@webiny/api-aco 5.38.0-beta.3 → 5.38.0-beta.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/createAcoContext.d.ts +5 -1
  2. package/createAcoContext.js +10 -4
  3. package/createAcoContext.js.map +1 -1
  4. package/index.d.ts +4 -1
  5. package/index.js +2 -2
  6. package/index.js.map +1 -1
  7. package/package.json +25 -25
  8. package/record/graphql/createAppResolvers.js +10 -3
  9. package/record/graphql/createAppResolvers.js.map +1 -1
  10. package/utils/FolderLevelPermissions.d.ts +3 -1
  11. package/utils/FolderLevelPermissions.js +18 -5
  12. package/utils/FolderLevelPermissions.js.map +1 -1
package/createAcoContext.d.ts CHANGED
@@ -1,3 +1,7 @@
1
1
  import { ContextPlugin } from "@webiny/api";
2
2
  import { AcoContext } from "./types";
3
- export declare const createAcoContext: () => ContextPlugin<AcoContext>;
3
+ interface CreateAcoContextParams {
4
+ useFolderLevelPermissions?: boolean;
5
+ }
6
+ export declare const createAcoContext: (params?: CreateAcoContextParams) => ContextPlugin<AcoContext>;
7
+ export {};
package/createAcoContext.js CHANGED
@@ -22,7 +22,7 @@ var _folder2 = require("./folder/folder.model");
22
22
  var _createOperationsWrapper = require("./utils/createOperationsWrapper");
23
23
  var _getFieldValues = require("./utils/getFieldValues");
24
24
  var _filter = require("./filter/filter.crud");
25
- const setupAcoContext = async context => {
25
+ const setupAcoContext = async (context, setupAcoContextParams) => {
26
26
  const {
27
27
  tenancy,
28
28
  security,
@@ -101,7 +101,13 @@ const setupAcoContext = async context => {
101
101
  });
102
102
  },
103
103
  canUseTeams: () => context.wcp.canUseTeams(),
104
- canUseFolderLevelPermissions: () => context.wcp.canUseFolderLevelPermissions()
104
+ canUseFolderLevelPermissions: () => {
105
+ if (setupAcoContextParams.useFolderLevelPermissions === false) {
106
+ return false;
107
+ }
108
+ return context.wcp.canUseFolderLevelPermissions();
109
+ },
110
+ isAuthorizationEnabled: () => context.security.isAuthorizationEnabled()
105
111
  });
106
112
  const params = {
107
113
  getLocale,
@@ -163,7 +169,7 @@ const setupAcoContext = async context => {
163
169
  }
164
170
  };
165
171
 
166
- const createAcoContext = () => {
172
+ const createAcoContext = (params = {}) => {
167
173
  const plugin = new _api.ContextPlugin(async context => {
168
174
  /**
169
175
  * We can skip the ACO initialization if the installation is pending.
@@ -172,7 +178,7 @@ const createAcoContext = () => {
172
178
  return;
173
179
  }
174
180
  await context.benchmark.measure("aco.context.setup", async () => {
175
- await setupAcoContext(context);
181
+ await setupAcoContext(context, params);
176
182
  });
177
183
  await context.benchmark.measure("aco.context.hooks", async () => {
178
184
  await (0, _createAcoHooks.createAcoHooks)(context);
package/createAcoContext.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_error","_interopRequireDefault","require","_api","_createAcoHooks","_createAcoStorageOperations","_isInstallationPending","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_getFieldValues","_filter","setupAcoContext","context","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","getIdentityTeam","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","team","getTeam","listPermissions","listAllFolders","type","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","results","entries","list","limit","latest","sort","items","map","entry","getFolderFieldValues","baseFields","canUseTeams","wcp","canUseFolderLevelPermissions","params","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","plugin","register","_objectSpread2","default","app","listAdminUsers","listUsers","listTeams","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isInstallationPending","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { baseFields, createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport { isInstallationPending } from \"~/utils/isInstallationPending\";\nimport { AcoContext, CreateAcoParams, IAcoAppRegisterParams } from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { getFolderFieldValues } from \"~/utils/getFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\nconst setupAcoContext = async (context: AcoContext): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n getIdentityTeam: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n if (!identity) {\n return null;\n }\n\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return null;\n }\n\n if (!adminUser.team) {\n return null;\n }\n\n return context.security.getTeam({ where: { id: adminUser.team } });\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: type => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n const results = await context.cms.storageOperations.entries.list(model, {\n limit: 100_000,\n where: {\n type,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n sort: [\"title_ASC\"]\n });\n\n return results.items.map(entry => getFolderFieldValues(entry, baseFields));\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => context.wcp.canUseFolderLevelPermissions()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => {\n return security.withoutAuthorization(async () => {\n return context.adminUsers.listUsers();\n });\n };\n const listTeams = () => {\n return security.withoutAuthorization(async () => {\n return context.security.listTeams();\n });\n };\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = () => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (isInstallationPending(context)) {\n return;\n }\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,2BAAA,GAAAH,OAAA;AACA,IAAAI,sBAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,eAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAEA,MAAMgB,eAAe,GAAG,MAAOC,OAAmB,IAAoB;EAClE,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGH,OAAO;EAE3C,MAAMI,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEZ,OAAO,CAACY,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMb,OAAO;IAC5BE;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,eAAe,EAAE,MAAAA,CAAA,KAAY;MACzB,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,IAAI,CAACG,QAAQ,EAAE;UACX,OAAO,IAAI;QACf;QAEA,MAAMC,SAAS,GAAG,MAAMpB,OAAO,CAACqB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,IAAI;QACf;QAEA,IAAI,CAACA,SAAS,CAACK,IAAI,EAAE;UACjB,OAAO,IAAI;QACf;QAEA,OAAOzB,OAAO,CAACE,QAAQ,CAACwB,OAAO,CAAC;UAAEH,KAAK,EAAE;YAAEC,EAAE,EAAEJ,SAAS,CAACK;UAAK;QAAE,CAAC,CAAC;MACtE,CAAC,CAAC;IACN,CAAC;IACDE,eAAe,EAAEA,CAAA,KAAMzB,QAAQ,CAACyB,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAEC,IAAI,IAAI;MACpB;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BrB,GAAG,EAAEZ,OAAO,CAACY,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMb,OAAO;QAC5BE;MACJ,CAAC,CAAC;MAEF,OAAO4B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,MAAMC,OAAO,GAAG,MAAMnC,OAAO,CAACY,GAAG,CAACF,iBAAiB,CAAC0B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;UACpEI,KAAK,EAAE,OAAO;UACdf,KAAK,EAAE;YACHM,IAAI;YAEJ;YACAU,MAAM,EAAE;UACZ,CAAC;UACDC,IAAI,EAAE,CAAC,WAAW;QACtB,CAAC,CAAC;QAEF,OAAOL,OAAO,CAACM,KAAK,CAACC,GAAG,CAACC,KAAK,IAAI,IAAAC,oCAAoB,EAACD,KAAK,EAAEE,sCAAU,CAAC,CAAC;MAC9E,CAAC,CAAC;IACN,CAAC;IACDC,WAAW,EAAEA,CAAA,KAAM9C,OAAO,CAAC+C,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAMhD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC;EACjF,CAAC,CAAC;EAEF,MAAMC,MAAuB,GAAG;IAC5B7C,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAMoC,kBAAkB,GAAG,MAAMlD,OAAO,CAACE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOlB,OAAO,CAACY,GAAG,CAACuC,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAI3C,cAAW,CAAE,uCAAsC6C,+BAAuB,EAAC,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAACtD,OAAO,EAAEiD,MAAM,CAAC;EACzC,MAAMM,OAAO,GAAGvD,OAAO,CAACuD,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAAC5B,IAAI,CAAC;EACvF,KAAK,MAAM6B,MAAM,IAAIH,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;MACf3B,KAAK,EAAEgB;IAAkB,GACtBQ,MAAM,CAACI,GAAG,CAChB,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM;IACzB,OAAO7D,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOlB,OAAO,CAACqB,UAAU,CAAC2C,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC;EACN,CAAC;EACD,MAAMC,SAAS,GAAGA,CAAA,KAAM;IACpB,OAAO/D,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOlB,OAAO,CAACE,QAAQ,CAAC+D,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC;EACN,CAAC;EAEDjE,OAAO,CAACkE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,MAAAR,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACxBZ,MAAM;MACTc,cAAc;MACdE;IAAS,EACZ,CAAC;IACFI,MAAM,EAAE,IAAAC,qCAA6B,EAACrB,MAAM,CAAC;IAC7CnC,sBAAsB;IACtByD,MAAM,EAAE,IAAAC,+BAAuB,EAACvB,MAAM,CAAC;IACvCI,IAAI;IACJoB,MAAM,EAAGC,IAAY,IAAKrB,IAAI,CAACsB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMvB,IAAI,CAAChB,IAAI,CAAC,CAAC;IAC3BwC,WAAW,EAAE,MAAO5B,MAA6B,IAAK;MAClD,OAAOI,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;QAChB3B,KAAK,EAAEgB;MAAkB,GACtBD,MAAM,CACZ,CAAC;IACN;EACJ,CAAC;EAED,IAAIjD,OAAO,CAAC+C,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAI8B,kDAAwB,CAAC;MAAE9E;IAAQ,CAAC,CAAC,CAAC+E,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;;AAEM,MAAMC,gBAAgB,GAAGA,CAAA,KAAM;EAClC,MAAMtB,MAAM,GAAG,IAAIuB,kBAAa,CAAa,MAAMjF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,IAAAkF,4CAAqB,EAAClF,OAAO,CAAC,EAAE;MAChC;IACJ;IACA,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAMrF,eAAe,CAACC,OAAO,CAAC;IAClC,CAAC,CAAC;IAEF,MAAMA,OAAO,CAACmF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAACrF,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEF0D,MAAM,CAACgB,IAAI,GAAG,mBAAmB;EAEjC,OAAOhB,MAAM;AACjB,CAAC;AAAC4B,OAAA,CAAAN,gBAAA,GAAAA,gBAAA"}
