@via-profit/ability 1.1.0 → 2.0.0-rc.2

package/build/playground.js

@@ -0,0 +1,910 @@
+/******/ (() => { // webpackBootstrap
+/******/ 	"use strict";
+/******/ 	var __webpack_modules__ = ({
+
+/***/ "./src/AbilityCode.ts":
+/*!****************************!*\
+  !*** ./src/AbilityCode.ts ***!
+  \****************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityCode = void 0;
+class AbilityCode {
+    code;
+    constructor(code) {
+        this.code = code;
+    }
+    isEqual(compareWith) {
+        return compareWith !== null && this.code === compareWith.code;
+    }
+    isNotEqual(compareWith) {
+        return !this.isEqual(compareWith);
+    }
+}
+exports.AbilityCode = AbilityCode;
+exports["default"] = AbilityCode;
+
+
+/***/ }),
+
+/***/ "./src/AbilityCompare.ts":
+/*!*******************************!*\
+  !*** ./src/AbilityCompare.ts ***!
+  \*******************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityCompare = void 0;
+const AbilityCode_1 = __importDefault(__webpack_require__(/*! ./AbilityCode */ "./src/AbilityCode.ts"));
+class AbilityCompare extends AbilityCode_1.default {
+    static OR = new AbilityCompare(0);
+    static AND = new AbilityCompare(1);
+}
+exports.AbilityCompare = AbilityCompare;
+exports["default"] = AbilityCompare;
+
+
+/***/ }),
+
+/***/ "./src/AbilityCondition.ts":
+/*!*********************************!*\
+  !*** ./src/AbilityCondition.ts ***!
+  \*********************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityCondition = void 0;
+const AbilityCode_1 = __importDefault(__webpack_require__(/*! ./AbilityCode */ "./src/AbilityCode.ts"));
+class AbilityCondition extends AbilityCode_1.default {
+    static EQUAL = new AbilityCondition('=');
+    static NOT_EQUAL = new AbilityCondition('<>');
+    static MORE_THAN = new AbilityCondition('>');
+    static LESS_THAN = new AbilityCondition('<');
+    static LESS_OR_EQUAL = new AbilityCondition('<=');
+    static MORE_OR_EQUAL = new AbilityCondition('>=');
+    static IN = new AbilityCondition('in');
+    static NOT_IN = new AbilityCondition('not in');
+}
+exports.AbilityCondition = AbilityCondition;
+exports["default"] = AbilityCondition;
+
+
+/***/ }),
+
+/***/ "./src/AbilityError.ts":
+/*!*****************************!*\
+  !*** ./src/AbilityError.ts ***!
+  \*****************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.PermissionError = exports.AbilityParserError = exports.AbilityError = void 0;
+class AbilityError extends Error {
+    constructor(message) {
+        super(message);
+    }
+}
+exports.AbilityError = AbilityError;
+class AbilityParserError extends Error {
+    constructor(message) {
+        super(message);
+    }
+}
+exports.AbilityParserError = AbilityParserError;
+class PermissionError extends Error {
+    constructor(message) {
+        super(message);
+    }
+}
+exports.PermissionError = PermissionError;
+
+
+/***/ }),
+
+/***/ "./src/AbilityMatch.ts":
+/*!*****************************!*\
+  !*** ./src/AbilityMatch.ts ***!
+  \*****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityMatch = void 0;
+const AbilityCode_1 = __importDefault(__webpack_require__(/*! ./AbilityCode */ "./src/AbilityCode.ts"));
+class AbilityMatch extends AbilityCode_1.default {
+    static PENDING = new AbilityMatch(2);
+    static MATCH = new AbilityMatch(1);
+    static MISMATCH = new AbilityMatch(0);
+}
+exports.AbilityMatch = AbilityMatch;
+exports["default"] = AbilityMatch;
+
+
+/***/ }),
+
+/***/ "./src/AbilityParser.ts":
+/*!******************************!*\
+  !*** ./src/AbilityParser.ts ***!
+  \******************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityParser = void 0;
+const AbilityError_1 = __webpack_require__(/*! ./AbilityError */ "./src/AbilityError.ts");
+const AbilityCondition_1 = __importDefault(__webpack_require__(/*! ./AbilityCondition */ "./src/AbilityCondition.ts"));
+class AbilityParser {
+    /**
+     * Validates the configuration object based on the provided field validation configurations.
