@webiny/api-aco 5.39.1-beta.1 → 5.39.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/createAcoContext.js +2 -2
  2. package/createAcoContext.js.map +1 -1
  3. package/createAcoModels.js +1 -1
  4. package/createAcoModels.js.map +1 -1
  5. package/filter/filter.model.d.ts +1 -1
  6. package/filter/filter.model.js +4 -4
  7. package/filter/filter.model.js.map +1 -1
  8. package/folder/folder.crud.js +26 -22
  9. package/folder/folder.crud.js.map +1 -1
  10. package/folder/folder.model.d.ts +1 -1
  11. package/folder/folder.model.js +12 -4
  12. package/folder/folder.model.js.map +1 -1
  13. package/package.json +25 -25
  14. package/record/record.model.d.ts +2 -2
  15. package/record/record.model.js +12 -4
  16. package/record/record.model.js.map +1 -1
  17. package/record/record.so.js +83 -98
  18. package/record/record.so.js.map +1 -1
  19. package/utils/FolderLevelPermissions.d.ts +4 -2
  20. package/utils/FolderLevelPermissions.js +145 -129
  21. package/utils/FolderLevelPermissions.js.map +1 -1
  22. package/utils/createOperationsWrapper.js +5 -9
  23. package/utils/createOperationsWrapper.js.map +1 -1
  24. package/utils/decorators/CmsEntriesCrudDecorators.js +62 -11
  25. package/utils/decorators/CmsEntriesCrudDecorators.js.map +1 -1
  26. package/utils/isInstallationPending.d.ts +0 -4
  27. package/utils/isInstallationPending.js +0 -23
  28. package/utils/isInstallationPending.js.map +0 -1
package/utils/FolderLevelPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_apiSecurity","require","FolderLevelPermissions","allFolders","constructor","params","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","isAuthorizationEnabled","folderType","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateCache","updateCache","modifier","foldersClone","listFoldersPermissions","foldersList","identity","permissions","identityTeam","processedFolderPermissions","processFolderPermissions","folder","some","fp","folderId","id","currentFolderPermissions","map","permission","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","hasFullAccess","name","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","type","canAccessFolder","canAccessParentFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n isAuthorizationEnabled: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private readonly isAuthorizationEnabled: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n\n this.isAuthorizationEnabled = params.isAuthorizationEnabled;\n\n // TODO: resolve this issue.\n // We immediately enable authorization, because, at the moment, the rest of the system\n // requires us to have FLP always enabled. We must now disable it, even if the security's\n // `isAuthorizationEnabled` is set to false. To resolve this, we'll need to refactor CMS-based\n // CRUD files and have them use CMS storage operations instead of CMS CRUD methods.\n // We'll be handling this in the near future.\n this.isAuthorizationEnabled = () => true;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n updateCache(folderType: string, modifier: (folders: Folder[]) => Folder[]) {\n const foldersClone = structuredClone(this.allFolders[folderType]) || [];\n this.allFolders[folderType] = modifier(foldersClone);\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" + processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions = currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityIncludedInPermissions) {\n // Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] = currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeam) {\n // 2. Check the team user belongs to grants access to the folder.\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n return processedFolderPermissions;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder } = params;\n\n // We check for parent folder access first because the passed folder should be\n // inaccessible if the parent folder is inaccessible.\n if (folder.parentId) {\n let foldersList = params.foldersList;\n if (!foldersList) {\n foldersList = await this.listAllFolders(folder.type);\n }\n\n const parentFolder = foldersList.find(f => f.id === folder.parentId);\n if (parentFolder) {\n const canAccessParentFolder = await this.canAccessFolder({\n ...params,\n folder: parentFolder\n });\n\n if (!canAccessParentFolder) {\n return false;\n }\n }\n }\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n if (!this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AAoDO,MAAMC,sBAAsB,CAAC;EAQxBC,UAAU,GAA6B,CAAC,CAAC;EAEjDC,WAAWA,CAACC,MAAoC,EAAE;IAC9C,IAAI,CAACC,WAAW,GAAGD,MAAM,CAACC,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGF,MAAM,CAACE,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGH,MAAM,CAACG,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGJ,MAAM,CAACK,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGN,MAAM,CAACM,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGP,MAAM,CAACO,4BAA4B;IAEvE,IAAI,CAACC,sBAAsB,GAAGR,MAAM,CAACQ,sBAAsB;;IAE3D;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACA,sBAAsB,GAAG,MAAM,IAAI;EAC5C;EAEA,MAAMH,cAAcA,CAACI,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACX,UAAU,EAAE;MAC/B,OAAOY,eAAe,CAAC,IAAI,CAACZ,UAAU,CAACW,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACX,UAAU,CAACW,UAAU,CAAC,GAAG,MAAM,IAAI,CAACL,sBAAsB,CAACK,UAAU,CAAC;IAC3E,OAAOC,eAAe,CAAC,IAAI,CAACZ,UAAU,CAACW,UAAU,CAAC,CAAC;EACvD;EAEA,MAAME,6BAA6BA,CAACF,UAAkB,EAAE;IACpD,MAAMG,OAAO,GAAG,MAAM,IAAI,CAACP,cAAc,CAACI,UAAU,CAAC;;IAErD;IACA,MAAMI,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,eAAeA,CAACR,UAAmB,EAAE;IACjC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACX,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACW,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACX,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEAoB,WAAWA,CAACT,UAAkB,EAAEU,QAAyC,EAAE;IACvE,MAAMC,YAAY,GAAGV,eAAe,CAAC,IAAI,CAACZ,UAAU,CAACW,UAAU,CAAC,CAAC,IAAI,EAAE;IACvE,IAAI,CAACX,UAAU,CAACW,UAAU,CAAC,GAAGU,QAAQ,CAACC,YAAY,CAAC;EACxD;EAEA,MAAMC,sBAAsBA,CACxBrB,MAAmC,EACL;IAC9B,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,EAAE;IACb;IAEA,MAAM;MAAEC,UAAU;MAAEa;IAAY,CAAC,GAAGtB,MAAM;IAE1C,MAAMF,UAAU,GAAGwB,WAAW,KAAK,MAAM,IAAI,CAACjB,cAAc,CAACI,UAAU,CAAC,CAAC;IACzE,MAAMc,QAAQ,GAAG,IAAI,CAACtB,WAAW,CAAC,CAAC;IACnC,MAAMuB,WAAW,GAAG,MAAM,IAAI,CAACrB,eAAe,CAAC,CAAC;IAEhD,IAAIsB,YAAyB;IAC7B,IAAI,IAAI,CAACnB,WAAW,CAAC,CAAC,EAAE;MACpBmB,YAAY,GAAG,MAAM,IAAI,CAACvB,eAAe,CAAC,CAAC;IAC/C;IAEA,MAAMwB,0BAAuD,GAAG,EAAE;IAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;MACjD,IAAIF,0BAA0B,CAACG,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC,EAAE;QAClE;MACJ;;MAEA;MACA,MAAMC,wBAAmD,GAAG;QACxDF,QAAQ,EAAEH,MAAM,CAACI,EAAE;QACnB;QACAR,WAAW,EAAEI,MAAM,CAACJ,WAAW,EAAEU,GAAG,CAACC,UAAU,KAAK;UAAE,GAAGA;QAAW,CAAC,CAAC,CAAC,IAAI;MAC/E,CAAC;;MAED;MACA,IAAIP,MAAM,CAACQ,QAAQ,EAAE;QACjB,MAAMC,YAAY,GAAGvC,UAAU,CAAEwC,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACP,EAAE,KAAKJ,MAAM,CAACQ,QAAQ,CAAE;QACrE,IAAIC,YAAY,EAAE;UACd;UACA,IAAIG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAClER,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKM,YAAY,CAACL,EACvC,CAAC;;UAED;UACA,IAAI,CAACQ,gCAAgC,EAAE;YACnCb,wBAAwB,CAACU,YAAY,CAAC;YACtCG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAC9DR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACQ,QACjC,CAAC;UACL;;UAEA;UACA,IAAII,gCAAgC,EAAE;YAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAChB,WAAW,CAACK,IAAI,CAC7Ca,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;YAEL;YACA;YACA;YACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBR,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;YAErD,IAAID,WAAW,EAAE;cACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAChB,WAAW,CAACU,GAAG,CAACQ,CAAC,IAAI;gBAClD,OAAO;kBACH,GAAGA,CAAC;kBACJK,aAAa,EACT,SAAS,GAAGP,gCAAgC,CAAET;gBACtD,CAAC;cACL,CAAC,CAAC;cAENE,wBAAwB,CAACT,WAAW,CAACwB,IAAI,CAAC,GAAGF,oBAAoB,CAAC;YACtE;UACJ;QACJ;MACJ;;MAEA;MACA;MACA;MACA,MAAMG,oCAAoC,GAAGhB,wBAAwB,CAACT,WAAW,CAACK,IAAI,CAClFa,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAC3C,CAAC;MAED,IAAIiB,oCAAoC,EAAE;QACtC;QACA,MAAME,8BAA8B,GAChClB,wBAAwB,CAACT,WAAW,CAAC4B,SAAS,CAC1CV,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAC3C,CAAC;QAEL,IAAImB,8BAA8B,GAAG,CAAC,EAAE;UACpC,MAAM,CAACE,yBAAyB,CAAC,GAAGpB,wBAAwB,CAACT,WAAW,CAAC8B,MAAM,CAC3EH,8BAA8B,EAC9B,CACJ,CAAC;UACDlB,wBAAwB,CAACT,WAAW,CAAC+B,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ,CAAC,MAAM;QACH;QACA,IAAIA,yBAAkD,GAAG,IAAI;;QAE7D;QACA,MAAMG,aAAa,GAAGhC,WAAW,CAACK,IAAI,CAACa,CAAC,IAAIA,CAAC,CAACe,IAAI,KAAK,GAAG,CAAC;QAC3D,IAAID,aAAa,EAAE;UACfH,yBAAyB,GAAG;YACxBH,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;YAC9BW,KAAK,EAAE,OAAO;YACdI,aAAa,EAAE;UACnB,CAAC;QACL,CAAC,MAAM,IAAItB,YAAY,EAAE;UACrB;UACA,MAAMiC,cAAc,GAAGzB,wBAAwB,CAACT,WAAW,CAACc,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,QAAOzB,YAAY,CAAEO,EAAG,EAC/C,CAAC;UAED,IAAI0B,cAAc,EAAE;YAChBL,yBAAyB,GAAG;cACxBH,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;cAC9BW,KAAK,EAAEe,cAAc,CAACf,KAAK;cAC3BI,aAAa,EAAE,OAAO,GAAGtB,YAAY,CAAEO;YAC3C,CAAC;UACL;QACJ;QAEA,IAAIqB,yBAAyB,EAAE;UAC3B;UACA;UACApB,wBAAwB,CAACT,WAAW,CAAC+B,OAAO,CAACF,yBAAyB,CAAC;QAC3E;MACJ;;MAEA;MACA;MACA,MAAMM,uBAAuB,GAAG1B,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;MACjF,IAAIc,uBAAuB,EAAE;QACzB1B,wBAAwB,CAACT,WAAW,GAAG,CACnC;UACI0B,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;UAC9BW,KAAK,EAAE,QAAQ;UACfI,aAAa,EAAE;QACnB,CAAC,CACJ;MACL;MAEArB,0BAA0B,CAACsB,IAAI,CAACf,wBAAwB,CAAC;IAC7D,CAAC;IAED,KAAK,IAAI2B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG9D,UAAU,CAAE+C,MAAM,EAAEe,CAAC,EAAE,EAAE;MACzC,MAAMhC,MAAM,GAAG9B,UAAU,CAAE8D,CAAC,CAAC;MAC7BjC,wBAAwB,CAACC,MAAM,CAAC;IACpC;IAEA,OAAOF,0BAA0B;EACrC;EAEA,MAAMmC,oBAAoBA,CACtB7D,MAAkC,EACY;IAC9C,MAAM;MAAE4B,MAAM;MAAEN;IAAY,CAAC,GAAGtB,MAAM;IACtC,MAAM8D,qBAAqB,GAAG,MAAM,IAAI,CAACzC,sBAAsB,CAAC;MAC5DZ,UAAU,EAAEmB,MAAM,CAACmC,IAAI;MACvBzC;IACJ,CAAC,CAAC;IAEF,OAAOwC,qBAAqB,CAACxB,IAAI,CAACR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC;EACtE;EAEA,MAAMgC,eAAeA,CAAChE,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEoB;IAAO,CAAC,GAAG5B,MAAM;;IAEzB;IACA;IACA,IAAI4B,MAAM,CAACQ,QAAQ,EAAE;MACjB,IAAId,WAAW,GAAGtB,MAAM,CAACsB,WAAW;MACpC,IAAI,CAACA,WAAW,EAAE;QACdA,WAAW,GAAG,MAAM,IAAI,CAACjB,cAAc,CAACuB,MAAM,CAACmC,IAAI,CAAC;MACxD;MAEA,MAAM1B,YAAY,GAAGf,WAAW,CAACgB,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACP,EAAE,KAAKJ,MAAM,CAACQ,QAAQ,CAAC;MACpE,IAAIC,YAAY,EAAE;QACd,MAAM4B,qBAAqB,GAAG,MAAM,IAAI,CAACD,eAAe,CAAC;UACrD,GAAGhE,MAAM;UACT4B,MAAM,EAAES;QACZ,CAAC,CAAC;QAEF,IAAI,CAAC4B,qBAAqB,EAAE;UACxB,OAAO,KAAK;QAChB;MACJ;IACJ;IAEA,MAAMC,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDjC,MAAM;MACNN,WAAW,EAAEtB,MAAM,CAACsB;IACxB,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACtB,WAAW,CAAC,CAAC;IACnC,MAAMoD,yBAAyB,GAAGa,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACqB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEV;IAAM,CAAC,GAAGU,yBAAyB;IAE3C,IAAIrD,MAAM,CAACmE,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAI3C,MAAM,CAACe,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO4B,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAACpE,MAA6B,EAAE;IACvD,MAAMgE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAChE,MAAM,CAAC;IAC1D,IAAI,CAACgE,eAAe,EAAE;MAClB,MAAM,IAAIK,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAC1C,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAACrB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MAChC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEpC,MAAM;MAAEb,GAAG,EAAE,GAAG;MAAEoD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAAC3C,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAACrB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACwD,eAAe,CAAC;MAAEpC,MAAM;MAAEb,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEAyD,sBAAsBA,CAAC5C,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAACrB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACiE,sBAAsB,CAAC;MAAE7C,MAAM;MAAEb,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAM0D,sBAAsBA,CAACzE,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEoB,MAAM;MAAEN;IAAY,CAAC,GAAGtB,MAAM;IAEtC,MAAMkE,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;MACtDjC,MAAM;MACNN;IACJ,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAACtB,WAAW,CAAC,CAAC;IACnC,MAAMoD,yBAAyB,GAAGa,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACqB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAIrD,MAAM,CAACe,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAE4B;MAAM,CAAC,GAAGU,yBAAyB;MAC3C,OAAOV,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAAC1E,MAAoC,EAAE;IACrE,MAAMyE,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAACzE,MAAM,CAAC;IACxE,IAAI,CAACyE,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAM7D,aAAaA,CAACd,MAA2B,EAAE;IAC7C,MAAM4E,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAEhE,OAAO;MAAEG;IAAI,CAAC,GAAGf,MAAM;IAC/B,KAAK,IAAI4D,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGhD,OAAO,CAACiC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMhC,MAAM,GAAGhB,OAAO,CAACgD,CAAC,CAAC;MACzB,MAAMI,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEpC,MAAM;QAAEb;MAAI,CAAC,CAAC;MACnE,IAAIiD,eAAe,EAAE;QACjBY,eAAe,CAAC5B,IAAI,CAACpB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOgD,eAAe;EAC1B;EAEA,MAAM5D,uBAAuBA,CAACY,MAAyB,EAAE;IACrD,MAAMhB,OAAO,GAAGiE,KAAK,CAACC,OAAO,CAAClD,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIgC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGhD,OAAO,CAACiC,MAAM,EAAEe,CAAC,EAAE,EAAE;MACrC,MAAMhC,MAAM,GAAGhB,OAAO,CAACgD,CAAC,CAAC;MACzB,MAAMM,iBAAiB,GAAG,MAAM,IAAI,CAACL,oBAAoB,CAAC;QAAEjC;MAAO,CAAC,CAAC;MACrE,IAAIsC,iBAAiB,EAAE;QACnBtC,MAAM,CAACJ,WAAW,GAAG0C,iBAAiB,CAAC1C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAuD,yCAAyCA,CAACjB,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,EAAEjC,IAAI,CAACa,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAAnF,sBAAA,GAAAA,sBAAA"}
1
+ {"version":3,"names":["_apiSecurity","require","FolderLevelPermissions","allFolders","foldersPermissionsLists","constructor","params","getIdentity","getIdentityTeam","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","isAuthorizationEnabled","folderType","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateFoldersCache","invalidateFoldersPermissionsListCache","updateFoldersCache","modifier","foldersClone","listFoldersPermissions","existingFoldersPermissionsList","Promise","resolve","foldersList","identity","permissions","identityTeam","processedFolderPermissions","processFolderPermissions","folder","some","fp","folderId","id","currentFolderPermissions","map","permission","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","hasFullAccess","name","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","accessInheritedFrom","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","type","canAccessFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n getIdentityTeam: () => Promise<Team | null>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n isAuthorizationEnabled: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly getIdentityTeam: () => Promise<Team | null>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly canUseFolderLevelPermissions: () => boolean;\n private readonly isAuthorizationEnabled: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n private foldersPermissionsLists: Record<string, Promise<FolderPermissionsList> | null> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.getIdentityTeam = params.getIdentityTeam;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = params.canUseFolderLevelPermissions;\n\n this.isAuthorizationEnabled = params.isAuthorizationEnabled;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateFoldersCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n invalidateFoldersPermissionsListCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.foldersPermissionsLists) {\n delete this.foldersPermissionsLists[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n updateFoldersCache(folderType: string, modifier: (folders: Folder[]) => Folder[]) {\n const foldersClone = structuredClone(this.allFolders[folderType]) || [];\n this.allFolders[folderType] = modifier(foldersClone);\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n const existingFoldersPermissionsList = this.foldersPermissionsLists[params.folderType];\n if (existingFoldersPermissionsList) {\n return existingFoldersPermissionsList;\n }\n\n this.foldersPermissionsLists[params.folderType] = new Promise(async resolve => {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n resolve([]);\n return;\n // return [];\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeam: Team | null;\n if (this.canUseTeams()) {\n identityTeam = await this.getIdentityTeam();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" +\n processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions =\n currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n\n if (currentIdentityIncludedInPermissions) {\n // 1. Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] =\n currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n\n // 2. We must ensure current identity has the \"owner\" level if they possess full access\n // based on security permissions. This protects us from non-full-access users restricting\n // access to full-access users. This should not happen. Full-access users should always\n // be in control of the permissions for a folder.\n if (hasFullAccess) {\n const accessInheritedFrom =\n currentFolderPermissions.permissions[0].inheritedFrom;\n\n // Why are we checking for non-existence of `accessInheritedFrom`?\n // Because if it doesn't exist, it means the permission is not inherited from\n // a parent folder, which means it's a direct permission set on the folder.\n // In this case, we must ensure the permission is set to \"owner\".\n if (!accessInheritedFrom) {\n currentFolderPermissions.permissions[0] = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n }\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeam) {\n // 2. Check the team user belongs to grants access to the folder.\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n resolve(processedFolderPermissions);\n return;\n //return processedFolderPermissions;\n });\n\n return this.foldersPermissionsLists[params.folderType]!;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n if (!this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AAoDO,MAAMC,sBAAsB,CAAC;EAQxBC,UAAU,GAA6B,CAAC,CAAC;EACzCC,uBAAuB,GAA0D,CAAC,CAAC;EAE3FC,WAAWA,CAACC,MAAoC,EAAE;IAC9C,IAAI,CAACC,WAAW,GAAGD,MAAM,CAACC,WAAW;IACrC,IAAI,CAACC,eAAe,GAAGF,MAAM,CAACE,eAAe;IAC7C,IAAI,CAACC,eAAe,GAAGH,MAAM,CAACG,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGJ,MAAM,CAACK,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGN,MAAM,CAACM,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAGP,MAAM,CAACO,4BAA4B;IAEvE,IAAI,CAACC,sBAAsB,GAAGR,MAAM,CAACQ,sBAAsB;EAC/D;EAEA,MAAMH,cAAcA,CAACI,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACZ,UAAU,EAAE;MAC/B,OAAOa,eAAe,CAAC,IAAI,CAACb,UAAU,CAACY,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACZ,UAAU,CAACY,UAAU,CAAC,GAAG,MAAM,IAAI,CAACL,sBAAsB,CAACK,UAAU,CAAC;IAC3E,OAAOC,eAAe,CAAC,IAAI,CAACb,UAAU,CAACY,UAAU,CAAC,CAAC;EACvD;EAEA,MAAME,6BAA6BA,CAACF,UAAkB,EAAE;IACpD,MAAMG,OAAO,GAAG,MAAM,IAAI,CAACP,cAAc,CAACI,UAAU,CAAC;;IAErD;IACA,MAAMI,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,sBAAsBA,CAACR,UAAmB,EAAE;IACxC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACZ,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACY,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACZ,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEAqB,qCAAqCA,CAACT,UAAmB,EAAE;IACvD,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACX,uBAAuB,EAAE;QAC5C,OAAO,IAAI,CAACA,uBAAuB,CAACW,UAAU,CAAC;MACnD;IACJ,CAAC,MAAM;MACH,IAAI,CAACZ,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEAsB,kBAAkBA,CAACV,UAAkB,EAAEW,QAAyC,EAAE;IAC9E,MAAMC,YAAY,GAAGX,eAAe,CAAC,IAAI,CAACb,UAAU,CAACY,UAAU,CAAC,CAAC,IAAI,EAAE;IACvE,IAAI,CAACZ,UAAU,CAACY,UAAU,CAAC,GAAGW,QAAQ,CAACC,YAAY,CAAC;EACxD;EAEA,MAAMC,sBAAsBA,CACxBtB,MAAmC,EACL;IAC9B,MAAMuB,8BAA8B,GAAG,IAAI,CAACzB,uBAAuB,CAACE,MAAM,CAACS,UAAU,CAAC;IACtF,IAAIc,8BAA8B,EAAE;MAChC,OAAOA,8BAA8B;IACzC;IAEA,IAAI,CAACzB,uBAAuB,CAACE,MAAM,CAACS,UAAU,CAAC,GAAG,IAAIe,OAAO,CAAC,MAAMC,OAAO,IAAI;MAC3E,IAAI,CAAC,IAAI,CAAClB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;QACxEiB,OAAO,CAAC,EAAE,CAAC;QACX;QACA;MACJ;;MAEA,MAAM;QAAEhB,UAAU;QAAEiB;MAAY,CAAC,GAAG1B,MAAM;MAE1C,MAAMH,UAAU,GAAG6B,WAAW,KAAK,MAAM,IAAI,CAACrB,cAAc,CAACI,UAAU,CAAC,CAAC;MACzE,MAAMkB,QAAQ,GAAG,IAAI,CAAC1B,WAAW,CAAC,CAAC;MACnC,MAAM2B,WAAW,GAAG,MAAM,IAAI,CAACzB,eAAe,CAAC,CAAC;MAEhD,IAAI0B,YAAyB;MAC7B,IAAI,IAAI,CAACvB,WAAW,CAAC,CAAC,EAAE;QACpBuB,YAAY,GAAG,MAAM,IAAI,CAAC3B,eAAe,CAAC,CAAC;MAC/C;MAEA,MAAM4B,0BAAuD,GAAG,EAAE;MAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;QACjD,IAAIF,0BAA0B,CAACG,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC,EAAE;UAClE;QACJ;;QAEA;QACA,MAAMC,wBAAmD,GAAG;UACxDF,QAAQ,EAAEH,MAAM,CAACI,EAAE;UACnB;UACAR,WAAW,EAAEI,MAAM,CAACJ,WAAW,EAAEU,GAAG,CAACC,UAAU,KAAK;YAAE,GAAGA;UAAW,CAAC,CAAC,CAAC,IAAI;QAC/E,CAAC;;QAED;QACA,IAAIP,MAAM,CAACQ,QAAQ,EAAE;UACjB,MAAMC,YAAY,GAAG5C,UAAU,CAAE6C,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACP,EAAE,KAAKJ,MAAM,CAACQ,QAAQ,CAAE;UACrE,IAAIC,YAAY,EAAE;YACd;YACA,IAAIG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAClER,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKM,YAAY,CAACL,EACvC,CAAC;;YAED;YACA,IAAI,CAACQ,gCAAgC,EAAE;cACnCb,wBAAwB,CAACU,YAAY,CAAC;cACtCG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAC9DR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACQ,QACjC,CAAC;YACL;;YAEA;YACA,IAAII,gCAAgC,EAAE;cAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAChB,WAAW,CAACK,IAAI,CAC7Ca,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;cAEL;cACA;cACA;cACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBR,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;cAErD,IAAID,WAAW,EAAE;gBACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAChB,WAAW,CAACU,GAAG,CAACQ,CAAC,IAAI;kBAClD,OAAO;oBACH,GAAGA,CAAC;oBACJK,aAAa,EACT,SAAS,GACTP,gCAAgC,CAAET;kBAC1C,CAAC;gBACL,CAAC,CAAC;gBAENE,wBAAwB,CAACT,WAAW,CAACwB,IAAI,CAAC,GAAGF,oBAAoB,CAAC;cACtE;YACJ;UACJ;QACJ;;QAEA;QACA;QACA;QACA,MAAMG,oCAAoC,GACtChB,wBAAwB,CAACT,WAAW,CAACK,IAAI,CACrCa,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAC3C,CAAC;QAEL,MAAMmB,aAAa,GAAG3B,WAAW,CAACK,IAAI,CAACa,CAAC,IAAIA,CAAC,CAACU,IAAI,KAAK,GAAG,CAAC;QAE3D,IAAIH,oCAAoC,EAAE;UACtC;UACA,MAAMI,8BAA8B,GAChCpB,wBAAwB,CAACT,WAAW,CAAC8B,SAAS,CAC1CZ,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAC3C,CAAC;UAEL,IAAIqB,8BAA8B,GAAG,CAAC,EAAE;YACpC,MAAM,CAACE,yBAAyB,CAAC,GAC7BtB,wBAAwB,CAACT,WAAW,CAACgC,MAAM,CACvCH,8BAA8B,EAC9B,CACJ,CAAC;YACLpB,wBAAwB,CAACT,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;;UAEA;UACA;UACA;UACA;UACA,IAAIJ,aAAa,EAAE;YACf,MAAMO,mBAAmB,GACrBzB,wBAAwB,CAACT,WAAW,CAAC,CAAC,CAAC,CAACuB,aAAa;;YAEzD;YACA;YACA;YACA;YACA,IAAI,CAACW,mBAAmB,EAAE;cACtBzB,wBAAwB,CAACT,WAAW,CAAC,CAAC,CAAC,GAAG;gBACtC0B,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;gBAC9BW,KAAK,EAAE,OAAO;gBACdI,aAAa,EAAE;cACnB,CAAC;YACL;UACJ;QACJ,CAAC,MAAM;UACH;UACA,IAAIQ,yBAAkD,GAAG,IAAI;;UAE7D;UACA,IAAIJ,aAAa,EAAE;YACfI,yBAAyB,GAAG;cACxBL,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;cAC9BW,KAAK,EAAE,OAAO;cACdI,aAAa,EAAE;YACnB,CAAC;UACL,CAAC,MAAM,IAAItB,YAAY,EAAE;YACrB;YACA,MAAMkC,cAAc,GAAG1B,wBAAwB,CAACT,WAAW,CAACc,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAM,QAAOzB,YAAY,CAAEO,EAAG,EAC/C,CAAC;YAED,IAAI2B,cAAc,EAAE;cAChBJ,yBAAyB,GAAG;gBACxBL,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;gBAC9BW,KAAK,EAAEgB,cAAc,CAAChB,KAAK;gBAC3BI,aAAa,EAAE,OAAO,GAAGtB,YAAY,CAAEO;cAC3C,CAAC;YACL;UACJ;UAEA,IAAIuB,yBAAyB,EAAE;YAC3B;YACA;YACAtB,wBAAwB,CAACT,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;QACJ;;QAEA;QACA;QACA,MAAMK,uBAAuB,GAAG3B,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;QACjF,IAAIe,uBAAuB,EAAE;UACzB3B,wBAAwB,CAACT,WAAW,GAAG,CACnC;YACI0B,MAAM,EAAG,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;YAC9BW,KAAK,EAAE,QAAQ;YACfI,aAAa,EAAE;UACnB,CAAC,CACJ;QACL;QAEArB,0BAA0B,CAACsB,IAAI,CAACf,wBAAwB,CAAC;MAC7D,CAAC;MAED,KAAK,IAAI4B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGpE,UAAU,CAAEoD,MAAM,EAAEgB,CAAC,EAAE,EAAE;QACzC,MAAMjC,MAAM,GAAGnC,UAAU,CAAEoE,CAAC,CAAC;QAC7BlC,wBAAwB,CAACC,MAAM,CAAC;MACpC;MAEAP,OAAO,CAACK,0BAA0B,CAAC;MACnC;MACA;IACJ,CAAC,CAAC;;IAEF,OAAO,IAAI,CAAChC,uBAAuB,CAACE,MAAM,CAACS,UAAU,CAAC;EAC1D;EAEA,MAAMyD,oBAAoBA,CACtBlE,MAAkC,EACY;IAC9C,MAAM;MAAEgC,MAAM;MAAEN;IAAY,CAAC,GAAG1B,MAAM;IACtC,MAAMmE,qBAAqB,GAAG,MAAM,IAAI,CAAC7C,sBAAsB,CAAC;MAC5Db,UAAU,EAAEuB,MAAM,CAACoC,IAAI;MACvB1C;IACJ,CAAC,CAAC;IAEF,OAAOyC,qBAAqB,CAACzB,IAAI,CAACR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAACrE,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEwB;IAAO,CAAC,GAAGhC,MAAM;IAEzB,MAAMsE,iBAAiB,GAAG,MAAM,IAAI,CAACJ,oBAAoB,CAAC;MACtDlC,MAAM;MACNN,WAAW,EAAE1B,MAAM,CAAC0B;IACxB,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAAC1B,WAAW,CAAC,CAAC;IACnC,MAAM0D,yBAAyB,GAAGW,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEZ;IAAM,CAAC,GAAGY,yBAAyB;IAE3C,IAAI3D,MAAM,CAACuE,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAI/C,MAAM,CAACe,GAAG,KAAK,GAAG,EAAE;MACpB,OAAOgC,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAACxE,MAA6B,EAAE;IACvD,MAAMqE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAACrE,MAAM,CAAC;IAC1D,IAAI,CAACqE,eAAe,EAAE;MAClB,MAAM,IAAII,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAC1C,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAACzB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MAChC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAAC6D,eAAe,CAAC;MAAErC,MAAM;MAAEjB,GAAG,EAAE,GAAG;MAAEwD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAAC3C,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAACzB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAAC6D,eAAe,CAAC;MAAErC,MAAM;MAAEjB,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEA6D,sBAAsBA,CAAC5C,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAACzB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACqE,sBAAsB,CAAC;MAAE7C,MAAM;MAAEjB,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAM8D,sBAAsBA,CAAC7E,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACC,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEwB,MAAM;MAAEN;IAAY,CAAC,GAAG1B,MAAM;IAEtC,MAAMsE,iBAAiB,GAAG,MAAM,IAAI,CAACJ,oBAAoB,CAAC;MACtDlC,MAAM;MACNN;IACJ,CAAC,CAAC;IAEF,MAAMC,QAAQ,GAAG,IAAI,CAAC1B,WAAW,CAAC,CAAC;IACnC,MAAM0D,yBAAyB,GAAGW,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAM,SAAQ3B,QAAQ,CAACS,EAAG,EAAC;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAI3D,MAAM,CAACe,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAEgC;MAAM,CAAC,GAAGY,yBAAyB;MAC3C,OAAOZ,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAAC9E,MAAoC,EAAE;IACrE,MAAM6E,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAAC7E,MAAM,CAAC;IACxE,IAAI,CAAC6E,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAMjE,aAAaA,CAACd,MAA2B,EAAE;IAC7C,MAAMgF,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAEpE,OAAO;MAAEG;IAAI,CAAC,GAAGf,MAAM;IAC/B,KAAK,IAAIiE,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGrD,OAAO,CAACqC,MAAM,EAAEgB,CAAC,EAAE,EAAE;MACrC,MAAMjC,MAAM,GAAGpB,OAAO,CAACqD,CAAC,CAAC;MACzB,MAAMI,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAErC,MAAM;QAAEjB;MAAI,CAAC,CAAC;MACnE,IAAIsD,eAAe,EAAE;QACjBW,eAAe,CAAC5B,IAAI,CAACpB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOgD,eAAe;EAC1B;EAEA,MAAMhE,uBAAuBA,CAACgB,MAAyB,EAAE;IACrD,MAAMpB,OAAO,GAAGqE,KAAK,CAACC,OAAO,CAAClD,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIiC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGrD,OAAO,CAACqC,MAAM,EAAEgB,CAAC,EAAE,EAAE;MACrC,MAAMjC,MAAM,GAAGpB,OAAO,CAACqD,CAAC,CAAC;MACzB,MAAMK,iBAAiB,GAAG,MAAM,IAAI,CAACJ,oBAAoB,CAAC;QAAElC;MAAO,CAAC,CAAC;MACrE,IAAIsC,iBAAiB,EAAE;QACnBtC,MAAM,CAACJ,WAAW,GAAG0C,iBAAiB,CAAC1C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAuD,yCAAyCA,CAAChB,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,EAAElC,IAAI,CAACa,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAAxF,sBAAA,GAAAA,sBAAA"}
