@venizia/ignis 0.0.9-2 → 0.0.9-21

package/dist/components/auth/authorize/enforcers/casbin.enforcer.d.ts

@@ -1,35 +1,97 @@
 import { TContext } from '../../../../base/controllers/common/types';
-import { BaseHelper } from '@venizia/ignis-helpers';
-import type { CachedEnforcer as CasbinCachedEnforcerType, Enforcer as CasbinEnforcerType } from 'casbin';
+import { BaseHelper, TNullable } from '@venizia/ignis-helpers';
+import type { Enforcer as CasbinEnforcerType } from 'casbin';
 import { Env } from 'hono';
-import { IAuthUser } from '../../authenticate';
-import { IAuthorizationEnforcer, ICasbinEnforcerCachedRedis, ICasbinEnforcerOptions, type IAuthorizationComparable, type IAuthorizationRequest, type TAuthorizationDecision } from '../common';
-export declare class CasbinAuthorizationEnforcer<E extends Env = Env, TAction extends string | IAuthorizationComparable = string, TResource extends string | IAuthorizationComparable = string> extends BaseHelper implements IAuthorizationEnforcer<E, TAction, TResource, IAuthUser> {
+import { IAuthorizationEnforcer, IAuthorizationUser, ICasbinEnforcerCachedRedis, ICasbinEnforcerOptions, ICasbinRules, type IAuthorizationRequest, type TAuthorizationDecision, type TCasbinDomainMatchingFunction } from '../common';
+/** Normalizer for the scoped/custom payload path — the exact shape returned by defaultScopedPayloadFn(). */
+type TNormalizePayloadFn<E extends Env, TAction, TResource> = (opts: {
+    user: IAuthorizationUser;
+    action: TAction;
+    resource: TResource;
+    context: TContext<E, string>;
+}) => {
+    subject: string;
+    resource: string;
+    action: string;
+    domain?: string;
+};
+export declare class CasbinAuthorizationEnforcer<E extends Env = Env, TAction extends string = string, TResource extends string = string> extends BaseHelper implements IAuthorizationEnforcer<E, TAction, TResource, ICasbinRules> {
     private options;
     name: string;
     private readonly MIN_EXPIRES_IN;
-    private enforcer;
-    private inMemoryInvalidationTimer;
+    private pool;
+    private helper;
+    private readonly pendingLineFetches;
+    private resolvedPayloadFn;
     constructor(options: ICasbinEnforcerOptions<E, TAction, TResource>);
     configure(): Promise<void>;
     destroy(): void;
+    /**
+     * Boot-time smoke test for the matcher. casbin compiles the matcher expression LAZILY — not in
+     * newEnforcer() or buildRoleLinks(), but on the first enforce — so a broken matcher would otherwise
+     * only surface on the first real request (a 500 for a real user). Running one dummy enforceSync here
+     * forces that compile at warmup, turning these into a fail-at-boot for an authz component:
+     *   - matcher syntax errors in the model,
+     *   - references to functions that registerMatchers() didn't register (e.g. a renamed g-relation),
+     *   - request arity mismatch (4-token scoped model vs the 3/4 args we pass).
+     * Bonus: enforceSync also throws if a matcher func is async — but every func we register is a sync
+     * built-in, so that branch is effectively unreachable; the real value is the compile/wiring check above.
+     */
+    protected assertMatcherCompilesSync(opts: {
+        enforcer: CasbinEnforcerType;
+    }): void;
     buildRules(opts: {
-        user: {
-            principalType: string;
-        } & IAuthUser;
+        user: IAuthorizationUser;
         context: TContext<E, string>;
-    }): Promise<IAuthUser>;
+    }): Promise<ICasbinRules>;
     evaluate(opts: {
-        rules: IAuthUser;
+        rules: ICasbinRules;
         request: IAuthorizationRequest<TAction, TResource>;
         context: TContext<E, string>;
     }): Promise<TAuthorizationDecision>;
-    protected resolveCasbinEnforcer(opts: {
+    /**
+     * Run the matcher synchronously and, on DENY, log WHICH policy rule decided it. enforceExSync returns
+     * `[isAllowed, matchedPolicy]` where matchedPolicy is the deciding rule (or `[]` when nothing matched →
+     * default-deny). The explain index is computed by the effector regardless of this call, so capturing it
+     * carries no meaningful cost over enforceSync — it just surfaces the reason for a denial to the logs.