1
+ {"version":3,"names":["_error","_interopRequireDefault","require","_api","_createAcoHooks","_createAcoStorageOperations","_isInstallationPending","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_getFieldValues","_filter","setupAcoContext","context","setupAcoContextParams","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","getIdentityTeam","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","team","getTeam","listPermissions","listAllFolders","type","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","results","entries","list","limit","latest","sort","items","map","entry","getFolderFieldValues","baseFields","canUseTeams","wcp","canUseFolderLevelPermissions","useFolderLevelPermissions","isAuthorizationEnabled","params","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","plugin","register","_objectSpread2","default","app","listAdminUsers","listUsers","listTeams","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isInstallationPending","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { baseFields, createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport { isInstallationPending } from \"~/utils/isInstallationPending\";\nimport { AcoContext, CreateAcoParams, IAcoAppRegisterParams } from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { getFolderFieldValues } from \"~/utils/getFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\ninterface CreateAcoContextParams {\n useFolderLevelPermissions?: boolean;\n}\n\nconst setupAcoContext = async (\n context: AcoContext,\n setupAcoContextParams: CreateAcoContextParams\n): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n getIdentityTeam: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n if (!identity) {\n return null;\n }\n\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return null;\n }\n\n if (!adminUser.team) {\n return null;\n }\n\n return context.security.getTeam({ where: { id: adminUser.team } });\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: type => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n const results = await context.cms.storageOperations.entries.list(model, {\n limit: 100_000,\n where: {\n type,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n sort: [\"title_ASC\"]\n });\n\n return results.items.map(entry => getFolderFieldValues(entry, baseFields));\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => {\n if (setupAcoContextParams.useFolderLevelPermissions === false) {\n return false;\n }\n\n return context.wcp.canUseFolderLevelPermissions();\n },\n isAuthorizationEnabled: () => context.security.isAuthorizationEnabled()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => {\n return security.withoutAuthorization(async () => {\n return context.adminUsers.listUsers();\n });\n };\n const listTeams = () => {\n return security.withoutAuthorization(async () => {\n return context.security.listTeams();\n });\n };\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = (params: CreateAcoContextParams = {}) => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (isInstallationPending(context)) {\n return;\n }\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context, params);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,2BAAA,GAAAH,OAAA;AACA,IAAAI,sBAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,eAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAMA,MAAMgB,eAAe,GAAG,MAAAA,CACpBC,OAAmB,EACnBC,qBAA6C,KAC7B;EAChB,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGJ,OAAO;EAE3C,MAAMK,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEb,OAAO,CAACa,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMd,OAAO;IAC5BG;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,eAAe,EAAE,MAAAA,CAAA,KAAY;MACzB,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,IAAI,CAACG,QAAQ,EAAE;UACX,OAAO,IAAI;QACf;QAEA,MAAMC,SAAS,GAAG,MAAMrB,OAAO,CAACsB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,IAAI;QACf;QAEA,IAAI,CAACA,SAAS,CAACK,IAAI,EAAE;UACjB,OAAO,IAAI;QACf;QAEA,OAAO1B,OAAO,CAACG,QAAQ,CAACwB,OAAO,CAAC;UAAEH,KAAK,EAAE;YAAEC,EAAE,EAAEJ,SAAS,CAACK;UAAK;QAAE,CAAC,CAAC;MACtE,CAAC,CAAC;IACN,CAAC;IACDE,eAAe,EAAEA,CAAA,KAAMzB,QAAQ,CAACyB,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAEC,IAAI,IAAI;MACpB;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BrB,GAAG,EAAEb,OAAO,CAACa,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMd,OAAO;QAC5BG;MACJ,CAAC,CAAC;MAEF,OAAO4B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,MAAMC,OAAO,GAAG,MAAMpC,OAAO,CAACa,GAAG,CAACF,iBAAiB,CAAC0B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;UACpEI,KAAK,EAAE,OAAO;UACdf,KAAK,EAAE;YACHM,IAAI;YAEJ;YACAU,MAAM,EAAE;UACZ,CAAC;UACDC,IAAI,EAAE,CAAC,WAAW;QACtB,CAAC,CAAC;QAEF,OAAOL,OAAO,CAACM,KAAK,CAACC,GAAG,CAACC,KAAK,IAAI,IAAAC,oCAAoB,EAACD,KAAK,EAAEE,sCAAU,CAAC,CAAC;MAC9E,CAAC,CAAC;IACN,CAAC;IACDC,WAAW,EAAEA,CAAA,KAAM/C,OAAO,CAACgD,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAM;MAChC,IAAIhD,qBAAqB,CAACiD,yBAAyB,KAAK,KAAK,EAAE;QAC3D,OAAO,KAAK;MAChB;MAEA,OAAOlD,OAAO,CAACgD,GAAG,CAACC,4BAA4B,CAAC,CAAC;IACrD,CAAC;IACDE,sBAAsB,EAAEA,CAAA,KAAMnD,OAAO,CAACG,QAAQ,CAACgD,sBAAsB,CAAC;EAC1E,CAAC,CAAC;EAEF,MAAMC,MAAuB,GAAG;IAC5B/C,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAMsC,kBAAkB,GAAG,MAAMrD,OAAO,CAACG,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOnB,OAAO,CAACa,GAAG,CAACyC,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAI7C,cAAW,CAAE,uCAAsC+C,+BAAuB,EAAC,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAACzD,OAAO,EAAEoD,MAAM,CAAC;EACzC,MAAMM,OAAO,GAAG1D,OAAO,CAAC0D,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAAC9B,IAAI,CAAC;EACvF,KAAK,MAAM+B,MAAM,IAAIH,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;MACf7B,KAAK,EAAEkB;IAAkB,GACtBQ,MAAM,CAACI,GAAG,CAChB,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM;IACzB,OAAO/D,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACsB,UAAU,CAAC6C,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC;EACN,CAAC;EACD,MAAMC,SAAS,GAAGA,CAAA,KAAM;IACpB,OAAOjE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACG,QAAQ,CAACiE,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC;EACN,CAAC;EAEDpE,OAAO,CAACqE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,MAAAR,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACxBZ,MAAM;MACTc,cAAc;MACdE;IAAS,EACZ,CAAC;IACFI,MAAM,EAAE,IAAAC,qCAA6B,EAACrB,MAAM,CAAC;IAC7CrC,sBAAsB;IACtB2D,MAAM,EAAE,IAAAC,+BAAuB,EAACvB,MAAM,CAAC;IACvCI,IAAI;IACJoB,MAAM,EAAGC,IAAY,IAAKrB,IAAI,CAACsB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMvB,IAAI,CAAClB,IAAI,CAAC,CAAC;IAC3B0C,WAAW,EAAE,MAAO5B,MAA6B,IAAK;MAClD,OAAOI,IAAI,CAACM,QAAQ,KAAAC,cAAA,CAAAC,OAAA;QAChB7B,KAAK,EAAEkB;MAAkB,GACtBD,MAAM,CACZ,CAAC;IACN;EACJ,CAAC;EAED,IAAIpD,OAAO,CAACgD,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAIgC,kDAAwB,CAAC;MAAEjF;IAAQ,CAAC,CAAC,CAACkF,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;;AAEM,MAAMC,gBAAgB,GAAGA,CAAC/B,MAA8B,GAAG,CAAC,CAAC,KAAK;EACrE,MAAMS,MAAM,GAAG,IAAIuB,kBAAa,CAAa,MAAMpF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,IAAAqF,4CAAqB,EAACrF,OAAO,CAAC,EAAE;MAChC;IACJ;IACA,MAAMA,OAAO,CAACsF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAMxF,eAAe,CAACC,OAAO,EAAEoD,MAAM,CAAC;IAC1C,CAAC,CAAC;IAEF,MAAMpD,OAAO,CAACsF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAACxF,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEF6D,MAAM,CAACgB,IAAI,GAAG,mBAAmB;EAEjC,OAAOhB,MAAM;AACjB,CAAC;AAAC4B,OAAA,CAAAN,gBAAA,GAAAA,gBAAA"}
package/index.d.ts CHANGED
@@ -3,4 +3,7 @@ export { FOLDER_MODEL_ID } from "./folder/folder.model";
3
3
  export { FILTER_MODEL_ID } from "./filter/filter.model";