+     * @param config - The configuration object to validate.
+     * @param fields - An array of field validation configurations.
+     * @throws {AbilityParserError} If a required field is missing or if a field has an incorrect type.
+     */
+    static validateConfig(config, fields) {
+        fields.forEach(([field, type, isRequired]) => {
+            const value = config[field];
+            if (isRequired) {
+                if (typeof value === 'undefined') {
+                    throw new AbilityError_1.AbilityParserError(`Missing required field [${field}]`);
+                }
+            }
+            switch (type) {
+                case 'array':
+                    if (typeof value !== 'object' || !Array.isArray(value)) {
+                        throw new AbilityError_1.AbilityParserError(`Field [${field}] must be an type of [${type}], bit got [${typeof value}]`);
+                    }
+                    break;
+                default:
+                    if (typeof value !== type && typeof value !== 'undefined') {
+                        throw new AbilityError_1.AbilityParserError(`Field [${field}] must be a type of [${type}], bit got [${typeof value}]`);
+                    }
+                    break;
+            }
+        });
+    }
+    /**
+     * Prepares and validates the configuration object or JSON string.
+     * @param configOrJson - The configuration object or JSON string to validate.
+     * @param fields - An array of field validation configurations.
+     * @returns The validated configuration object.
+     */
+    static prepareAndValidateConfig(configOrJson, fields) {
+        const config = typeof configOrJson === 'string'
+            ? (JSON.parse(configOrJson))
+            : configOrJson;
+        AbilityParser.validateConfig(config, fields);
+        return config;
+    }
+    /*
+    *
+    *  readonly ['order.update']: {
+    *     readonly user: {
+    *       readonly roles: readonly string[];
+    *       readonly department: string;
+    *     };
+    *     readonly order: {
+    *       readonly estimatedArrivalAt: number;
+    *       readonly status: string;
+    *     }
+    *  }
+    *
+    * */
+    /**
+     * Sets a value in a nested object structure based on a dot/bracket notation path.
+     * @param object - The target object to modify.
+     * @param path - The path to the property in dot/bracket notation.
+     * @param value - The value to set at the specified path.
+     */
+    static setValueDotValue(object, path, value) {
+        const way = path.replace(/\[/g, '.').replace(/\]/g, '').split('.');
+        const last = way.pop();
+        if (!last) {
+            throw new AbilityError_1.AbilityParserError(`Invalid path provided on a [${path}]`);
+        }
+        way.reduce((o, k, i, kk) => {
+            if (!o[k]) {
+                o[k] = isFinite(Number(kk[i + 1])) ? [] : {};
+            }
+            return o[k];
+        }, object)[last] = value;
+    }
+    /**
+     * Generates TypeScript type definitions based on the provided policies.
+     * @param policies - An array of AbilityPolicy instances.
+     * @param outPath - The output path for the generated type definitions.
+     * @returns A record containing the generated type definitions.
+     */
+    static generateTypeDefs(policies, outPath) {
+        const record = {};
+        policies.forEach(policy => {
+            policy.ruleSet.forEach(ruleSet => {
+                ruleSet.rules.forEach(rule => {
+                    const [leftFieldPath, condition, rightFiledPath] = rule.matches;
+                    let value = 'any';
+                    switch (true) {
+                        case condition.isEqual(AbilityCondition_1.default.NOT_EQUAL):
+                        case condition.isEqual(AbilityCondition_1.default.EQUAL):
+                            value = typeof rightFiledPath;
+                            break;
+                        case condition.isEqual(AbilityCondition_1.default.IN):
+                        case condition.isEqual(AbilityCondition_1.default.NOT_IN):
+                            value = `${typeof rightFiledPath}[]`;
+                            break;
+                        case condition.isEqual(AbilityCondition_1.default.MORE_OR_EQUAL):
+                        case condition.isEqual(AbilityCondition_1.default.MORE_THAN):
+                        case condition.isEqual(AbilityCondition_1.default.LESS_OR_EQUAL):
+                        case condition.isEqual(AbilityCondition_1.default.LESS_THAN):
+                            value = 'number';
+                            break;
+                    }
+                    AbilityParser.setValueDotValue(record, leftFieldPath, value);
+                });
+            });
+        });
+        console.log(JSON.stringify(record));
+        return record;
+    }
+}
+exports.AbilityParser = AbilityParser;
+exports["default"] = AbilityParser;
+
+
+/***/ }),
+
+/***/ "./src/AbilityPolicy.ts":
+/*!******************************!*\
+  !*** ./src/AbilityPolicy.ts ***!