+     */
+    protected enforceWithExplain(opts: {
+        enforcer: CasbinEnforcerType;
+        vals: string[];
+    }): boolean;
+    invalidateUserCache(opts: {
+        user: IAuthorizationUser;
+    }): Promise<{
+        invalidatedKeys: number;
+    }>;
+    rebuildUserCache(opts: {
+        user: IAuthorizationUser;
+    }): Promise<{
+        cacheKey: string;
+        lineCount: number;
+    }>;
+    /** Compute the user's cache key and reject an empty result — consistent with the read path. */
+    protected resolveCacheKey(opts: {
+        user: IAuthorizationUser;
+        cached: ICasbinEnforcerCachedRedis & {
+            use: true;
+        };
+    }): Promise<string>;
+    /** Narrow `options.cached` to the redis variant; cache management is redis-only. */
+    protected requireRedisCache(): ICasbinEnforcerCachedRedis & {
+        use: true;
+    };
+    protected registerMatchers(opts: {
+        enforcer: CasbinEnforcerType;
+        casbin: typeof import('casbin');
+    }): Promise<void>;
+    /** Map a CasbinDomainMatchingFunctions value to casbin's Util.*Func matcher. */
+    protected resolveDomainMatchingFn(opts: {
         casbin: typeof import('casbin');
-        model: import('casbin').Model;
-        adapter?: unknown;
-        cached: ICasbinEnforcerOptions['cached'];
-    }): Promise<CasbinEnforcerType | CasbinCachedEnforcerType>;
+        name: TCasbinDomainMatchingFunction;
+    }): (arg1: string, arg2: string) => boolean;
+    /** Default (sub,dom,obj,act) payload for the scoped model; domain comes from request.domain. */
+    protected defaultScopedPayloadFn(): TNormalizePayloadFn<E, TAction, TResource> | undefined;
     protected resolveModel(opts: {
         casbin: typeof import('casbin');
         model: ICasbinEnforcerOptions['model'];
@@ -37,20 +99,50 @@ export declare class CasbinAuthorizationEnforcer<E extends Env = Env, TAction ex
     protected validateExpiresIn(opts: {
         expiresIn: number;
     }): void;
-    protected loadPoliciesFromAdapter(opts: {
-        user: {
-            principalType: string;
-        } & IAuthUser;
-    }): Promise<void>;
-    protected loadPoliciesWithRedisCache(opts: {
-        user: {
-            principalType: string;
-        } & IAuthUser;
-        cached: ICasbinEnforcerCachedRedis;
+    /**
+     * Fetch the user's policy lines, collapsing concurrent cache misses for the same key onto a single
+     * extraction (via `pendingLineFetches`) instead of letting every request hit the DB at once.
+     * Note: best-effort — two misses can both get past the cache read before either records its fetch
+     * in the map, so both extract once (benign: per-user lines are identical). It collapses the common
+     * case; the fast cache-hit path stays OUTSIDE the map to avoid needless contention.
+     */
+    protected fetchLinesWithRedisCache(opts: {
+        user: IAuthorizationUser;
+        cached: ICasbinEnforcerCachedRedis & {
+            use: true;
+        };
+    }): Promise<string[]>;
+    /** Single source of truth for the Redis cache encoding. Used by miss-path and rebuild. */
+    protected writeCachedPolicyLines(opts: {
+        cacheKey: string;
+        lines: string[];
+        options: ICasbinEnforcerCachedRedis['options'];
     }): Promise<void>;
-    protected extractPolicyLines(): Promise<string[]>;
+    /** Decode cached policy lines; on any corruption, log and return null so the caller refetches. */
+    protected parseCachedPolicyLines(opts: {
+        raw: string;
+        cacheKey: string;
+    }): TNullable<string[]>;
+    /**
+     * Extract a user's policy lines from an ISOLATED throwaway enforcer (its own model + the adapter),
+     * never a pooled serving enforcer. This is the core of the anti-poisoning design: concurrent requests
+     * on pooled enforcers can't change what we cache for this user. Used by buildRules + rebuild.
+     */
+    protected extractUserLines(opts: {
+        user: IAuthorizationUser;
+    }): Promise<string[]>;
+    /**
+     * Serialize ALL policy + grouping rule types of an enforcer's model back into casbin lines.
+     * Covers every p-type (p, p2, …) and g-type (g, g2, g3, g4, g5, …) — not just `p`/`g` — so the
+     * cached payload is complete for the scoped model (resource/action/domain hierarchies + membership).
+     * Reads stored rules (independent of role-link matching funcs), so the loader needs none registered.