4
4
  export * from "./apps";
5
5
  export * from "./plugins";
6
- export declare const createAco: () => (import("@webiny/api-headless-cms/types").CmsModelFieldToGraphQLPlugin<import("@webiny/api-headless-cms/types").CmsModelField> | import("@webiny/api").ContextPlugin<import("./types").AcoContext> | import("@webiny/handler-graphql").GraphQLSchemaPlugin<import("./types").AcoContext>)[];
6
+ export interface CreateAcoParams {
7
+ useFolderLevelPermissions?: boolean;
8
+ }
9
+ export declare const createAco: (params: CreateAcoParams) => (import("@webiny/api-headless-cms/types").CmsModelFieldToGraphQLPlugin<import("@webiny/api-headless-cms/types").CmsModelField> | import("@webiny/api").ContextPlugin<import("./types").AcoContext> | import("@webiny/handler-graphql").GraphQLSchemaPlugin<import("./types").AcoContext>)[];
package/index.js CHANGED
@@ -58,8 +58,8 @@ Object.keys(_plugins).forEach(function (key) {
58
58
  }
59
59
  });
60
60
  });
61
- const createAco = () => {
62
- return [...(0, _fields.createFields)(), (0, _createAcoContext.createAcoContext)(), ...(0, _createAcoGraphQL.createAcoGraphQL)()];
61
+ const createAco = params => {
62
+ return [...(0, _fields.createFields)(), (0, _createAcoContext.createAcoContext)(params), ...(0, _createAcoGraphQL.createAcoGraphQL)()];
63
63
  };
64
64
  exports.createAco = createAco;
65
65
 
package/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_createAcoContext","require","_createAcoGraphQL","_fields","_record","_folder","_filter","_apps","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_plugins","createAco","createFields","createAcoContext","createAcoGraphQL"],"sources":["index.ts"],"sourcesContent":["import { createAcoContext } from \"~/createAcoContext\";\nimport { createAcoGraphQL } from \"~/createAcoGraphQL\";\nimport { createFields } from \"~/fields\";\n\nexport { SEARCH_RECORD_MODEL_ID } from \"./record/record.model\";\nexport { FOLDER_MODEL_ID } from \"./folder/folder.model\";\nexport { FILTER_MODEL_ID } from \"./filter/filter.model\";\nexport * from \"./apps\";\nexport * from \"./plugins\";\n\nexport const createAco = () => {\n return [...createFields(), createAcoContext(), ...createAcoGraphQL()];\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAF,KAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,KAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,KAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,QAAA,GAAAnB,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAW,QAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,QAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,QAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AAEO,MAAMU,SAAS,GAAGA,CAAA,KAAM;EAC3B,OAAO,CAAC,GAAG,IAAAC,oBAAY,EAAC,CAAC,EAAE,IAAAC,kCAAgB,EAAC,CAAC,EAAE,GAAG,IAAAC,kCAAgB,EAAC,CAAC,CAAC;AACzE,CAAC;AAACR,OAAA,CAAAK,SAAA,GAAAA,SAAA"}
1
+ {"version":3,"names":["_createAcoContext","require","_createAcoGraphQL","_fields","_record","_folder","_filter","_apps","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_plugins","createAco","params","createFields","createAcoContext","createAcoGraphQL"],"sources":["index.ts"],"sourcesContent":["import { createAcoContext } from \"~/createAcoContext\";\nimport { createAcoGraphQL } from \"~/createAcoGraphQL\";\nimport { createFields } from \"~/fields\";\n\nexport { SEARCH_RECORD_MODEL_ID } from \"./record/record.model\";\nexport { FOLDER_MODEL_ID } from \"./folder/folder.model\";\nexport { FILTER_MODEL_ID } from \"./filter/filter.model\";\nexport * from \"./apps\";\nexport * from \"./plugins\";\n\nexport interface CreateAcoParams {\n useFolderLevelPermissions?: boolean;\n}\n\nexport const createAco = (params: CreateAcoParams) => {\n return [...createFields(), createAcoContext(params), ...createAcoGraphQL()];\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,iBAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,OAAA,GAAAJ,OAAA;AACA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,KAAA,GAAAN,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAF,KAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,KAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,KAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AACA,IAAAS,QAAA,GAAAnB,OAAA;AAAAO,MAAA,CAAAC,IAAA,CAAAW,QAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,QAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,QAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AAMO,MAAMU,SAAS,GAAIC,MAAuB,IAAK;EAClD,OAAO,CAAC,GAAG,IAAAC,oBAAY,EAAC,CAAC,EAAE,IAAAC,kCAAgB,EAACF,MAAM,CAAC,EAAE,GAAG,IAAAG,kCAAgB,EAAC,CAAC,CAAC;AAC/E,CAAC;AAACT,OAAA,CAAAK,SAAA,GAAAA,SAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webiny/api-aco",
3
- "version": "5.38.0-beta.3",
3
+ "version": "5.38.0-beta.5",
4
4
  "main": "index.js",
5
5
  "keywords": [
6
6
  "aco:base"
@@ -23,18 +23,18 @@
23
23
  },
24
24
  "dependencies": {
25
25
  "@ungap/structured-clone": "1.2.0",
26
- "@webiny/api": "5.38.0-beta.3",
27
- "@webiny/api-authentication": "5.38.0-beta.3",
28
- "@webiny/api-headless-cms": "5.38.0-beta.3",
29
- "@webiny/api-i18n": "5.38.0-beta.3",
30
- "@webiny/api-security": "5.38.0-beta.3",
31
- "@webiny/api-tenancy": "5.38.0-beta.3",
32
- "@webiny/error": "5.38.0-beta.3",
33
- "@webiny/handler": "5.38.0-beta.3",
34
- "@webiny/handler-graphql": "5.38.0-beta.3",
35
- "@webiny/pubsub": "5.38.0-beta.3",
36
- "@webiny/utils": "5.38.0-beta.3",
37
- "@webiny/validation": "5.38.0-beta.3",
26
+ "@webiny/api": "5.38.0-beta.5",
27
+ "@webiny/api-authentication": "5.38.0-beta.5",
28
+ "@webiny/api-headless-cms": "5.38.0-beta.5",
29
+ "@webiny/api-i18n": "5.38.0-beta.5",
30
+ "@webiny/api-security": "5.38.0-beta.5",
31
+ "@webiny/api-tenancy": "5.38.0-beta.5",
32
+ "@webiny/error": "5.38.0-beta.5",
33
+ "@webiny/handler": "5.38.0-beta.5",
34
+ "@webiny/handler-graphql": "5.38.0-beta.5",
35
+ "@webiny/pubsub": "5.38.0-beta.5",
36
+ "@webiny/utils": "5.38.0-beta.5",
37
+ "@webiny/validation": "5.38.0-beta.5",
38
38
  "lodash": "4.17.21"
39
39
  },
40
40
  "devDependencies": {
@@ -44,22 +44,22 @@
44
44
  "@babel/preset-typescript": "7.22.5",
45
45
  "@babel/runtime": "7.22.6",
46
46
  "@types/ungap__structured-clone": "0.3.0",
47
- "@webiny/api-admin-users": "5.38.0-beta.3",
48
- "@webiny/api-file-manager": "5.38.0-beta.3",
49
- "@webiny/api-i18n-ddb": "5.38.0-beta.3",
50
- "@webiny/api-security-so-ddb": "5.38.0-beta.3",
51
- "@webiny/api-tenancy-so-ddb": "5.38.0-beta.3",
52
- "@webiny/api-wcp": "5.38.0-beta.3",
53
- "@webiny/cli": "5.38.0-beta.3",
54
- "@webiny/handler-aws": "5.38.0-beta.3",
55
- "@webiny/plugins": "5.38.0-beta.3",
56
- "@webiny/project-utils": "5.38.0-beta.3",
57
- "@webiny/wcp": "5.38.0-beta.3",
47
+ "@webiny/api-admin-users": "5.38.0-beta.5",
48
+ "@webiny/api-file-manager": "5.38.0-beta.5",
49
+ "@webiny/api-i18n-ddb": "5.38.0-beta.5",
50
+ "@webiny/api-security-so-ddb": "5.38.0-beta.5",
51
+ "@webiny/api-tenancy-so-ddb": "5.38.0-beta.5",
52
+ "@webiny/api-wcp": "5.38.0-beta.5",
53
+ "@webiny/cli": "5.38.0-beta.5",
54
+ "@webiny/handler-aws": "5.38.0-beta.5",
55
+ "@webiny/plugins": "5.38.0-beta.5",
56
+ "@webiny/project-utils": "5.38.0-beta.5",
57
+ "@webiny/wcp": "5.38.0-beta.5",
58
58
  "graphql": "15.8.0",
59
59
  "prettier": "2.8.8",
60
60
  "rimraf": "3.0.2",
61
61
  "ttypescript": "1.5.15",
62
62
  "typescript": "4.7.4"
63
63
  },
64
- "gitHead": "fa1befb07e92cfe36928481333308d88c3348d6b"
64
+ "gitHead": "ca05a6c9e3e32a5255d3a2b5a79c000d709aab53"
65
65
  }
package/record/graphql/createAppResolvers.js CHANGED
@@ -13,11 +13,11 @@ var _acoRecordId = require("../../utils/acoRecordId");
13
13
  var _ensureAuthentication = require("../../utils/ensureAuthentication");
14
14
  const createAppResolvers = params => {
15
15
  const {
16
- app,
16
+ app: targetApp,
17
17
  models,
18
18
  plugins
19
19
  } = params;
20
- const model = app.model;
20
+ const model = targetApp.model;
21
21
  const apiName = model.singularApiName;
22
22
  const createFieldResolvers = (0, _createFieldResolvers.createFieldResolversFactory)({
23
23
  endpointType: "manage",
@@ -27,7 +27,7 @@ const createAppResolvers = params => {
27
27
  });
28
28
  const fieldResolvers = createFieldResolvers({
29
29
  graphQLType: apiName,
30
- fields: app.model.fields,
30
+ fields: targetApp.model.fields,
31
31
  isRoot: true,
32
32
  extraResolvers: {
33
33
  id: entry => {
@@ -41,18 +41,21 @@ const createAppResolvers = params => {
41
41
  const resolvers = {
42
42
  SearchQuery: {
43
43
  [`get${apiName}`]: async (_, args, context) => {
44
+ const app = context.aco.getApp(targetApp.name);
44
45
  return (0, _resolve.resolve)(() => {