+  \******************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityPolicy = void 0;
+const AbilityRule_1 = __importDefault(__webpack_require__(/*! ./AbilityRule */ "./src/AbilityRule.ts"));
+const AbilityRuleSet_1 = __importDefault(__webpack_require__(/*! ./AbilityRuleSet */ "./src/AbilityRuleSet.ts"));
+const AbilityMatch_1 = __importDefault(__webpack_require__(/*! ./AbilityMatch */ "./src/AbilityMatch.ts"));
+const AbilityCompare_1 = __importDefault(__webpack_require__(/*! ./AbilityCompare */ "./src/AbilityCompare.ts"));
+const AbilityPolicyEffect_1 = __importDefault(__webpack_require__(/*! ./AbilityPolicyEffect */ "./src/AbilityPolicyEffect.ts"));
+const AbilityParser_1 = __importDefault(__webpack_require__(/*! ./AbilityParser */ "./src/AbilityParser.ts"));
+class AbilityPolicy {
+    matchState = AbilityMatch_1.default.PENDING;
+    /**
+     * List of rules
+     */
+    ruleSet = [];
+    /**
+     * Policy effect
+     */
+    effect;
+    /**
+     * Rules compare method.\
+     * For the «and» method the rule will be permitted if all\
+     * rules will be returns «permit» status and for the «or» - if\
+     * one of the rules returns as «permit»
+     */
+    compareMethod = AbilityCompare_1.default.AND;
+    /**
+     * Policy name
+     */
+    name;
+    /**
+     * Policy ID
+     */
+    id;
+    /**
+     * Soon
+     */
+    action;
+    constructor(params) {
+        const { name, id, action, effect } = params;
+        this.name = name || Symbol('name');
+        this.id = id || Symbol('id');
+        this.action = action;
+        this.effect = effect;
+    }
+    /**
+     * Add rule set to the policy
+     * @param ruleSet - The rule set to add
+     */
+    addRuleSet(ruleSet) {
+        this.ruleSet.push(ruleSet);
+        return this;
+    }
+    /**
+     * Add rule to the policy
+     * @param rule - The rule to add
+     */
+    addRule(rule) {
+        this.addRuleSet(new AbilityRuleSet_1.default({
+            name: rule.name,
+        }).addRule(rule, AbilityCompare_1.default.AND));
+        return this;
+    }
+    /**
+     * Check if the policy is matched
+     * @param resource - The resource to check
+     */
+    check(resource) {
+        this.matchState = AbilityMatch_1.default.MISMATCH;
+        /**
+         * If policy contain a rules
+         */
+        if (this.ruleSet.length) {
+            const ruleCheckStates = [];
+            this.ruleSet.forEach(rule => {
+                const ruleCheckState = rule.check(resource);
+                ruleCheckStates.push(ruleCheckState);
+            });
+            if (AbilityCompare_1.default.AND.isEqual(this.compareMethod)) {
+                if (ruleCheckStates.every(ruleState => AbilityMatch_1.default.MATCH.isEqual(ruleState))) {
+                    this.matchState = AbilityMatch_1.default.MATCH;
+                }
+            }
+            if (AbilityCompare_1.default.OR.isEqual(this.compareMethod)) {
+                if (ruleCheckStates.some(ruleState => AbilityMatch_1.default.MATCH.isEqual(ruleState))) {
+                    this.matchState = AbilityMatch_1.default.MATCH;
+                }
+            }
+        }
+        return this.matchState;
+    }
+    /**
+     * Parse the config JSON format to Policy class instance
+     */
+    static parse(configOrJson) {
+        const config = AbilityParser_1.default.prepareAndValidateConfig(configOrJson, [
+            ['id', 'string', false],
+            ['name', 'string', true],
+            ['action', 'string', true],
+            ['effect', 'number', true],
+            ['compareMethod', 'number', true],
+            ['ruleSet', 'array', true],
+        ]);
+        const { id, name, ruleSet, compareMethod, action, effect } = config;
+        // Create the empty policy