+     */
+    protected extractLinesFrom(enforcer: CasbinEnforcerType): Promise<string[]>;
+    /** Atomically reset a borrowed enforcer's model to exactly `lines` + rebuild role links. */
     protected loadPolicyLinesIntoModel(opts: {
+        enforcer: CasbinEnforcerType;
         lines: string[];
     }): Promise<void>;
 }
+export {};
 //# sourceMappingURL=casbin.enforcer.d.ts.map

package/dist/components/auth/authorize/enforcers/casbin.enforcer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"casbin.enforcer.d.ts","sourceRoot":"","sources":["../../../../../src/components/auth/authorize/enforcers/casbin.enforcer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,iCAAiC,CAAC;AAE3D,OAAO,EAAE,UAAU,EAA6B,MAAM,wBAAwB,CAAC;AAC/E,OAAO,KAAK,EACV,cAAc,IAAI,wBAAwB,EAC1C,QAAQ,IAAI,kBAAkB,EAC/B,MAAM,QAAQ,CAAC;AAChB,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAOL,sBAAsB,EACtB,0BAA0B,EAC1B,sBAAsB,EACtB,KAAK,wBAAwB,EAC7B,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC5B,MAAM,WAAW,CAAC;AAInB,qBAAa,2BAA2B,CACtC,CAAC,SAAS,GAAG,GAAG,GAAG,EACnB,OAAO,SAAS,MAAM,GAAG,wBAAwB,GAAG,MAAM,EAC1D,SAAS,SAAS,MAAM,GAAG,wBAAwB,GAAG,MAAM,CAE5D,SAAQ,UACR,YAAW,sBAAsB,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC;IAUjE,OAAO,CAAC,OAAO;IARjB,IAAI,SAAoC;IACxC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IAEzC,OAAO,CAAC,QAAQ,CAAkE;IAClF,OAAO,CAAC,yBAAyB,CAAmC;gBAI1D,OAAO,EAAE,sBAAsB,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC;IAO1D,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAoChC,OAAO;IAWD,UAAU,CAAC,IAAI,EAAE;QACrB,IAAI,EAAE;YAAE,aAAa,EAAE,MAAM,CAAA;SAAE,GAAG,SAAS,CAAC;QAC5C,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;KAC9B,GAAG,OAAO,CAAC,SAAS,CAAC;IAwChB,QAAQ,CAAC,IAAI,EAAE;QACnB,KAAK,EAAE,SAAS,CAAC;QACjB,OAAO,EAAE,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QACnD,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;KAC9B,GAAG,OAAO,CAAC,sBAAsB,CAAC;cAoDnB,qBAAqB,CAAC,IAAI,EAAE;QAC1C,MAAM,EAAE,cAAc,QAAQ,CAAC,CAAC;QAChC,KAAK,EAAE,OAAO,QAAQ,EAAE,KAAK,CAAC;QAC9B,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,MAAM,EAAE,sBAAsB,CAAC,QAAQ,CAAC,CAAC;KAC1C,GAAG,OAAO,CAAC,kBAAkB,GAAG,wBAAwB,CAAC;IAmC1D,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE;QAC3B,MAAM,EAAE,cAAc,QAAQ,CAAC,CAAC;QAChC,KAAK,EAAE,sBAAsB,CAAC,OAAO,CAAC,CAAC;KACxC;IAkBD,SAAS,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;cAY9C,uBAAuB,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE;YAAE,aAAa,EAAE,MAAM,CAAA;SAAE,GAAG,SAAS,CAAA;KAAE;cAc7E,0BAA0B,CAAC,IAAI,EAAE;QAC/C,IAAI,EAAE;YAAE,aAAa,EAAE,MAAM,CAAA;SAAE,GAAG,SAAS,CAAC;QAC5C,MAAM,EAAE,0BAA0B,CAAC;KACpC;cAmCe,kBAAkB;cAgBlB,wBAAwB,CAAC,IAAI,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;CAkBnF"}
+{"version":3,"file":"casbin.enforcer.d.ts","sourceRoot":"","sources":["../../../../../src/components/auth/authorize/enforcers/casbin.enforcer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,iCAAiC,CAAC;AAE3D,OAAO,EAAE,UAAU,EAAkC,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAC/F,OAAO,KAAK,EAAE,QAAQ,IAAI,kBAAkB,EAA8B,MAAM,QAAQ,CAAC;AACzF,OAAO,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAC3B,OAAO,EASL,sBAAsB,EACtB,kBAAkB,EAClB,0BAA0B,EAC1B,sBAAsB,EACtB,YAAY,EAEZ,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,6BAA6B,EACnC,MAAM,WAAW,CAAC;AAEnB,4GAA4G;AAC5G,KAAK,mBAAmB,CAAC,CAAC,SAAS,GAAG,EAAE,OAAO,EAAE,SAAS,IAAI,CAAC,IAAI,EAAE;IACnE,IAAI,EAAE,kBAAkB