45
46
  (0, _ensureAuthentication.ensureAuthentication)(context);
46
47
  return app.search.get(args.id);
47
48
  });
48
49
  },
49
50
  [`list${apiName}`]: async (_, args, context) => {
51
+ const app = context.aco.getApp(targetApp.name);
50
52
  return (0, _resolve.resolveList)(() => {
51
53
  (0, _ensureAuthentication.ensureAuthentication)(context);
52
54
  return app.search.list(args);
53
55
  });
54
56
  },
55
57
  [`list${apiName}Tags`]: async (_, args, context) => {
58
+ const app = context.aco.getApp(targetApp.name);
56
59
  return (0, _resolve.resolveList)(() => {
57
60
  (0, _ensureAuthentication.ensureAuthentication)(context);
58
61
  return app.search.listTags(args);
@@ -61,6 +64,7 @@ const createAppResolvers = params => {
61
64
  },
62
65
  SearchMutation: {
63
66
  [`create${apiName}`]: async (_, args, context) => {
67
+ const app = context.aco.getApp(targetApp.name);
64
68
  return (0, _resolve.resolve)(() => {
65
69
  var _args$data;
66
70
  (0, _ensureAuthentication.ensureAuthentication)(context);
@@ -73,6 +77,7 @@ const createAppResolvers = params => {
73
77
  });
74
78
  },
75
79
  [`update${apiName}`]: async (_, args, context) => {
80
+ const app = context.aco.getApp(targetApp.name);
76
81
  return (0, _resolve.resolve)(() => {
77
82
  (0, _ensureAuthentication.ensureAuthentication)(context);
78
83
  const {
@@ -82,6 +87,7 @@ const createAppResolvers = params => {
82
87
  });
83
88
  },
84
89
  [`move${apiName}`]: async (_, args, context) => {
90
+ const app = context.aco.getApp(targetApp.name);
85
91
  return (0, _resolve.resolve)(() => {
86
92
  (0, _ensureAuthentication.ensureAuthentication)(context);
87
93
  const {
@@ -91,6 +97,7 @@ const createAppResolvers = params => {
91
97
  });
92
98
  },
93
99
  [`delete${apiName}`]: async (_, args, context) => {
100
+ const app = context.aco.getApp(targetApp.name);
94
101
  return (0, _resolve.resolve)(() => {
95
102
  (0, _ensureAuthentication.ensureAuthentication)(context);
96
103
  const {
package/record/graphql/createAppResolvers.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_createFieldResolvers","require","_resolve","_utils","_acoRecordId","_ensureAuthentication","createAppResolvers","params","app","models","plugins","model","apiName","singularApiName","createFieldResolvers","createFieldResolversFactory","endpointType","fieldTypePlugins","fieldResolvers","graphQLType","fields","isRoot","extraResolvers","id","entry","parseIdentifier","removeAcoRecordPrefix","resolvers","SearchQuery","_","args","context","resolve","ensureAuthentication","search","get","resolveList","list","listTags","SearchMutation","_args$data","data","create","_objectSpread2","default","update","move","folderId","delete","Object","assign","entryId","exports"],"sources":["createAppResolvers.ts"],"sourcesContent":["import { CmsEntry, CmsFieldTypePlugins, CmsModel } from \"@webiny/api-headless-cms/types\";\nimport { createFieldResolversFactory } from \"@webiny/api-headless-cms/graphql/schema/createFieldResolvers\";\nimport { AcoContext, IAcoApp } from \"~/types\";\nimport { resolve, resolveList } from \"~/utils/resolve\";\nimport { parseIdentifier } from \"@webiny/utils\";\nimport { removeAcoRecordPrefix } from \"~/utils/acoRecordId\";\nimport { ensureAuthentication } from \"~/utils/ensureAuthentication\";\n\ninterface Params {\n app: IAcoApp;\n models: CmsModel[];\n plugins: CmsFieldTypePlugins;\n}\n\ninterface Resolvers {\n SearchQuery: Record<string, any>;\n SearchMutation: Record<string, any>;\n [key: string]: Record<string, any>;\n}\n\nexport const createAppResolvers = (params: Params): Resolvers => {\n const { app, models, plugins } = params;\n\n const model = app.model;\n const apiName = model.singularApiName;\n\n const createFieldResolvers = createFieldResolversFactory({\n endpointType: \"manage\",\n models,\n model,\n fieldTypePlugins: plugins\n });\n\n const fieldResolvers = createFieldResolvers({\n graphQLType: apiName,\n fields: app.model.fields,\n isRoot: true,\n extraResolvers: {\n id: (entry: CmsEntry) => {\n const { id } = parseIdentifier(entry.id);\n return removeAcoRecordPrefix(id);\n }\n }\n });\n\n const resolvers: Resolvers = {\n SearchQuery: {\n [`get${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolve(() => {\n ensureAuthentication(context);\n return app.search.get(args.id);\n });\n },\n [`list${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolveList(() => {\n ensureAuthentication(context);\n return app.search.list(args);\n });\n },\n [`list${apiName}Tags`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolveList(() => {\n ensureAuthentication(context);\n return app.search.listTags(args);\n });\n }\n },\n SearchMutation: {\n [`create${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.data?.id);\n return app.search.create({\n ...args.data,\n id\n });\n });\n },\n [`update${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.update(id, args.data || {});\n });\n },\n [`move${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.move(id, args.folderId);\n });\n },\n [`delete${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.delete(id);\n });\n }\n }\n };\n\n Object.assign(resolvers, fieldResolvers);\n delete resolvers[apiName].entryId;\n\n return resolvers;\n};\n"],"mappings":";;;;;;;;AACA,IAAAA,qBAAA,GAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,YAAA,GAAAH,OAAA;AACA,IAAAI,qBAAA,GAAAJ,OAAA;AAcO,MAAMK,kBAAkB,GAAIC,MAAc,IAAgB;EAC7D,MAAM;IAAEC,GAAG;IAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAGH,MAAM;EAEvC,MAAMI,KAAK,GAAGH,GAAG,CAACG,KAAK;EACvB,MAAMC,OAAO,GAAGD,KAAK,CAACE,eAAe;EAErC,MAAMC,oBAAoB,GAAG,IAAAC,iDAA2B,EAAC;IACrDC,YAAY,EAAE,QAAQ;IACtBP,MAAM;IACNE,KAAK;IACLM,gBAAgB,EAAEP;EACtB,CAAC,CAAC;EAEF,MAAMQ,cAAc,GAAGJ,oBAAoB,CAAC;IACxCK,WAAW,EAAEP,OAAO;IACpBQ,MAAM,EAAEZ,GAAG,CAACG,KAAK,CAACS,MAAM;IACxBC,MAAM,EAAE,IAAI;IACZC,cAAc,EAAE;MACZC,EAAE,EAAGC,KAAe,IAAK;QACrB,MAAM;UAAED;QAAG,CAAC,GAAG,IAAAE,sBAAe,EAACD,KAAK,CAACD,EAAE,CAAC;QACxC,OAAO,IAAAG,kCAAqB,EAACH,EAAE,CAAC;MACpC;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMI,SAAoB,GAAG;IACzBC,WAAW,EAAE;MACT,CAAE,MAAKhB,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACrE,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACF,OAAO,CAAC;UAC7B,OAAOvB,GAAG,CAAC0B,MAAM,CAACC,GAAG,CAACL,IAAI,CAACP,EAAE,CAAC;QAClC,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAMX,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACtE,OAAO,IAAAK,oBAAW,EAAC,MAAM;UACrB,IAAAH,0CAAoB,EAACF,OAAO,CAAC;UAC7B,OAAOvB,GAAG,CAAC0B,MAAM,CAACG,IAAI,CAACP,IAAI,CAAC;QAChC,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAMlB,OAAQ,MAAK,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QAC1E,OAAO,IAAAK,oBAAW,EAAC,MAAM;UACrB,IAAAH,0CAAoB,EAACF,OAAO,CAAC;UAC7B,OAAOvB,GAAG,CAAC0B,MAAM,CAACI,QAAQ,CAACR,IAAI,CAAC;QACpC,CAAC,CAAC;MACN;IACJ,CAAC;IACDS,cAAc,EAAE;MACZ,CAAE,SAAQ3B,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,OAAO,IAAAC,gBAAO,EAAC,MAAM;UAAA,IAAAQ,UAAA;UACjB,IAAAP,0CAAoB,EAACF,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,GAAAe,UAAA,GAACV,IAAI,CAACW,IAAI,cAAAD,UAAA,uBAATA,UAAA,CAAWjB,EAAE,CAAC;UAC7C,OAAOf,GAAG,CAAC0B,MAAM,CAACQ,MAAM,KAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACjBd,IAAI,CAACW,IAAI;YACZlB;UAAE,EACL,CAAC;QACN,CAAC,CAAC;MACN,CAAC;MACD,CAAE,SAAQX,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACF,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOf,GAAG,CAAC0B,MAAM,CAACW,MAAM,CAACtB,EAAE,EAAEO,IAAI,CAACW,IAAI,IAAI,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAM7B,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACtE,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACF,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOf,GAAG,CAAC0B,MAAM,CAACY,IAAI,CAACvB,EAAE,EAAEO,IAAI,CAACiB,QAAQ,CAAC;QAC7C,CAAC,CAAC;MACN,CAAC;MACD,CAAE,SAAQnC,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACF,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOf,GAAG,CAAC0B,MAAM,CAACc,MAAM,CAACzB,EAAE,CAAC;QAChC,CAAC,CAAC;MACN;IACJ;EACJ,CAAC;EAED0B,MAAM,CAACC,MAAM,CAACvB,SAAS,EAAET,cAAc,CAAC;EACxC,OAAOS,SAAS,CAACf,OAAO,CAAC,CAACuC,OAAO;EAEjC,OAAOxB,SAAS;AACpB,CAAC;AAACyB,OAAA,CAAA9C,kBAAA,GAAAA,kBAAA"}
1
