              { type: user.ONTOLOGY_TYPE, key: "20" },
+              { type: schematic.ONTOLOGY_TYPE, key: "21" },
+            ],
+            objects: [
+              { type: user.ONTOLOGY_TYPE, key: "20" },
+              { type: schematic.ONTOLOGY_TYPE, key: "30" },
+            ],
+            actions: ["delete"],
+          },
+        ];
+        const policies = await client.access.policy.create(policiesToCreate);
+        expect(policies[0]).toMatchObject(policiesToCreate[0]);
+        expect(policies[1]).toMatchObject(policiesToCreate[1]);
+        await client.access.policy.delete([policies[0].key, policies[1].key]);
+      });
+      test("without keys", async () => {
+        const policies = await client.access.policy.create([
+          {
+            subjects: user.ONTOLOGY_TYPE,
+            objects: [user.ONTOLOGY_TYPE, schematic.ONTOLOGY_TYPE],
+            actions: ["retrieve"],
+          },
+          {
+            subjects: [user.ONTOLOGY_TYPE, schematic.ONTOLOGY_TYPE],
+            objects: [channel.ONTOLOGY_TYPE],
+            actions: "retrieve",
+          },
+        ]);
+        expect(policies.length).toEqual(2);
+        expect(policies[0].key).exist;
+        expect(policies[0].subjects.length).toEqual(1);
+        expect(policies[0].subjects[0].key).toEqual("");
+        expect(policies[0].subjects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policies[0].objects.length).toEqual(2);
+        expect(policies[0].objects[0].key).toEqual("");
+        expect(policies[0].objects[1].key).toEqual("");
+        expect(policies[0].objects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policies[0].objects[1].type).toEqual(schematic.ONTOLOGY_TYPE);
+        expect(policies[0].actions).toEqual(["retrieve"]);
+        expect(policies[1].key).exist;
+        expect(policies[1].subjects.length).toEqual(2);
+        expect(policies[1].subjects[0].key).toEqual("");
+        expect(policies[1].subjects[1].key).toEqual("");
+        expect(policies[1].subjects[0].type).toEqual(user.ONTOLOGY_TYPE);
+        expect(policies[1].subjects[1].type).toEqual(schematic.ONTOLOGY_TYPE);
+        expect(policies[1].objects.length).toEqual(1);
+        expect(policies[1].objects[0].key).toEqual("");
+        expect(policies[1].objects[0].type).toEqual(channel.ONTOLOGY_TYPE);
+        expect(policies[1].actions).toEqual(["retrieve"]);
+        await client.access.policy.delete([policies[0].key, policies[1].key]);
+      });
+    });
+  });
+  describe("retrieve", async () => {
+    test("by key", async () => {
+      const policies = await client.access.policy.create([
+        {
+          subjects: user.ONTOLOGY_TYPE,
+          objects: [user.ONTOLOGY_TYPE, channel.ONTOLOGY_TYPE],
+          actions: "delete",
+        },
+        {
+          subjects: user.ONTOLOGY_TYPE,
+          objects: [schematic.ONTOLOGY_TYPE, channel.ONTOLOGY_TYPE],
+          actions: "retrieve",
+        },
+      ]);
+      const result = await client.access.policy.retrieve(policies[0].key);
+      expect(result).toMatchObject(policies[0]);
+      const results = await client.access.policy.retrieve([
+        policies[0].key,
+        policies[1].key,
+      ]);
+      expect(results).toHaveLength(2);
+      expect(results[0]).toMatchObject(policies[0]);
+      expect(results[1]).toMatchObject(policies[1]);
+      expect(results.sort()).toMatchObject(policies.sort());
+      await client.access.policy.delete([policies[0].key, policies[1].key]);
+    });
+    test("by subject", async () => {
+      const key1 = id.id();
+      const key2 = id.id();
+      const created = await client.access.policy.create([
+        {
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: key1 },
+            { type: user.ONTOLOGY_TYPE, key: key2 },
+          ],
+          objects: [
+            { type: user.ONTOLOGY_TYPE, key: "234" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: ["retrieve"],
+        },
+        {
+          subjects: { type: user.ONTOLOGY_TYPE, key: key1 },
+          objects: [
+            { type: label.ONTOLOGY_TYPE, key: "23123" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: "delete",
+        },
+      ]);
+      const received = await client.access.policy.retrieveFor(user.ontologyID(key2));
+      const newReceived = received.filter((p) => {
+        return created.some((c) => c.key === p.key);
+      });
+      expect(created[0]).toMatchObject(newReceived[0]);
+      await client.access.policy.delete([created[0].key, created[1].key]);
+    });
+  });
+  describe("delete", async () => {
+    test("one", async () => {
+      const id1 = id.id();
+      const id2 = id.id();
+      const id3 = id.id();
+      const policies: policy.NewPolicy[] = [
+        {
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: id1 },
+            { type: user.ONTOLOGY_TYPE, key: id2 },
+          ],
+          objects: [
+            { type: user.ONTOLOGY_TYPE, key: "20" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: ["retrieve"],
+        },
+        {
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: id1 },
+            { type: user.ONTOLOGY_TYPE, key: id3 },
+          ],
+          objects: [
+            { type: label.ONTOLOGY_TYPE, key: "20" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: ["delete"],
+        },
+      ];
+
+      const created = await client.access.policy.create(policies);
+      await client.access.policy.delete(created[0].key);
+      await expect(client.access.policy.retrieve(created[0].key)).rejects.toThrow();
+      await client.access.policy.delete(created[1].key);
+    });
+    test("many", async () => {
+      const id1 = id.id();
+      const id2 = id.id();
+      const id3 = id.id();
+      const policies: policy.NewPolicy[] = [
+        {
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: id1 },
+            { type: user.ONTOLOGY_TYPE, key: id2 },
+          ],
+          objects: [
+            { type: user.ONTOLOGY_TYPE, key: "20" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: ["retrieve"],
+        },
+        {
+          subjects: [
+            { type: user.ONTOLOGY_TYPE, key: id1 },
+            { type: user.ONTOLOGY_TYPE, key: id3 },
+          ],
+          objects: [
+            { type: label.ONTOLOGY_TYPE, key: "20" },
+            { type: channel.ONTOLOGY_TYPE, key: "30" },
+          ],
+          actions: ["delete"],
+        },
+      ];
+
+      const created = await client.access.policy.create(policies);
+      await client.access.policy.delete([created[0].key, created[1].key]);
+      await expect(client.access.policy.retrieve(created[0].key)).rejects.toThrow();
+      await expect(client.access.policy.retrieve(created[1].key)).rejects.toThrow();
+    });
+  });
+});
+
+describe("privilege", async () => {
+  test("new user", async () => {
+    const username = id.id();
+    const user2 = await client.user.create({ username, password: "pwd1" });
+    expect(user2).toBeDefined();
+    const client2 = new Synnax({
+      host: HOST,
+      port: PORT,
+      username: user2.username,
+      password: "pwd1",
+    });
+    await expect(
+      client2.user.create({
+        username: id.id(),
+        password: id.id(),
+      }),
+    ).rejects.toThrow(AuthError);
+
+    const policy = await client.access.policy.create({
+      subjects: user.ontologyID(user2.key),
+      objects: user.ONTOLOGY_TYPE,
+      actions: ["create"],
+    });
+
+    const newUsername = id.id();
+
+    const newUser = await client2.user.create({
+      username: newUsername,
+      password: id.id(),
+    });
+
+    expect(newUser.username).toEqual(newUsername);
+
+    // Remove privileges
+    await client.access.policy.delete(policy.key);
+
+    await expect(
+      client2.user.create({ username: id.id(), password: id.id() }),
+    ).rejects.toThrow(AuthError);
+  });
+});

package/src/access/policy/retriever.ts

@@ -0,0 +1,43 @@
+// Copyright 2024 Synnax Labs, Inc.
+//
+// Use of this software is governed by the Business Source License included in the file
+// licenses/BSL.txt.
+//
+// As of the Change Date specified in that file, in accordance with the Business Source
+// License, use of this software will be governed by the Apache License, Version 2.0,
+// included in the file licenses/APL.txt.
+
+import { sendRequired, type UnaryClient } from "@synnaxlabs/freighter";
+import { z } from "zod";
+
+import { keyZ, type Policy, policyZ } from "@/access/policy/payload";
+import { ontology } from "@/ontology";
+import { nullableArrayZ } from "@/util/zod";
+
+const reqZ = z.object({
+  keys: keyZ.array().optional(),
+  subjects: ontology.idZ.array().optional(),
+});
+type Request = z.infer<typeof reqZ>;
+const resZ = z.object({ policies: nullableArrayZ(policyZ) });
+
+const ENDPOINT = "/access/policy/retrieve";
+
+export class Retriever {
+  private readonly client: UnaryClient;
+
+  constructor(client: UnaryClient) {
+    this.client = client;
+  }
+
+  async retrieve(req: Request): Promise<Policy[]> {
+    const res = await sendRequired<typeof reqZ, typeof resZ>(
+      this.client,
+      ENDPOINT,
+      req,
+      reqZ,
+      resZ,
+    );
+    return res.policies;
+  }
+}