package/utils/createOperationsWrapper.js CHANGED
@@ -9,18 +9,14 @@ var _error = _interopRequireDefault(require("@webiny/error"));
9
9
  const createOperationsWrapper = params => {
10
10
  const {
11
11
  cms,
12
- security,
13
12
  modelName
14
13
  } = params;
15
14
  const withModel = async cb => {
16
- return security.withoutAuthorization(async () => {
17
- const model = await cms.getModel(modelName);
18
- if (!model) {
19
- throw new _error.default(`Could not find "${modelName}" model.`, "MODEL_NOT_FOUND_ERROR");
20
- }
21
- const result = await cb(model);
22
- return result;
23
- });
15
+ const model = await cms.getModel(modelName);
16
+ if (!model) {
17
+ throw new _error.default(`Could not find "${modelName}" model.`, "MODEL_NOT_FOUND_ERROR");
18
+ }
19
+ return cb(model);
24
20
  };
25
21
  return {
26
22
  withModel
package/utils/createOperationsWrapper.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_error","_interopRequireDefault","require","createOperationsWrapper","params","cms","security","modelName","withModel","cb","withoutAuthorization","model","getModel","WebinyError","result","exports"],"sources":["createOperationsWrapper.ts"],"sourcesContent":["import { CreateAcoStorageOperationsParams } from \"~/createAcoStorageOperations\";\nimport { CmsModel } from \"@webiny/api-headless-cms/types\";\nimport WebinyError from \"@webiny/error\";\n\ninterface CreateOperationsWrapperParams extends CreateAcoStorageOperationsParams {\n modelName: string;\n}\n\nexport const createOperationsWrapper = (params: CreateOperationsWrapperParams) => {\n const { cms, security, modelName } = params;\n\n const withModel = async <TResult>(\n cb: (model: CmsModel) => Promise<TResult>\n ): Promise<TResult> => {\n return security.withoutAuthorization(async () => {\n const model = await cms.getModel(modelName);\n\n if (!model) {\n throw new WebinyError(\n `Could not find \"${modelName}\" model.`,\n \"MODEL_NOT_FOUND_ERROR\"\n );\n }\n\n const result = await cb(model);\n\n return result;\n });\n };\n\n return {\n withModel\n };\n};\n"],"mappings":";;;;;;;AAEA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAMO,MAAMC,uBAAuB,GAAIC,MAAqC,IAAK;EAC9E,MAAM;IAAEC,GAAG;IAAEC,QAAQ;IAAEC;EAAU,CAAC,GAAGH,MAAM;EAE3C,MAAMI,SAAS,GAAG,MACdC,EAAyC,IACtB;IACnB,OAAOH,QAAQ,CAACI,oBAAoB,CAAC,YAAY;MAC7C,MAAMC,KAAK,GAAG,MAAMN,GAAG,CAACO,QAAQ,CAACL,SAAS,CAAC;MAE3C,IAAI,CAACI,KAAK,EAAE;QACR,MAAM,IAAIE,cAAW,CAChB,mBAAkBN,SAAU,UAAS,EACtC,uBACJ,CAAC;MACL;MAEA,MAAMO,MAAM,GAAG,MAAML,EAAE,CAACE,KAAK,CAAC;MAE9B,OAAOG,MAAM;IACjB,CAAC,CAAC;EACN,CAAC;EAED,OAAO;IACHN;EACJ,CAAC;AACL,CAAC;AAACO,OAAA,CAAAZ,uBAAA,GAAAA,uBAAA"}
1
+ {"version":3,"names":["_error","_interopRequireDefault","require","createOperationsWrapper","params","cms","modelName","withModel","cb","model","getModel","WebinyError","exports"],"sources":["createOperationsWrapper.ts"],"sourcesContent":["import { CreateAcoStorageOperationsParams } from \"~/createAcoStorageOperations\";\nimport { CmsModel } from \"@webiny/api-headless-cms/types\";\nimport WebinyError from \"@webiny/error\";\n\ninterface CreateOperationsWrapperParams extends CreateAcoStorageOperationsParams {\n modelName: string;\n}\n\nexport const createOperationsWrapper = (params: CreateOperationsWrapperParams) => {\n const { cms, modelName } = params;\n\n const withModel = async <TResult>(\n cb: (model: CmsModel) => Promise<TResult>\n ): Promise<TResult> => {\n const model = await cms.getModel(modelName);\n\n if (!model) {\n throw new WebinyError(`Could not find \"${modelName}\" model.`, \"MODEL_NOT_FOUND_ERROR\");\n }\n\n return cb(model);\n };\n\n return { withModel };\n};\n"],"mappings":";;;;;;;AAEA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AAMO,MAAMC,uBAAuB,GAAIC,MAAqC,IAAK;EAC9E,MAAM;IAAEC,GAAG;IAAEC;EAAU,CAAC,GAAGF,MAAM;EAEjC,MAAMG,SAAS,GAAG,MACdC,EAAyC,IACtB;IACnB,MAAMC,KAAK,GAAG,MAAMJ,GAAG,CAACK,QAAQ,CAACJ,SAAS,CAAC;IAE3C,IAAI,CAACG,KAAK,EAAE;MACR,MAAM,IAAIE,cAAW,CAAE,mBAAkBL,SAAU,UAAS,EAAE,uBAAuB,CAAC;IAC1F;IAEA,OAAOE,EAAE,CAACC,KAAK,CAAC;EACpB,CAAC;EAED,OAAO;IAAEF;EAAU,CAAC;AACxB,CAAC;AAACK,OAAA,CAAAT,uBAAA,GAAAA,uBAAA"}
package/utils/decorators/CmsEntriesCrudDecorators.js CHANGED
@@ -18,8 +18,18 @@ class CmsEntriesCrudDecorators {
18
18
  const context = this.context;
19
19
  const folderLevelPermissions = context.aco.folderLevelPermissions;
20
20
  const filterEntriesByFolder = (0, _filterEntriesByFolderFactory.filterEntriesByFolderFactory)(context, folderLevelPermissions);
21
+ const modelAuthorizationDisabled = model => {
22
+ if (typeof model.authorization === "object") {
23
+ return model?.authorization?.flp === false;
24
+ }
25
+ return model.authorization === false;
26
+ };
21
27
  const originalCmsListEntries = context.cms.listEntries.bind(context.cms);
22
- context.cms.listEntries = async (model, params) => {
28
+ context.cms.listEntries = async (...allParams) => {
29
+ const [model, params] = allParams;
30
+ if (modelAuthorizationDisabled(model)) {
31
+ return originalCmsListEntries(...allParams);
32
+ }
23
33
  const folderType = (0, _createFolderType.createFolderType)(model);
24
34
  const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);
25
35
  const where = (0, _where.createWhere)({
@@ -33,7 +43,11 @@ class CmsEntriesCrudDecorators {
33
43
  });
34
44
  };
35
45
  const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);
36
- context.cms.getEntry = async (model, params) => {