+ {"version":3,"names":["_createFieldResolvers","require","_resolve","_utils","_acoRecordId","_ensureAuthentication","createAppResolvers","params","app","targetApp","models","plugins","model","apiName","singularApiName","createFieldResolvers","createFieldResolversFactory","endpointType","fieldTypePlugins","fieldResolvers","graphQLType","fields","isRoot","extraResolvers","id","entry","parseIdentifier","removeAcoRecordPrefix","resolvers","SearchQuery","_","args","context","aco","getApp","name","resolve","ensureAuthentication","search","get","resolveList","list","listTags","SearchMutation","_args$data","data","create","_objectSpread2","default","update","move","folderId","delete","Object","assign","entryId","exports"],"sources":["createAppResolvers.ts"],"sourcesContent":["import { CmsEntry, CmsFieldTypePlugins, CmsModel } from \"@webiny/api-headless-cms/types\";\nimport { createFieldResolversFactory } from \"@webiny/api-headless-cms/graphql/schema/createFieldResolvers\";\nimport { AcoContext, IAcoApp } from \"~/types\";\nimport { resolve, resolveList } from \"~/utils/resolve\";\nimport { parseIdentifier } from \"@webiny/utils\";\nimport { removeAcoRecordPrefix } from \"~/utils/acoRecordId\";\nimport { ensureAuthentication } from \"~/utils/ensureAuthentication\";\n\ninterface Params {\n app: IAcoApp;\n models: CmsModel[];\n plugins: CmsFieldTypePlugins;\n}\n\ninterface Resolvers {\n SearchQuery: Record<string, any>;\n SearchMutation: Record<string, any>;\n [key: string]: Record<string, any>;\n}\n\nexport const createAppResolvers = (params: Params): Resolvers => {\n const { app: targetApp, models, plugins } = params;\n\n const model = targetApp.model;\n const apiName = model.singularApiName;\n\n const createFieldResolvers = createFieldResolversFactory({\n endpointType: \"manage\",\n models,\n model,\n fieldTypePlugins: plugins\n });\n\n const fieldResolvers = createFieldResolvers({\n graphQLType: apiName,\n fields: targetApp.model.fields,\n isRoot: true,\n extraResolvers: {\n id: (entry: CmsEntry) => {\n const { id } = parseIdentifier(entry.id);\n return removeAcoRecordPrefix(id);\n }\n }\n });\n\n const resolvers: Resolvers = {\n SearchQuery: {\n [`get${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolve(() => {\n ensureAuthentication(context);\n return app.search.get(args.id);\n });\n },\n [`list${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolveList(() => {\n ensureAuthentication(context);\n return app.search.list(args);\n });\n },\n [`list${apiName}Tags`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolveList(() => {\n ensureAuthentication(context);\n return app.search.listTags(args);\n });\n }\n },\n SearchMutation: {\n [`create${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.data?.id);\n return app.search.create({\n ...args.data,\n id\n });\n });\n },\n [`update${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.update(id, args.data || {});\n });\n },\n [`move${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.move(id, args.folderId);\n });\n },\n [`delete${apiName}`]: async (_: unknown, args: any, context: AcoContext) => {\n const app = context.aco.getApp(targetApp.name);\n return resolve(() => {\n ensureAuthentication(context);\n const { id } = parseIdentifier(args.id);\n return app.search.delete(id);\n });\n }\n }\n };\n\n Object.assign(resolvers, fieldResolvers);\n delete resolvers[apiName].entryId;\n\n return resolvers;\n};\n"],"mappings":";;;;;;;;AACA,IAAAA,qBAAA,GAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,MAAA,GAAAF,OAAA;AACA,IAAAG,YAAA,GAAAH,OAAA;AACA,IAAAI,qBAAA,GAAAJ,OAAA;AAcO,MAAMK,kBAAkB,GAAIC,MAAc,IAAgB;EAC7D,MAAM;IAAEC,GAAG,EAAEC,SAAS;IAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAGJ,MAAM;EAElD,MAAMK,KAAK,GAAGH,SAAS,CAACG,KAAK;EAC7B,MAAMC,OAAO,GAAGD,KAAK,CAACE,eAAe;EAErC,MAAMC,oBAAoB,GAAG,IAAAC,iDAA2B,EAAC;IACrDC,YAAY,EAAE,QAAQ;IACtBP,MAAM;IACNE,KAAK;IACLM,gBAAgB,EAAEP;EACtB,CAAC,CAAC;EAEF,MAAMQ,cAAc,GAAGJ,oBAAoB,CAAC;IACxCK,WAAW,EAAEP,OAAO;IACpBQ,MAAM,EAAEZ,SAAS,CAACG,KAAK,CAACS,MAAM;IAC9BC,MAAM,EAAE,IAAI;IACZC,cAAc,EAAE;MACZC,EAAE,EAAGC,KAAe,IAAK;QACrB,MAAM;UAAED;QAAG,CAAC,GAAG,IAAAE,sBAAe,EAACD,KAAK,CAACD,EAAE,CAAC;QACxC,OAAO,IAAAG,kCAAqB,EAACH,EAAE,CAAC;MACpC;IACJ;EACJ,CAAC,CAAC;EAEF,MAAMI,SAAoB,GAAG;IACzBC,WAAW,EAAE;MACT,CAAE,MAAKhB,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACrE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACL,OAAO,CAAC;UAC7B,OAAOxB,GAAG,CAAC8B,MAAM,CAACC,GAAG,CAACR,IAAI,CAACP,EAAE,CAAC;QAClC,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAMX,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACtE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAK,oBAAW,EAAC,MAAM;UACrB,IAAAH,0CAAoB,EAACL,OAAO,CAAC;UAC7B,OAAOxB,GAAG,CAAC8B,MAAM,CAACG,IAAI,CAACV,IAAI,CAAC;QAChC,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAMlB,OAAQ,MAAK,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QAC1E,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAK,oBAAW,EAAC,MAAM;UACrB,IAAAH,0CAAoB,EAACL,OAAO,CAAC;UAC7B,OAAOxB,GAAG,CAAC8B,MAAM,CAACI,QAAQ,CAACX,IAAI,CAAC;QACpC,CAAC,CAAC;MACN;IACJ,CAAC;IACDY,cAAc,EAAE;MACZ,CAAE,SAAQ9B,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAC,gBAAO,EAAC,MAAM;UAAA,IAAAQ,UAAA;UACjB,IAAAP,0CAAoB,EAACL,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,GAAAkB,UAAA,GAACb,IAAI,CAACc,IAAI,cAAAD,UAAA,uBAATA,UAAA,CAAWpB,EAAE,CAAC;UAC7C,OAAOhB,GAAG,CAAC8B,MAAM,CAACQ,MAAM,KAAAC,cAAA,CAAAC,OAAA,MAAAD,cAAA,CAAAC,OAAA,MACjBjB,IAAI,CAACc,IAAI;YACZrB;UAAE,EACL,CAAC;QACN,CAAC,CAAC;MACN,CAAC;MACD,CAAE,SAAQX,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACL,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOhB,GAAG,CAAC8B,MAAM,CAACW,MAAM,CAACzB,EAAE,EAAEO,IAAI,CAACc,IAAI,IAAI,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC;MACN,CAAC;MACD,CAAE,OAAMhC,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACtE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACL,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOhB,GAAG,CAAC8B,MAAM,CAACY,IAAI,CAAC1B,EAAE,EAAEO,IAAI,CAACoB,QAAQ,CAAC;QAC7C,CAAC,CAAC;MACN,CAAC;MACD,CAAE,SAAQtC,OAAQ,EAAC,GAAG,OAAOiB,CAAU,EAAEC,IAAS,EAAEC,OAAmB,KAAK;QACxE,MAAMxB,GAAG,GAAGwB,OAAO,CAACC,GAAG,CAACC,MAAM,CAACzB,SAAS,CAAC0B,IAAI,CAAC;QAC9C,OAAO,IAAAC,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACL,OAAO,CAAC;UAC7B,MAAM;YAAER;UAAG,CAAC,GAAG,IAAAE,sBAAe,EAACK,IAAI,CAACP,EAAE,CAAC;UACvC,OAAOhB,GAAG,CAAC8B,MAAM,CAACc,MAAM,CAAC5B,EAAE,CAAC;QAChC,CAAC,CAAC;MACN;IACJ;EACJ,CAAC;EAED6B,MAAM,CAACC,MAAM,CAAC1B,SAAS,EAAET,cAAc,CAAC;EACxC,OAAOS,SAAS,CAACf,OAAO,CAAC,CAAC0C,OAAO;EAEjC,OAAO3B,SAAS;AACpB,CAAC;AAAC4B,OAAA,CAAAlD,kBAAA,GAAAA,kBAAA"}
package/utils/FolderLevelPermissions.d.ts CHANGED
@@ -39,6 +39,7 @@ export interface FolderLevelPermissionsParams {
39
39
  listAllFolders: (folderType: string) => Promise<Folder[]>;
40
40
  canUseTeams: () => boolean;
41
41
  canUseFolderLevelPermissions: () => boolean;
42
+ isAuthorizationEnabled: () => boolean;
42
43
  }
43
44
  export declare class FolderLevelPermissions {
44
45
  private readonly getIdentity;
@@ -47,6 +48,7 @@ export declare class FolderLevelPermissions {
47
48
  private readonly listAllFoldersCallback;
48
49
  private readonly canUseTeams;
49
50
  private readonly canUseFolderLevelPermissions;
51
+ private readonly isAuthorizationEnabled;
50
52
  private allFolders;
51
53
  constructor(params: FolderLevelPermissionsParams);
52
54
  listAllFolders(folderType: string): Promise<Folder[]>;
@@ -56,7 +58,7 @@ export declare class FolderLevelPermissions {
56
58
  getFolderPermissions(params: GetFolderPermissionsParams): Promise<FolderPermissionsListItem | undefined>;
57
59
  canAccessFolder(params: CanAccessFolderParams): Promise<boolean>;
58
60
  ensureCanAccessFolder(params: CanAccessFolderParams): Promise<void>;
59
- canManageFolderPermissions(folder: Folder): false | Promise<boolean>;
61
+ canManageFolderPermissions(folder: Folder): boolean | Promise<boolean>;
60
62
  canManageFolderStructure(folder: Folder): true | Promise<boolean>;
61
63
  canManageFolderContent(folder: Folder): true | Promise<boolean>;
62
64
  canAccessFolderContent(params: CanAccessFolderContentParams): Promise<boolean>;
package/utils/FolderLevelPermissions.js CHANGED
@@ -17,6 +17,7 @@ class FolderLevelPermissions {
17
17
  (0, _defineProperty2.default)(this, "listAllFoldersCallback", void 0);
18
18
  (0, _defineProperty2.default)(this, "canUseTeams", void 0);
19
19
  (0, _defineProperty2.default)(this, "canUseFolderLevelPermissions", void 0);
20
+ (0, _defineProperty2.default)(this, "isAuthorizationEnabled", void 0);
20
21
  (0, _defineProperty2.default)(this, "allFolders", {});
21
22
  this.getIdentity = params.getIdentity;
22
23
  this.getIdentityTeam = params.getIdentityTeam;
@@ -24,6 +25,15 @@ class FolderLevelPermissions {
24
25
  this.listAllFoldersCallback = params.listAllFolders;
25
26
  this.canUseTeams = params.canUseTeams;
26
27
  this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;
28
+ this.isAuthorizationEnabled = params.isAuthorizationEnabled;
29
+
30
+ // TODO: resolve this issue.