+        const policy = new AbilityPolicy({
+            name,
+            id,
+            action,
+            effect: new AbilityPolicyEffect_1.default(effect),
+        });
+        policy.compareMethod = new AbilityCompare_1.default(compareMethod);
+        ruleSet.forEach(ruleOrRuleSet => {
+            // is ruleset
+            if ('rules' in ruleOrRuleSet) {
+                policy.addRuleSet(AbilityRuleSet_1.default.parse(ruleOrRuleSet));
+            }
+            // is simple rule
+            if (!('rules' in ruleOrRuleSet)) {
+                policy.addRule(AbilityRule_1.default.parse(ruleOrRuleSet));
+            }
+        });
+        return policy;
+    }
+    export() {
+        return {
+            id: this.id.toString(),
+            name: this.name.toString(),
+            compareMethod: this.compareMethod.code,
+            ruleSet: this.ruleSet.map(rule => rule.export()),
+            action: this.action,
+            effect: this.effect.code,
+        };
+    }
+}
+exports.AbilityPolicy = AbilityPolicy;
+exports["default"] = AbilityPolicy;
+
+
+/***/ }),
+
+/***/ "./src/AbilityPolicyEffect.ts":
+/*!************************************!*\
+  !*** ./src/AbilityPolicyEffect.ts ***!
+  \************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityPolicyEffect = void 0;
+const AbilityCode_1 = __importDefault(__webpack_require__(/*! ./AbilityCode */ "./src/AbilityCode.ts"));
+class AbilityPolicyEffect extends AbilityCode_1.default {
+    static DENY = new AbilityPolicyEffect(0);
+    static PERMIT = new AbilityPolicyEffect(1);
+}
+exports.AbilityPolicyEffect = AbilityPolicyEffect;
+exports["default"] = AbilityPolicyEffect;
+
+
+/***/ }),
+
+/***/ "./src/AbilityResolver.ts":
+/*!********************************!*\
+  !*** ./src/AbilityResolver.ts ***!
+  \********************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityResolver = void 0;
+const AbilityPolicyEffect_1 = __importDefault(__webpack_require__(/*! ./AbilityPolicyEffect */ "./src/AbilityPolicyEffect.ts"));
+const AbilityMatch_1 = __importDefault(__webpack_require__(/*! ./AbilityMatch */ "./src/AbilityMatch.ts"));
+const AbilityError_1 = __webpack_require__(/*! ./AbilityError */ "./src/AbilityError.ts");
+class AbilityResolver {
+    policies;
+    constructor(policies) {
+        this.policies = policies;
+    }
+    /**
+     * Resolve policy for the resource and action
+     *
+     @param action - Action
+     * @param resource - Resource
+     */
+    resolve(action, resource) {
+        const filteredPolicies = this.policies.filter(policy => {
+            return AbilityResolver.isInActionContain(policy.action, String(action));
+        });
+        filteredPolicies.map(policy => policy.check(resource));
+        this.policies = filteredPolicies;
+        return this;
+    }
+    enforce(action, resource) {
+        const resolver = this.resolve(action, resource);
+        if (resolver) {
+            if (resolver.isDeny()) {
+                throw new AbilityError_1.PermissionError(['Permission denied', resolver.getPolicy()?.name?.toString()].join('. '));
+            }
+        }
+    }
+    /**
+     * Get the last effect of the policy
+     *
+     * @returns {AbilityPolicyEffect | null}
+     */
+    getEffect() {
+        const effects = this.policies.reduce((collect, policy, _index) => {
+            if (policy.matchState.isEqual(AbilityMatch_1.default.MATCH)) {
+                return collect.concat(policy.effect);
+            }
+            return collect;
+        }, []);
+        if (effects.length) {
+            return effects[effects.length - 1];
+        }
+        return null;
+    }
+    isPermit() {
+        const effect = this.getEffect();
+        return effect !== null && effect.isEqual(AbilityPolicyEffect_1.default.PERMIT);