,CAAC;IACzB,MAAM,EAAE,OAAO,CAAC;IAChB,QAAQ,EAAE,SAAS,CAAC;IACpB,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;CAC9B,KAAK;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC;AAU7E,qBAAa,2BAA2B,CACtC,CAAC,SAAS,GAAG,GAAG,GAAG,EACnB,OAAO,SAAS,MAAM,GAAG,MAAM,EAC/B,SAAS,SAAS,MAAM,GAAG,MAAM,CAEjC,SAAQ,UACR,YAAW,sBAAsB,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,EAAE,YAAY,CAAC;IAkBpE,OAAO,CAAC,OAAO;IAhBjB,IAAI,SAAoC;IACxC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAU;IAEzC,OAAO,CAAC,IAAI,CAAuD;IACnE,OAAO,CAAC,MAAM,CAA4C;IAG1D,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAwC;IAK3E,OAAO,CAAC,iBAAiB,CAA+D;gBAI9E,OAAO,EAAE,sBAAsB,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC;IAO1D,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAsDhC,OAAO,IAAI,IAAI;IAMf;;;;;;;;;;OAUG;IACH,SAAS,CAAC,yBAAyB,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,kBAAkB,CAAA;KAAE;IAiBpE,UAAU,CAAC,IAAI,EAAE;QACrB,IAAI,EAAE,kBAAkB,CAAC;QACzB,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;KAC9B,GAAG,OAAO,CAAC,YAAY,CAAC;IAWnB,QAAQ,CAAC,IAAI,EAAE;QACnB,KAAK,EAAE,YAAY,CAAC;QACpB,OAAO,EAAE,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QACnD,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;KAC9B,GAAG,OAAO,CAAC,sBAAsB,CAAC;IA0DnC;;;;;OAKG;IACH,SAAS,CAAC,kBAAkB,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,kBAAkB,CAAC;QAAC,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO;IAiBvF,mBAAmB,CAAC,IAAI,EAAE;QAC9B,IAAI,EAAE,kBAAkB,CAAC;KAC1B,GAAG,OAAO,CAAC;QAAE,eAAe,EAAE,MAAM,CAAA;KAAE,CAAC;IAiBlC,gBAAgB,CAAC,IAAI,EAAE;QAC3B,IAAI,EAAE,kBAAkB,CAAC;KAC1B,GAAG,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;IAwBpD,+FAA+F;cAC/E,eAAe,CAAC,IAAI,EAAE;QACpC,IAAI,EAAE,kBAAkB,CAAC;QACzB,MAAM,EAAE,0BAA0B,GAAG;YAAE,GAAG,EAAE,IAAI,CAAA;SAAE,CAAC;KACpD,GAAG,OAAO,CAAC,MAAM,CAAC;IAYnB,oFAAoF;IACpF,SAAS,CAAC,iBAAiB,IAAI,0BAA0B,GAAG;QAAE,GAAG,EAAE,IAAI,CAAA;KAAE;cAezD,gBAAgB,CAAC,IAAI,EAAE;QACrC,QAAQ,EAAE,kBAAkB,CAAC;QAC7B,MAAM,EAAE,cAAc,QAAQ,CAAC,CAAC;KACjC,GAAG,OAAO,CAAC,IAAI,CAAC;IA8BjB,gFAAgF;IAChF,SAAS,CAAC,uBAAuB,CAAC,IAAI,EAAE;QACtC,MAAM,EAAE,cAAc,QAAQ,CAAC,CAAC;QAChC,IAAI,EAAE,6BAA6B,CAAC;KACrC,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,KAAK,OAAO;IAmC3C,gGAAgG;IAChG,SAAS,CAAC,sBAAsB,IAAI,mBAAmB,CAAC,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,SAAS;IAmB1F,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE;QAC3B,MAAM,EAAE,cAAc,QAAQ,CAAC,CAAC;QAChC,KAAK,EAAE,sBAAsB,CAAC,OAAO,CAAC,CAAC;KACxC;IAkBD,SAAS,CAAC,iBAAiB,CAAC,IAAI,EAAE;QAAE,SAAS,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAY9D;;;;;;OAMG;cACa,wBAAwB,CAAC,IAAI,EAAE;QAC7C,IAAI,EAAE,kBAAkB,CAAC;QACzB,MAAM,EAAE,0BAA0B,GAAG;YAAE,GAAG,EAAE,IAAI,CAAA;SAAE,CAAC;KACpD,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAqCrB,0FAA0F;cAC1E,sBAAsB,CAAC,IAAI,EAAE;QAC3C,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,OAAO,EAAE,0BAA0B,CAAC,SAAS,CAAC,CAAC;KAChD,GAAG,OAAO,CAAC,IAAI,CAAC;IASjB,kGAAkG;IAClG,SAAS,CAAC,sBAAsB,CAAC,IAAI,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;IAmB9F;;;;OAIG;cACa,gBAAgB,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,kBAAkB,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAkBvF;;;;;OAKG;cACa,gBAAgB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA2BjF,4FAA4F;cAC5E,wBAAwB,CAAC,IAAI,EAAE;QAC7C,QAAQ,EAAE,kBAAkB,CAAC;QAC7B,KAAK,EAAE,MAAM,EAAE,CAAC;KACjB,GAAG,OAAO,CAAC,IAAI,CAAC;CAgBlB"}