31
+ // We immediately enable authorization, because, at the moment, the rest of the system
32
+ // requires us to have FLP always enabled. We must now disable it, even if the security's
33
+ // `isAuthorizationEnabled` is set to false. To resolve this, we'll need to refactor CMS-based
34
+ // CRUD files and have them use CMS storage operations instead of CMS CRUD methods.
35
+ // We'll be handling this in the near future.
36
+ this.isAuthorizationEnabled = () => true;
27
37
  }
28
38
  async listAllFolders(folderType) {
29
39
  if (folderType in this.allFolders) {
@@ -53,7 +63,7 @@ class FolderLevelPermissions {
53
63
  }
54
64
  }
55
65
  async listFoldersPermissions(params) {
56
- if (!this.canUseFolderLevelPermissions()) {
66
+ if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {
57
67
  return [];
58
68
  }
59
69
  const {
@@ -185,7 +195,7 @@ class FolderLevelPermissions {
185
195
  return folderPermissionsList.find(fp => fp.folderId === folder.id);
186
196
  }
187
197
  async canAccessFolder(params) {
188
- if (!this.canUseFolderLevelPermissions()) {
198
+ if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {
189
199
  return true;
190
200
  }
191
201
  const {
@@ -244,6 +254,9 @@ class FolderLevelPermissions {
244
254
  if (!this.canUseFolderLevelPermissions()) {
245
255
  return false;
246
256
  }
257
+ if (!this.isAuthorizationEnabled()) {
258
+ return true;
259
+ }
247
260
  return this.canAccessFolder({
248
261
  folder,
249
262
  rwd: "w",
@@ -251,7 +264,7 @@ class FolderLevelPermissions {
251
264
  });
252
265
  }
253
266
  canManageFolderStructure(folder) {
254
- if (!this.canUseFolderLevelPermissions()) {
267
+ if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {
255
268
  return true;
256
269
  }
257
270
  return this.canAccessFolder({
@@ -260,7 +273,7 @@ class FolderLevelPermissions {
260
273
  });
261
274
  }
262
275
  canManageFolderContent(folder) {
263
- if (!this.canUseFolderLevelPermissions()) {
276
+ if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {
264
277
  return true;
265
278
  }
266
279
  return this.canAccessFolderContent({
@@ -269,7 +282,7 @@ class FolderLevelPermissions {
269
282
  });
270
283
  }
271
284
  async canAccessFolderContent(params) {
272
- if (!this.canUseFolderLevelPermissions()) {
285
+ if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {
273
286
  return true;
274
287
  }
275
288
  const {
package/utils/FolderLevelPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_apiSecurity","require","_structuredClone","_interopRequireDefault","FolderLevelPermissions","constructor","params","_defineProperty2","default","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","folderType","allFolders","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateCache","listFoldersPermissions","foldersList","identity","permissions","identityTeam","processedFolderPermissions","processFolderPermissions","folder","_folder$permissions","some","fp","folderId","id","currentFolderPermissions","map","permission","_objectSpread2","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","hasFullAccess","name","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","type","canAccessFolder","canAccessParentFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\nimport structuredClone from \"@ungap/structured-clone\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n if (!this.canUseFolderLevelPermissions()) {\n return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" + processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions = currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityIncludedInPermissions) {\n // Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] = currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeam) {\n // 2. Check the team user belongs to grants access to the folder.\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n return processedFolderPermissions;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const { folder } = params;\n\n // We check for parent folder access first because the passed folder should be\n // inaccessible if the parent folder is inaccessible.\n if (folder.parentId) {\n let foldersList = params.foldersList;\n if (!foldersList) {\n foldersList = await this.listAllFolders(folder.type);\n }\n\n const parentFolder = foldersList.find(f => f.id === folder.parentId);\n if (parentFolder) {\n const canAccessParentFolder = await this.canAccessFolder({\n ...params,\n folder: parentFolder\n });\n\n if (!canAccessParentFolder) {\n return false;\n }\n }\n }\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAmDO,MAAMG,sBAAsB,CAAC;EAShCC,WAAWA,CAACC,MAAoC,EAAE;IAAA,IAAAC,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA,sBAFH,CAAC,CAAC;IAG7C,IAAI,CAACC,WAAW,GAAGH,MAAM,CAACG,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGJ,MAAM,CAACI,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGL,MAAM,CAACK,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGN,MAAM,CAACO,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGR,MAAM,CAACQ,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGT,MAAM,CAACS,4BAA4B;EAC3E;EAEA,MAAMF,cAAcA,CAACG,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;MAC/B,OAAO,IAAAC,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACC,UAAU,CAACD,UAAU,CAAC,GAAG,MAAM,IAAI,CAACJ,sBAAsB,CAACI,UAAU,CAAC;IAC3E,OAAO,IAAAE,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;EACvD;EAEA,MAAMG,6BAA6BA,CAACH,UAAkB,EAAE;IACpD,MAAMI,OAAO,GAAG,MAAM,IAAI,CAACP,cAAc,CAACG,UAAU,CAAC;;IAErD;IACA,MAAMK,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,eAAeA,CAACT,UAAmB,EAAE;IACjC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACD,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACC,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEA,MAAMS,sBAAsBA,CACxBpB,MAAmC,EACL;IAC9B,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,EAAE;IACb;IAEA,MAAM;MAAEC,UAAU;MAAEW;IAAY,CAAC,GAAGrB,MAAM;IAE1C,MAAMW,UAAU,GAAGU,WAAW,KAAK,MAAM,IAAI,CAACd,cAAc,CAACG,UAAU,CAAC,CAAC;IACzE,MAAMY,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IACnC,MAAMoB,WAAW,GAAG,MAAM,IAAI,CAAClB,eAAe,CAAC,CAAC;IAEhD,IAAImB,YAAyB;IAC7B,IAAI,IAAI,CAAChB,WAAW,CAAC,CAAC,EAAE;MACpBgB,YAAY,GAAG,MAAM,IAAI,CAACpB,eAAe,CAAC,CAAC;IAC/C;IAEA,MAAMqB,0BAAuD,GAAG,EAAE;IAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;MAAA,IAAAC,mBAAA;MACjD,IAAIH,0BAA0B,CAACI,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC,EAAE;QAClE;MACJ;;MAEA;MACA,MAAMC,wBAAmD,GAAG;QACxDF,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QACnB;QACAT,WAAW,EAAE,EAAAK,mBAAA,GAAAD,MAAM,CAACJ,WAAW,cAAAK,mBAAA,uBAAlBA,mBAAA,CAAoBM,GAAG,CAACC,UAAU,QAAAC,cAAA,CAAAlC,OAAA,MAAUiC,UAAU,CAAG,CAAC,KAAI;MAC/E,CAAC;;MAED;MACA,IAAIR,MAAM,CAACU,QAAQ,EAAE;QACjB,MAAMC,YAAY,GAAG3B,UAAU,CAAE4B,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAE;QACrE,IAAIC,YAAY,EAAE;UACd;UACA,IAAIG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAClET,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKO,YAAY,CAACN,EACvC,CAAC;;UAED;UACA,IAAI,CAACS,gCAAgC,EAAE;YACnCf,wBAAwB,CAACY,YAAY,CAAC;YACtCG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAC9DT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACU,QACjC,CAAC;UACL;;UAEA;UACA,IAAII,gCAAgC,EAAE;YAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAClB,WAAW,CAACM,IAAI,CAC7Cc,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;YAEL;YACA;YACA;YACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBT,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;YAErD,IAAID,WAAW,EAAE;cACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAClB,WAAW,CAACW,GAAG,CAACS,CAAC,IAAI;gBAClD,WAAAP,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACOyC,CAAC;kBACJK,aAAa,EACT,SAAS,GAAGP,gCAAgC,CAAEV;gBAAQ;cAElE,CAAC,CAAC;cAENE,wBAAwB,CAACV,WAAW,CAAC0B,IAAI,CAAC,GAAGF,oBAAoB,CAAC;YACtE;UACJ;QACJ;MACJ;;MAEA;MACA;MACA;MACA,MAAMG,oCAAoC,GAAGjB,wBAAwB,CAACV,WAAW,CAACM,IAAI,CAClFc,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;MAED,IAAIkB,oCAAoC,EAAE;QACtC;QACA,MAAME,8BAA8B,GAChCnB,wBAAwB,CAACV,WAAW,CAAC8B,SAAS,CAC1CV,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;QAEL,IAAIoB,8BAA8B,GAAG,CAAC,EAAE;UACpC,MAAM,CAACE,yBAAyB,CAAC,GAAGrB,wBAAwB,CAACV,WAAW,CAACgC,MAAM,CAC3EH,8BAA8B,EAC9B,CACJ,CAAC;UACDnB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ,CAAC,MAAM;QACH;QACA,IAAIA,yBAAkD,GAAG,IAAI;;QAE7D;QACA,MAAMG,aAAa,GAAGlC,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACe,IAAI,KAAK,GAAG,CAAC;QAC3D,IAAID,aAAa,EAAE;UACfH,yBAAyB,GAAG;YACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;YAC9BY,KAAK,EAAE,OAAO;YACdI,aAAa,EAAE;UACnB,CAAC;QACL,CAAC,MAAM,IAAIxB,YAAY,EAAE;UACrB;UACA,MAAMmC,cAAc,GAAG