+    }
+    isDeny() {
+        const effect = this.getEffect();
+        return effect !== null && effect.isEqual(AbilityPolicyEffect_1.default.DENY);
+    }
+    getPolicy() {
+        const lastPolicy = this.policies.length ? this.policies[this.policies.length - 1] : null;
+        return lastPolicy && lastPolicy.matchState.isEqual(AbilityMatch_1.default.MATCH) ? lastPolicy : null;
+    }
+    /**
+     * Check if the action is contained in another action
+     * @param actionA - The first action to check
+     * @param actionB - The second action to check
+     */
+    static isInActionContain(actionA, actionB) {
+        const actionAArray = String(actionA).split('.');
+        const actionBArray = String(actionB).split('.');
+        const a = actionAArray.length >= actionBArray.length ? actionAArray : actionBArray;
+        const b = actionBArray.length >= actionAArray.length ? actionBArray : actionAArray;
+        return a
+            .reduce((acc, chunk, index) => {
+            const iterationRes = chunk === b[index] || b[index] === '*' || chunk === '*';
+            return acc.concat(iterationRes);
+        }, [])
+            .every(Boolean);
+    }
+}
+exports.AbilityResolver = AbilityResolver;
+exports["default"] = AbilityResolver;
+
+
+/***/ }),
+
+/***/ "./src/AbilityRule.ts":
+/*!****************************!*\
+  !*** ./src/AbilityRule.ts ***!
+  \****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityRule = void 0;
+const AbilityMatch_1 = __importDefault(__webpack_require__(/*! ./AbilityMatch */ "./src/AbilityMatch.ts"));
+const AbilityCondition_1 = __importDefault(__webpack_require__(/*! ./AbilityCondition */ "./src/AbilityCondition.ts"));
+const AbilityParser_1 = __importDefault(__webpack_require__(/*! ./AbilityParser */ "./src/AbilityParser.ts"));
+class AbilityRule {
+    matches;
+    name;
+    state = AbilityMatch_1.default.PENDING;
+    constructor(params) {
+        const { name, matches } = params;
+        this.name = name || Symbol('name');
+        this.matches = matches;
+    }
+    /**
+     * Check if the rule is matched
+     * @param resource - The resource to check
+     */
+    check(resource) {
+        const [_subjectPathName, condition, _staticValueOrPathName] = this.matches;
+        let is = false;
+        const [valueS, valueO] = this.extractValues(resource);
+        if (AbilityCondition_1.default.LESS_THAN.isEqual(condition)) {
+            is = Number(valueS) < Number(valueO);
+        }
+        if (AbilityCondition_1.default.LESS_OR_EQUAL.isEqual(condition)) {
+            is = Number(valueS) <= Number(valueO);
+        }
+        if (AbilityCondition_1.default.MORE_THAN.isEqual(condition)) {
+            is = Number(valueS) > Number(valueO);
+        }
+        if (AbilityCondition_1.default.MORE_OR_EQUAL.isEqual(condition)) {
+            is = Number(valueS) >= Number(valueO);
+        }
+        if (AbilityCondition_1.default.EQUAL.isEqual(condition)) {
+            is = valueS === valueO;
+        }
+        if (AbilityCondition_1.default.NOT_EQUAL.isEqual(condition)) {
+            is = valueS !== valueO;
+        }
+        if (AbilityCondition_1.default.IN.isEqual(condition)) {
+            // [<some>] and [<some>]
+            if (Array.isArray(valueS) && Array.isArray(valueO)) {
+                is = valueS.some(v => valueO.find(v1 => v1 === v));
+            }
+            // <some> and [<some>]
+            if ((typeof valueS === 'string' || typeof valueS === 'number') && Array.isArray(valueO)) {
+                is = valueO.includes(valueS);
+            }
+            // [<some>] and <some>
+            if ((typeof valueO === 'string' || typeof valueO === 'number') && Array.isArray(valueS)) {