46
+ context.cms.getEntry = async (...allParams) => {
47
+ const [model, params] = allParams;
48
+ if (modelAuthorizationDisabled(model)) {
49
+ return originalCmsGetEntry(...allParams);
50
+ }
37
51
  const entry = await originalCmsGetEntry(model, params);
38
52
  const folderId = entry?.location?.folderId;
39
53
  if (!folderId || folderId === _constants.ROOT_FOLDER) {
@@ -47,7 +61,11 @@ class CmsEntriesCrudDecorators {
47
61
  return entry;
48
62
  };
49
63
  const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);
50
- context.cms.getEntryById = async (model, params) => {
64
+ context.cms.getEntryById = async (...allParams) => {
65
+ const [model, params] = allParams;
66
+ if (modelAuthorizationDisabled(model)) {
67
+ return originalCmsGetEntryById(...allParams);
68
+ }
51
69
  const entry = await originalCmsGetEntryById(model, params);
52
70
  const folderId = entry?.location?.folderId;
53
71
  if (!folderId || folderId === _constants.ROOT_FOLDER) {
@@ -61,17 +79,29 @@ class CmsEntriesCrudDecorators {
61
79
  return entry;
62
80
  };
63
81
  const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);
64
- context.cms.getLatestEntriesByIds = async (model, ids) => {
82
+ context.cms.getLatestEntriesByIds = async (...allParams) => {
83
+ const [model, ids] = allParams;
84
+ if (modelAuthorizationDisabled(model)) {
85
+ return originalGetLatestEntriesByIds(...allParams);
86
+ }
65
87
  const entries = await originalGetLatestEntriesByIds(model, ids);
66
88
  return filterEntriesByFolder(model, entries);
67
89
  };
68
90
  const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(context.cms);
69
- context.cms.getPublishedEntriesByIds = async (model, ids) => {
91
+ context.cms.getPublishedEntriesByIds = async (...allParams) => {
92
+ const [model, ids] = allParams;
93
+ if (modelAuthorizationDisabled(model)) {
94
+ return originalGetPublishedEntriesByIds(...allParams);
95
+ }
70
96
  const entries = await originalGetPublishedEntriesByIds(model, ids);
71
97
  return filterEntriesByFolder(model, entries);
72
98
  };
73
99
  const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);
74
- context.cms.createEntry = async (model, params, options) => {
100
+ context.cms.createEntry = async (...allParams) => {
101
+ const [model, params, options] = allParams;
102
+ if (modelAuthorizationDisabled(model)) {
103
+ return originalCmsCreateEntry(...allParams);
104
+ }
75
105
  const folderId = params.wbyAco_location?.folderId || params.location?.folderId;
76
106
  if (!folderId || folderId === _constants.ROOT_FOLDER) {
77
107
  return originalCmsCreateEntry(model, params, options);
@@ -84,7 +114,11 @@ class CmsEntriesCrudDecorators {
84
114
  return originalCmsCreateEntry(model, params, options);
85
115
  };
86
116
  const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);
87
- context.cms.createEntryRevisionFrom = async (model, id, input, options) => {
117
+ context.cms.createEntryRevisionFrom = async (...allParams) => {
118
+ const [model, id, input, options] = allParams;
119
+ if (modelAuthorizationDisabled(model)) {
120
+ return originalCmsCreateFromEntry(...allParams);
121
+ }
88
122
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
89
123
  id
90
124
  });
@@ -100,7 +134,11 @@ class CmsEntriesCrudDecorators {
100
134
  return originalCmsCreateFromEntry(model, id, input, options);
101
135
  };
102
136
  const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);
103
- context.cms.updateEntry = async (model, id, input, meta, options) => {
137
+ context.cms.updateEntry = async (...allParams) => {
138
+ const [model, id, input, meta, options] = allParams;
139
+ if (modelAuthorizationDisabled(model)) {
140
+ return originalCmsUpdateEntry(...allParams);
141
+ }
104
142
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
105
143
  id
106
144
  });
@@ -116,7 +154,11 @@ class CmsEntriesCrudDecorators {
116
154
  return originalCmsUpdateEntry(model, id, input, meta, options);
117
155
  };
118
156
  const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);
119
- context.cms.deleteEntry = async (model, id, options) => {
157
+ context.cms.deleteEntry = async (...allParams) => {
158
+ const [model, id, options] = allParams;
159
+ if (modelAuthorizationDisabled(model)) {
160
+ return originalCmsDeleteEntry(...allParams);
161
+ }
120
162
  const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(model, {
121
163
  id
122
164
  });
@@ -132,7 +174,11 @@ class CmsEntriesCrudDecorators {
132
174
  return originalCmsDeleteEntry(model, id, options);
133
175
  };
134
176
  const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);
135
- context.cms.deleteEntryRevision = async (model, id) => {
177
+ context.cms.deleteEntryRevision = async (...allParams) => {
178
+ const [model, id] = allParams;
179
+ if (modelAuthorizationDisabled(model)) {
180
+ return originalCmsDeleteEntryRevision(...allParams);
181
+ }
136
182
  const entry = await context.cms.storageOperations.entries.getRevisionById(model, {
137
183
  id
138
184
  });
@@ -148,7 +194,12 @@ class CmsEntriesCrudDecorators {
148
194
  return originalCmsDeleteEntryRevision(model, id);
149
195
  };
150
196
  const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);
151
- context.cms.moveEntry = async (model, id, targetFolderId) => {
197
+ context.cms.moveEntry = async (...allParams) => {
198
+ const [model, id, targetFolderId] = allParams;
199
+ if (modelAuthorizationDisabled(model)) {
200
+ return originalCmsMoveEntry(...allParams);
201
+ }
202
+
152
203
  /**
153
204
  * First we need to check if user has access to the entries existing folder.