1B,wBAAwB,CAACV,WAAW,CAACgB,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,QAAO3B,YAAY,CAAEQ,EAAG,EAC/C,CAAC;UAED,IAAI2B,cAAc,EAAE;YAChBL,yBAAyB,GAAG;cACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;cAC9BY,KAAK,EAAEe,cAAc,CAACf,KAAK;cAC3BI,aAAa,EAAE,OAAO,GAAGxB,YAAY,CAAEQ;YAC3C,CAAC;UACL;QACJ;QAEA,IAAIsB,yBAAyB,EAAE;UAC3B;UACA;UACArB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ;;MAEA;MACA;MACA,MAAMM,uBAAuB,GAAG3B,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;MACjF,IAAIc,uBAAuB,EAAE;QACzB3B,wBAAwB,CAACV,WAAW,GAAG,CACnC;UACI4B,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;UAC9BY,KAAK,EAAE,QAAQ;UACfI,aAAa,EAAE;QACnB,CAAC,CACJ;MACL;MAEAvB,0BAA0B,CAACwB,IAAI,CAAChB,wBAAwB,CAAC;IAC7D,CAAC;IAED,KAAK,IAAI4B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGlD,UAAU,CAAEmC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACzC,MAAMlC,MAAM,GAAGhB,UAAU,CAAEkD,CAAC,CAAC;MAC7BnC,wBAAwB,CAACC,MAAM,CAAC;IACpC;IAEA,OAAOF,0BAA0B;EACrC;EAEA,MAAMqC,oBAAoBA,CACtB9D,MAAkC,EACY;IAC9C,MAAM;MAAE2B,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IACtC,MAAM+D,qBAAqB,GAAG,MAAM,IAAI,CAAC3C,sBAAsB,CAAC;MAC5DV,UAAU,EAAEiB,MAAM,CAACqC,IAAI;MACvB3C;IACJ,CAAC,CAAC;IAEF,OAAO0C,qBAAqB,CAACxB,IAAI,CAACT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAACjE,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB;IAAO,CAAC,GAAG3B,MAAM;;IAEzB;IACA;IACA,IAAI2B,MAAM,CAACU,QAAQ,EAAE;MACjB,IAAIhB,WAAW,GAAGrB,MAAM,CAACqB,WAAW;MACpC,IAAI,CAACA,WAAW,EAAE;QACdA,WAAW,GAAG,MAAM,IAAI,CAACd,cAAc,CAACoB,MAAM,CAACqC,IAAI,CAAC;MACxD;MAEA,MAAM1B,YAAY,GAAGjB,WAAW,CAACkB,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAC;MACpE,IAAIC,YAAY,EAAE;QACd,MAAM4B,qBAAqB,GAAG,MAAM,IAAI,CAACD,eAAe,KAAA7B,cAAA,CAAAlC,OAAA,MAAAkC,cAAA,CAAAlC,OAAA,MACjDF,MAAM;UACT2B,MAAM,EAAEW;QAAY,EACvB,CAAC;QAEF,IAAI,CAAC4B,qBAAqB,EAAE;UACxB,OAAO,KAAK;QAChB;MACJ;IACJ;IAEA,MAAMC,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDnC,MAAM;MACNN,WAAW,EAAErB,MAAM,CAACqB;IACxB,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IACnC,MAAMmD,yBAAyB,GAAGa,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE5C,WAAW,CAACgB,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACsB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEV;IAAM,CAAC,GAAGU,yBAAyB;IAE3C,IAAItD,MAAM,CAACoE,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAI5C,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO2B,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAACrE,MAA6B,EAAE;IACvD,MAAMiE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAACjE,MAAM,CAAC;IAC1D,IAAI,CAACiE,eAAe,EAAE;MAClB,MAAM,IAAIK,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAC5C,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE,GAAG;MAAEmD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAAC7C,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEAwD,sBAAsBA,CAAC9C,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACiE,sBAAsB,CAAC;MAAE/C,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAMyD,sBAAsBA,CAAC1E,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB,MAAM;MAAEN;IAAY,CAAC,GAAGrB,MAAM;IAEtC,MAAMmE,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDnC,MAAM;MACNN;IACJ,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACnB,WAAW,CAAC,CAAC;IACnC,MAAMmD,yBAAyB,GAAGa,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE5C,WAAW,CAACgB,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACsB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAItD,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAE2B;MAAM,CAAC,GAAGU,yBAAyB;MAC3C,OAAOV,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAAC3E,MAAoC,EAAE;IACrE,MAAM0E,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAAC1E,MAAM,CAAC;IACxE,IAAI,CAAC0E,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAM5D,aAAaA,CAAChB,MAA2B,EAAE;IAC7C,MAAM6E,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAE/D,OAAO;MAAEG;IAAI,CAAC,GAAGjB,MAAM;IAC/B,KAAK,IAAI6D,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMI,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEtC,MAAM;QAAEV;MAAI,CAAC,CAAC;MACnE,IAAIgD,eAAe,EAAE;QACjBY,eAAe,CAAC5B,IAAI,CAACtB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOkD,eAAe;EAC1B;EAEA,MAAM3D,uBAAuBA,CAACS,MAAyB,EAAE;IACrD,MAAMb,OAAO,GAAGgE,KAAK,CAACC,OAAO,CAACpD,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIkC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMM,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;QAAEnC;MAAO,CAAC,CAAC;MACrE,IAAIwC,iBAAiB,EAAE;QACnBxC,MAAM,CAACJ,WAAW,GAAG4C,iBAAiB,CAAC5C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAyD,yCAAyCA,CAACjB,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,aAArBA,qBAAqB,uBAArBA,qBAAqB,CAAElC,IAAI,CAACc,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAAnF,sBAAA,GAAAA,sBAAA"}
1
+ {"version":3,"names":["_apiSecurity","require","_structuredClone","_interopRequireDefault","FolderLevelPermissions","constructor","params","_defineProperty2","default","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","isAuthorizationEnabled","folderType","allFolders","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateCache","listFoldersPermissions","foldersList","identity","permissions","identityTeam","processedFolderPermissions","processFolderPermissions","folder","_folder$permissions","some","fp","folderId","id","currentFolderPermissions","map","permission","_objectSpread2","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","hasFullAccess","name","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","type","canAccessFolder","canAccessParentFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\nimport structuredClone from \"@ungap/structured-clone\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n isAuthorizationEnabled: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private readonly isAuthorizationEnabled: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n\n this.isAuthorizationEnabled = params.isAuthorizationEnabled;\n\n // TODO: resolve this issue.\n // We immediately enable authorization, because, at the moment, the rest of the system\n // requires us to have FLP always enabled. We must now disable it, even if the security's\n // `isAuthorizationEnabled` is set to false. To resolve this, we'll need to refactor CMS-based\n // CRUD files and have them use CMS storage operations instead of CMS CRUD methods.\n // We'll be handling this in the near future.\n this.isAuthorizationEnabled = () => true;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" + processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions = currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityIncludedInPermissions) {\n // Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] = currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeam) {\n // 2. Check the team user belongs to grants access to the folder.\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n return processedFolderPermissions;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder } = params;\n\n // We check for parent folder access first because the passed folder should be\n // inaccessible if the parent folder is inaccessible.\n if (folder.parentId) {\n let foldersList = params.foldersList;\n if (!foldersList) {\n foldersList = await this.listAllFolders(folder.type);\n }\n\n const parentFolder = foldersList.find(f => f.id === folder.parentId);\n if (parentFolder) {\n const canAccessParentFolder = await this.canAccessFolder({\n ...params,\n folder: parentFolder\n });\n\n if (!canAccessParentFolder) {\n return false;\n }\n }\n }\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n if (!this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAoDO,MAAMG,sBAAsB,CAAC;EAUhCC,WAAWA,CAACC,MAAoC,EAAE;IAAA,IAAAC,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA;IAAA,IAAAD,gBAAA,CAAAC,OAAA,sBAFH,CAAC,CAAC;IAG7C,IAAI,CAACC,WAAW,GAAGH,MAAM,CAACG,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGJ,MAAM,CAACI,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGL,MAAM,CAACK,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGN,MAAM,CAACO,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGR,MAAM,CAACQ,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGT,MAAM,CAACS,4BAA4B;IAEvE,IAAI,CAACC,sBAAsB,GAAGV,MAAM,CAACU,sBAAsB;;IAE3D;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACA,sBAAsB,GAAG,MAAM,IAAI;EAC5C;EAEA,MAAMH,cAAcA,CAACI,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;MAC/B,OAAO,IAAAC,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACC,UAAU,CAACD,UAAU,CAAC,GAAG,MAAM,IAAI,CAACL,sBAAsB,CAACK,UAAU,CAAC;IAC3E,OAAO,IAAAE,wBAAe,EAAC,IAAI,CAACD,UAAU,CAACD,UAAU,CAAC,CAAC;EACvD;EAEA,MAAMG,6BAA6BA,CAACH,UAAkB,EAAE;IACpD,MAAMI,OAAO,GAAG,MAAM,IAAI,CAACR,cAAc,CAACI,UAAU,CAAC;;IAErD;IACA,MAAMK,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,eAAeA,CAACT,UAAmB,EAAE;IACjC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACC,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACD,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACC,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEA,MAAMS,sBAAsBA,CACxBrB,MAAmC,EACL;IAC9B,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,EAAE;IACb;IAEA,MAAM;MAAEC,UAAU;MAAEW;IAAY,CAAC,GAAGtB,MAAM;IAE1C,MAAMY,UAAU,GAAGU,WAAW,KAAK,MAAM,IAAI,CAACf,cAAc,CAACI,UAAU,CAAC,CAAC;IACzE,MAAMY,QAAQ,GAAG,IAAI,CAACpB,WAAW,CAAC,CAAC;IACnC,MAAMqB,WAAW,GAAG,MAAM,IAAI,CAACnB,eAAe,CAAC,CAAC;IAEhD,IAAIoB,YAAyB;IAC7B,IAAI,IAAI,CAACjB,WAAW,CAAC,CAAC,EAAE;MACpBiB,YAAY,GAAG,MAAM,IAAI,CAACrB,eAAe,CAAC,CAAC;IAC/C;IAEA,MAAMsB,0BAAuD,GAAG,EAAE;IAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;MAAA,IAAAC,mBAAA;MACjD,IAAIH,0BAA0B,CAACI,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC,EAAE;QAClE;MACJ;;MAEA;MACA,MAAMC,wBAAmD,GAAG;QACxDF,QAAQ,EAAEJ,MAAM,CAACK,EAAE;QACnB;QACAT,WAAW,EAAE,EAAAK,mBAAA,GAAAD,MAAM,CAACJ,WAAW,cAAAK,mBAAA,uBAAlBA,mBAAA,CAAoBM,GAAG,CAACC,UAAU,QAAAC,cAAA,CAAAnC,OAAA,MAAUkC,UAAU,CAAG,CAAC,KAAI;MAC/E,CAAC;;MAED;MACA,IAAIR,MAAM,CAACU,QAAQ,EAAE;QACjB,MAAMC,YAAY,GAAG3B,UAAU,CAAE4B,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAE;QACrE,IAAIC,YAAY,EAAE;UACd;UACA,IAAIG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAClET,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKO,YAAY,CAACN,EACvC,CAAC;;UAED;UACA,IAAI,CAACS,gCAAgC,EAAE;YACnCf,wBAAwB,CAACY,YAAY,CAAC;YACtCG,gCAAgC,GAAGhB,0BAA0B,CAACc,IAAI,CAC9DT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACU,QACjC,CAAC;UACL;;UAEA;UACA,IAAII,gCAAgC,EAAE;YAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAClB,WAAW,CAACM,IAAI,CAC7Cc,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;YAEL;YACA;YACA;YACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBT,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;YAErD,IAAID,WAAW,EAAE;cACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAClB,WAAW,CAACW,GAAG,CAACS,CAAC,IAAI;gBAClD,WAAAP,cAAA,CAAAnC,OAAA,MAAAmC,cAAA,CAAAnC,OAAA,MACO0C,CAAC;kBACJK,aAAa,EACT,SAAS,GAAGP,gCAAgC,CAAEV;gBAAQ;cAElE,CAAC,CAAC;cAENE,wBAAwB,CAACV,WAAW,CAAC0B,IAAI,CAAC,GAAGF,oBAAoB,CAAC;YACtE;UACJ;QACJ;MACJ;;MAEA;MACA;MACA;MACA,MAAMG,oCAAoC,GAAGjB,wBAAwB,CAACV,WAAW,CAACM,IAAI,CAClFc,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;MAED,IAAIkB,oCAAoC,EAAE;QACtC;QACA,MAAME,8BAA8B,GAChCnB,wBAAwB,CAACV,WAAW,CAAC8B,SAAS,CAC1CV,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAC3C,CAAC;QAEL,IAAIoB,8BAA8B,GAAG,CAAC,EAAE;UACpC,MAAM,CAACE,yBAAyB,CAAC,GAAGrB,wBAAwB,CAACV,WAAW,CAACgC,MAAM,CAC3EH,8BAA8B,EAC9B,CACJ,CAAC;UACDnB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ,CAAC,MAAM;QACH;QACA,IAAIA,yBAAkD,GAAG,IAAI;;QAE7D;QACA,MAAMG,aAAa,GAAGlC,WAAW,CAACM,IAAI,CAACc,CAAC,IAAIA,CAAC,CAACe,IAAI,KAAK,GAAG,CAAC;QAC3D,IAAID,aAAa,EAAE;UACfH,yBAAyB,GAAG;YACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;YAC9BY,KAAK,EAAE,OAAO;YACdI,aAAa,EAAE;UACnB,CAAC;QACL,CAAC,MAAM,IAAIxB,YAAY,EAAE;UACrB;UACA,MAAMmC,cAAc,GAAG1B,wBAAwB,CAACV,WAAW,CAACgB,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,QAAO3B,YAAY,CAAEQ,EAAG,EAC/C,CAAC;UAED,IAAI2B,cAAc,EAAE;YAChBL,yBAAyB,GAAG;cACxBH,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;cAC9BY,KAAK,EAAEe,cAAc,CAACf,KAAK;cAC3BI,aAAa,EAAE,OAAO,GAAGxB,YAAY,CAAEQ;YAC3C,CAAC;UACL;QACJ;QAEA,IAAIsB,yBAAyB,EAAE;UAC3B;UACA;UACArB,wBAAwB,CAACV,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ;;MAEA;MACA;MACA,MAAMM,uBAAuB,GAAG3B,wBAAwB,CAACV,WAAW,CAACuB,MAAM,KAAK,CAAC;MACjF,IAAIc,uBAAuB,EAAE;QACzB3B,wBAAwB,CAACV,WAAW,GAAG,CACnC;UACI4B,MAAM,EAAG,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;UAC9BY,KAAK,EAAE,QAAQ;UACfI,aAAa,EAAE;QACnB,CAAC,CACJ;MACL;MAEAvB,0BAA0B,CAACwB,IAAI,CAAChB,wBAAwB,CAAC;IAC7D,CAAC;IAED,KAAK,IAAI4B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGlD,UAAU,CAAEmC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACzC,MAAMlC,MAAM,GAAGhB,UAAU,CAAEkD,CAAC,CAAC;MAC7BnC,wBAAwB,CAACC,MAAM,CAAC;IACpC;IAEA,OAAOF,0BAA0B;EACrC;EAEA,MAAMqC,oBAAoBA,CACtB/D,MAAkC,EACY;IAC9C,MAAM;MAAE4B,MAAM;MAAEN;IAAY,CAAC,GAAGtB,MAAM;IACtC,MAAMgE,qBAAqB,GAAG,MAAM,IAAI,CAAC3C,sBAAsB,CAAC;MAC5DV,UAAU,EAAEiB,MAAM,CAACqC,IAAI;MACvB3C;IACJ,CAAC,CAAC;IAEF,OAAO0C,qBAAqB,CAACxB,IAAI,CAACT,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKJ,MAAM,CAACK,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAAClE,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB;IAAO,CAAC,GAAG5B,MAAM;;IAEzB;IACA;IACA,IAAI4B,MAAM,CAACU,QAAQ,EAAE;MACjB,IAAIhB,WAAW,GAAGtB,MAAM,CAACsB,WAAW;MACpC,IAAI,CAACA,WAAW,EAAE;QACdA,WAAW,GAAG,MAAM,IAAI,CAACf,cAAc,CAACqB,MAAM,CAACqC,IAAI,CAAC;MACxD;MAEA,MAAM1B,YAAY,GAAGjB,WAAW,CAACkB,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACR,EAAE,KAAKL,MAAM,CAACU,QAAQ,CAAC;MACpE,IAAIC,YAAY,EAAE;QACd,MAAM4B,qBAAqB,GAAG,MAAM,IAAI,CAACD,eAAe,KAAA7B,cAAA,CAAAnC,OAAA,MAAAmC,cAAA,CAAAnC,OAAA,MACjDF,MAAM;UACT4B,MAAM,EAAEW;QAAY,EACvB,CAAC;QAEF,IAAI,CAAC4B,qBAAqB,EAAE;UACxB,OAAO,KAAK;QAChB;MACJ;IACJ;IAEA,MAAMC,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDnC,MAAM;MACNN,WAAW,EAAEtB,MAAM,CAACsB;IACxB,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACpB,WAAW,CAAC,CAAC;IACnC,MAAMoD,yBAAyB,GAAGa,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE5C,WAAW,CAACgB,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACsB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEV;IAAM,CAAC,GAAGU,yBAAyB;IAE3C,IAAIvD,MAAM,CAACqE,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAI7C,MAAM,CAACkB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO2B,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAACtE,MAA6B,EAAE;IACvD,MAAMkE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAClE,MAAM,CAAC;IAC1D,IAAI,CAACkE,eAAe,EAAE;MAClB,MAAM,IAAIK,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAC5C,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAACnB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MAChC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE,GAAG;MAAEmD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAAC7C,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAACnB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEtC,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEAwD,sBAAsBA,CAAC9C,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAACnB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACiE,sBAAsB,CAAC;MAAE/C,MAAM;MAAEV,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAMyD,sBAAsBA,CAAC3E,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACS,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEkB,MAAM;MAAEN;IAAY,CAAC,GAAGtB,MAAM;IAEtC,MAAMoE,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDnC,MAAM;MACNN;IACJ,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACpB,WAAW,CAAC,CAAC;IACnC,MAAMoD,yBAAyB,GAAGa,iBAAiB,aAAjBA,iBAAiB,uBAAjBA,iBAAiB,CAAE5C,WAAW,CAACgB,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ7B,QAAQ,CAACU,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACsB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAIvD,MAAM,CAACkB,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAE2B;MAAM,CAAC,GAAGU,yBAAyB;MAC3C,OAAOV,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAAC5E,MAAoC,EAAE;IACrE,MAAM2E,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAAC3E,MAAM,CAAC;IACxE,IAAI,CAAC2E,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAM5D,aAAaA,CAACjB,MAA2B,EAAE;IAC7C,MAAM8E,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAE/D,OAAO;MAAEG;IAAI,CAAC,GAAGlB,MAAM;IAC/B,KAAK,IAAI8D,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMI,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEtC,MAAM;QAAEV;MAAI,CAAC,CAAC;MACnE,IAAIgD,eAAe,EAAE;QACjBY,eAAe,CAAC5B,IAAI,CAACtB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOkD,eAAe;EAC1B;EAEA,MAAM3D,uBAAuBA,CAACS,MAAyB,EAAE;IACrD,MAAMb,OAAO,GAAGgE,KAAK,CAACC,OAAO,CAACpD,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIkC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG/C,OAAO,CAACgC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGb,OAAO,CAAC+C,CAAC,CAAC;MACzB,MAAMM,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;QAAEnC;MAAO,CAAC,CAAC;MACrE,IAAIwC,iBAAiB,EAAE;QACnBxC,MAAM,CAACJ,WAAW,GAAG4C,iBAAiB,CAAC5C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAyD,yCAAyCA,CAACjB,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,aAArBA,qBAAqB,uBAArBA,qBAAqB,CAAElC,IAAI,CAACc,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAApF,sBAAA,GAAAA,sBAAA"}