+                is = valueS.includes(valueO);
+            }
+        }
+        if (AbilityCondition_1.default.NOT_IN.isEqual(condition)) {
+            // [<some>] and [<some>]
+            if (Array.isArray(valueS) && Array.isArray(valueO)) {
+                is = !valueS.some(v => valueO.find(v1 => v1 === v));
+            }
+            // <some> and [<some>]
+            if ((typeof valueS === 'string' || typeof valueS === 'number') && Array.isArray(valueO)) {
+                is = !valueO.includes(valueS);
+            }
+            // [<some>] and <some>
+            if ((typeof valueO === 'string' || typeof valueO === 'number') && Array.isArray(valueS)) {
+                is = !valueS.includes(valueO);
+            }
+        }
+        this.state = is ? AbilityMatch_1.default.MATCH : AbilityMatch_1.default.MISMATCH;
+        return this.state;
+    }
+    /**
+     * Extract values from the resource
+     * @param resource - The resource to extract values from
+     */
+    extractValues(resource) {
+        const [subjectPathName, _condition, staticValueOrPathName] = this.matches;
+        let leftSideValue;
+        let rightSideValue;
+        if (resource === null || typeof resource === 'undefined') {
+            return [NaN, NaN];
+        }
+        const isPath = (str) => {
+            return typeof str === 'string' && str.match(/\./g) !== null;
+        };
+        if (isPath(subjectPathName)) {
+            leftSideValue = this.getDotNotationValue(resource, subjectPathName);
+        }
+        if (isPath(staticValueOrPathName)) {
+            rightSideValue = this.getDotNotationValue(resource, staticValueOrPathName);
+        }
+        else {
+            rightSideValue = staticValueOrPathName;
+        }
+        return [leftSideValue, rightSideValue];
+    }
+    /**
+     * Get the value of the object by dot notation
+     * @param resource - The object to get the value from
+     * @param desc - The dot notation string
+     */
+    getDotNotationValue(resource, desc) {
+        const arr = desc.split('.');
+        while (arr.length && resource) {
+            const comp = arr.shift() || '';
+            const match = new RegExp('(.+)\\[([0-9]*)\\]').exec(comp);
+            if (match !== null && match.length == 3) {
+                const arrayData = {
+                    arrName: match[1],
+                    arrIndex: match[2],
+                };
+                if (resource[arrayData.arrName] !== undefined) {
+                    resource = resource[arrayData.arrName][arrayData.arrIndex];
+                }
+                else {
+                    resource = undefined;
+                }
+            }
+            else {
+                resource = resource[comp];
+            }
+        }
+        return resource;
+    }
+    static parse(configOrJson) {
+        const config = AbilityParser_1.default.prepareAndValidateConfig(configOrJson, [
+            ['id', 'string', false],
+            ['name', 'string', true],
+            ['matches', 'array', true],
+        ]);
+        const { name, matches } = config;
+        const [leftField, condition, rightField] = matches;
+        return new AbilityRule({
+            name,
+            matches: [leftField, new AbilityCondition_1.default(condition), rightField],
+        });
+    }
+    /**
+     * Export the rule to config object
+     */
+    export() {
+        const [leftField, condition, rightField] = this.matches;
+        return {
+            name: this.name,
+            matches: [leftField, condition.code, rightField],
+        };
+    }
+}
+exports.AbilityRule = AbilityRule;
+exports["default"] = AbilityRule;
+
+
+/***/ }),
+
+/***/ "./src/AbilityRuleSet.ts":
+/*!*******************************!*\
+  !*** ./src/AbilityRuleSet.ts ***!
+  \*******************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AbilityRuleSet = void 0;
+const AbilityRule_1 = __importDefault(__webpack_require__(/*! ./AbilityRule */ "./src/AbilityRule.ts"));
+const AbilityCompare_1 = __importDefault(__webpack_require__(/*! ./AbilityCompare */ "./src/AbilityCompare.ts"));
+const AbilityMatch_1 = __importDefault(__webpack_require__(/*! ./AbilityMatch */ "./src/AbilityMatch.ts"));
+const AbilityParser_1 = __importDefault(__webpack_require__(/*! ./AbilityParser */ "./src/AbilityParser.ts"));
+class AbilityRuleSet {
+    state = AbilityMatch_1.default.PENDING;
+    /**
+     * List of rules
+     */
+    rules = [];
+    /**
+     * Rules compare method.\
+     * For the «and» method the rule will be permitted if all\
+     * rules will be returns «permit» status and for the «or» - if\
+     * one of the rules returns as «permit»
+     */
+    compareMethod = AbilityCompare_1.default.AND;
+    /**
+     * Group name
+     */
+    name;
+    /**
+     * Group ID
+     */
+    id;
+    constructor(params) {
+        const { name, id } = params || {};
+        this.name = name || Symbol('name');
+        this.id = id || Symbol('id');
+    }
+    addRule(rule, compareMethod) {
+        this.rules.push(rule);
+        this.compareMethod = compareMethod;
+        return this;
+    }
+    addRules(rules, compareMethod) {
+        rules.forEach(rule => this.addRule(rule, compareMethod));
+        return this;
+    }
+    check(resources) {
+        this.state = AbilityMatch_1.default.MISMATCH;
+        if (!this.rules.length) {
+            return this.state;
+        }
+        const ruleCheckStates = this.rules.reduce((collect, rule) => {
+            return collect.concat(rule.check(resources));
+        }, []);
+        if (AbilityCompare_1.default.AND.isEqual(this.compareMethod)) {
+            if (ruleCheckStates.every(ruleState => AbilityMatch_1.default.MATCH.isEqual(ruleState))) {
+                this.state = AbilityMatch_1.default.MATCH;
+            }
+        }
+        if (AbilityCompare_1.default.OR.isEqual(this.compareMethod)) {
+            if (ruleCheckStates.some(ruleState => AbilityMatch_1.default.MATCH.isEqual(ruleState))) {
+                this.state = AbilityMatch_1.default.MATCH;
+            }
+        }
+        return this.state;
+    }
+    /**
+     * Parse the config JSON format to Group class instance
+     */
+    static parse(configOrJson) {
+        const config = AbilityParser_1.default.prepareAndValidateConfig(configOrJson, [
+            ['id', 'string', false],
+            ['name', 'string', true],
+            ['compareMethod', 'number', true],
+            ['rules', 'array', true],
+        ]);
+        const { id, name, rules, compareMethod } = config;
+        const ruleSet = new AbilityRuleSet({
+            name,
+            id,
+        });
+        ruleSet.compareMethod = new AbilityCompare_1.default(compareMethod);
+        // Adding rules if exists
+        if (rules && rules.length > 0) {
+            const abilityRules = rules.map(ruleConfig => AbilityRule_1.default.parse(ruleConfig));
+            ruleSet.addRules(abilityRules, ruleSet.compareMethod);
+        }
+        return ruleSet;
+    }
+    export() {
+        return {
+            id: this.id.toString(),
+            name: this.name.toString(),
+            compareMethod: this.compareMethod.code,
+            rules: this.rules.map(rule => rule.export()),
+        };
+    }
+}
+exports.AbilityRuleSet = AbilityRuleSet;
+exports["default"] = AbilityRuleSet;
+
+
+/***/ }),
+
+/***/ "./src/playground.ts":
+/*!***************************!*\
+  !*** ./src/playground.ts ***!
+  \***************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+const node_http_1 = __importDefault(__webpack_require__(/*! node:http */ "node:http"));
+const AbilityPolicy_1 = __importDefault(__webpack_require__(/*! ./AbilityPolicy */ "./src/AbilityPolicy.ts"));
+const AbilityResolver_1 = __importDefault(__webpack_require__(/*! ~/AbilityResolver */ "./src/AbilityResolver.ts"));
+const policies_json_1 = __importDefault(__webpack_require__(/*! ./policies.json */ "./src/policies.json"));
+const server = node_http_1.default.createServer();
+server.on('request', (_req, res) => {
+    new AbilityResolver_1.default(policies_json_1.default.map(p => {
+        return AbilityPolicy_1.default.parse(p);
+    })).enforce('account.read', {
+        account: {
+            id: '1',
+            roles: ['managers'],
+        },
+        resource: {
+            id: '1',
+        },
+    });
+    res.statusCode = 200;
+    res.setHeader('content-type', 'application/json');
+    res.write(JSON.stringify({
+        status: 'Done',
+    }));
+    res.end();
+});
+server.listen(8080, 'localhost', () => {
+    console.debug('server started at http://localhost:8080');
+});
+
+
+/***/ }),
+
+/***/ "node:http":
+/*!****************************!*\
+  !*** external "node:http" ***!
+  \****************************/
+/***/ ((module) => {
+
+module.exports = require("node:http");
+
+/***/ }),
+
+/***/ "./src/policies.json":
+/*!***************************!*\
+  !*** ./src/policies.json ***!
+  \***************************/
+/***/ ((module) => {
+
+module.exports = /*#__PURE__*/JSON.parse('[{"name":"Просмотр чужого логина разрешен только владельцу аккаунта и администраторам","action":"account.read","effect":0,"compareMethod":0,"ruleSet":[{"name":"Не владелец аккаунта и не администратор","compareMethod":1,"rules":[{"name":"Владелец аккаунта","matches":["account.id","<>","resource.id"]},{"name":"Администратор","matches":["account.roles","not in","administrator"]}]}]},{"name":"Unauthorized. Access token expected","action":"access.auth","effect":0,"compareMethod":1,"ruleSet":[{"name":"Токен - AccessToken","matches":["token.type","=","access"]},{"name":"Токен не пустой","matches":["token.id","<>","ACCESS_TOKEN_EMPTY_ID"]}]},{"id":"1121","name":"Менеджеры не могут редактировать заказы, созданные более 3-х дней назад, а так же завершенные и отменённые заявки","action":"order.update","effect":0,"compareMethod":1,"ruleSet":[{"name":"Менеджеры","compareMethod":0,"rules":[{"name":"Отдел - Менеджеры","matches":["user.department","=","managers"]},{"name":"Роль - Менеджер","matches":["user.roles","in","manager"]}]},{"name":"Заказы более 3-х дней, а так же завершённые и отменённые заказы","compareMethod":0,"rules":[{"name":"заказ создан более 3-х дней назад","matches":["order.createdDaysAgo",">",3]},{"name":"заказ завершён","matches":["order.status","=","COMPLETED"]},{"name":"заказ отменён","matches":["order.status","=","CANCELLED"]}]}]},{"name":"Менеджеры не могут создавать заказы","action":"order.create","effect":0,"compareMethod":0,"ruleSet":[{"name":"Менеджеры","compareMethod":0,"rules":[{"name":"Отдел - Менеджеры","matches":["user.department","=","managers"]},{"name":"Роль - Менеджер","matches":["user.roles","in","manager"]}]}]},{"name":"Уборщицы не могут видеть стоимость заказа","action":"order.read","effect":0,"compareMethod":0,"ruleSet":[{"name":"все из отдела уборщиц","matches":["user.department","in","cleaner"]}]}]');
+
+/***/ })
+
+/******/ 	});
+/************************************************************************/
+/******/ 	// The module cache
+/******/ 	var __webpack_module_cache__ = {};
+/******/ 	
+/******/ 	// The require function
+/******/ 	function __webpack_require__(moduleId) {
+/******/ 		// Check if module is in cache
+/******/ 		var cachedModule = __webpack_module_cache__[moduleId];
+/******/ 		if (cachedModule !== undefined) {
+/******/ 			return cachedModule.exports;
+/******/ 		}
+/******/ 		// Create a new module (and put it into the cache)
+/******/ 		var module = __webpack_module_cache__[moduleId] = {
+/******/ 			// no module.id needed
+/******/ 			// no module.loaded needed
+/******/ 			exports: {}
+/******/ 		};
+/******/ 	
+/******/ 		// Execute the module function
+/******/ 		__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);
+/******/ 	
+/******/ 		// Return the exports of the module
+/******/ 		return module.exports;
+/******/ 	}
+/******/ 	
+/************************************************************************/
+/******/ 	
+/******/ 	// startup
+/******/ 	// Load entry module and return exports
+/******/ 	// This entry module is referenced by other modules so it can't be inlined
+/******/ 	var __webpack_exports__ = __webpack_require__("./src/playground.ts");
+/******/ 	module.exports = __webpack_exports__;
+/******/ 	
+/******/ })()
+;
+//# sourceMappingURL=playground.js.map