154
205
  */
package/utils/decorators/CmsEntriesCrudDecorators.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_where","require","_constants","_filterEntriesByFolderFactory","_createFolderType","CmsEntriesCrudDecorators","constructor","context","decorate","folderLevelPermissions","aco","filterEntriesByFolder","filterEntriesByFolderFactory","originalCmsListEntries","cms","listEntries","bind","model","params","folderType","createFolderType","folders","listAllFoldersWithPermissions","where","createWhere","originalCmsGetEntry","getEntry","entry","folderId","location","ROOT_FOLDER","folder","get","ensureCanAccessFolderContent","rwd","originalCmsGetEntryById","getEntryById","originalGetLatestEntriesByIds","getLatestEntriesByIds","ids","entries","originalGetPublishedEntriesByIds","getPublishedEntriesByIds","originalCmsCreateEntry","createEntry","options","wbyAco_location","originalCmsCreateFromEntry","createEntryRevisionFrom","id","input","storageOperations","getRevisionById","originalCmsUpdateEntry","updateEntry","meta","originalCmsDeleteEntry","deleteEntry","getLatestRevisionByEntryId","originalCmsDeleteEntryRevision","deleteEntryRevision","originalCmsMoveEntry","moveEntry","targetFolderId","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { createWhere } from \"./where\";\nimport { ROOT_FOLDER } from \"./constants\";\nimport { filterEntriesByFolderFactory } from \"./filterEntriesByFolderFactory\";\nimport { createFolderType } from \"./createFolderType\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n const originalCmsListEntries = context.cms.listEntries.bind(context.cms);\n context.cms.listEntries = async (model, params) => {\n const folderType = createFolderType(model);\n const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);\n\n const where = createWhere({\n model,\n where: params.where,\n folders\n });\n return originalCmsListEntries(model, {\n ...params,\n where\n });\n };\n\n const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);\n context.cms.getEntry = async (model, params) => {\n const entry = await originalCmsGetEntry(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n };\n\n const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);\n context.cms.getEntryById = async (model, params) => {\n const entry = await originalCmsGetEntryById(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n };\n\n const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);\n context.cms.getLatestEntriesByIds = async (model, ids) => {\n const entries = await originalGetLatestEntriesByIds(model, ids);\n\n return filterEntriesByFolder(model, entries);\n };\n\n const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(\n context.cms\n );\n context.cms.getPublishedEntriesByIds = async (model, ids) => {\n const entries = await originalGetPublishedEntriesByIds(model, ids);\n return filterEntriesByFolder(model, entries);\n };\n\n const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);\n context.cms.createEntry = async (model, params, options) => {\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateEntry(model, params, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateEntry(model, params, options);\n };\n\n const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);\n context.cms.createEntryRevisionFrom = async (model, id, input, options) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateFromEntry(model, id, input, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateFromEntry(model, id, input, options);\n };\n\n const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);\n context.cms.updateEntry = async (model, id, input, meta, options) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsUpdateEntry(model, id, input, meta, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsUpdateEntry(model, id, input, meta, options);\n };\n\n const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);\n context.cms.deleteEntry = async (model, id, options) => {\n const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(\n model,\n {\n id\n }\n );\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntry(model, id, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntry(model, id, options);\n };\n\n const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);\n context.cms.deleteEntryRevision = async (model, id) => {\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntryRevision(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntryRevision(model, id);\n };\n\n const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);\n context.cms.moveEntry = async (model, id, targetFolderId) => {\n /**\n * First we need to check if user has access to the entries existing folder.\n */\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId || ROOT_FOLDER;\n /**\n * If the entry is in the same folder we are trying to move it to, just continue.\n */\n if (folderId === targetFolderId) {\n return originalCmsMoveEntry(model, id, targetFolderId);\n } else if (folderId !== ROOT_FOLDER) {\n /**\n * If entry current folder is not a root, check for access\n */\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n /**\n * If target folder is not a ROOT_FOLDER, check for access.\n */\n if (targetFolderId !== ROOT_FOLDER) {\n const folder = await context.aco.folder.get(targetFolderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n\n return originalCmsMoveEntry(model, id, targetFolderId);\n };\n }\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,6BAAA,GAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AAQO,MAAMI,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAEC;EAA0C,CAAC,EAAE;IAC9D,IAAI,CAACA,OAAO,GAAGA,OAAO;EAC1B;EAEOC,QAAQA,CAAA,EAAG;IACd,MAAMD,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAME,sBAAsB,GAAGF,OAAO,CAACG,GAAG,CAACD,sBAAsB;IAEjE,MAAME,qBAAqB,GAAG,IAAAC,0DAA4B,EAACL,OAAO,EAAEE,sBAAsB,CAAC;IAE3F,MAAMI,sBAAsB,GAAGN,OAAO,CAACO,GAAG,CAACC,WAAW,CAACC,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxEP,OAAO,CAACO,GAAG,CAACC,WAAW,GAAG,OAAOE,KAAK,EAAEC,MAAM,KAAK;MAC/C,MAAMC,UAAU,GAAG,IAAAC,kCAAgB,EAACH,KAAK,CAAC;MAC1C,MAAMI,OAAO,GAAG,MAAMZ,sBAAsB,CAACa,6BAA6B,CAACH,UAAU,CAAC;MAEtF,MAAMI,KAAK,GAAG,IAAAC,kBAAW,EAAC;QACtBP,KAAK;QACLM,KAAK,EAAEL,MAAM,CAACK,KAAK;QACnBF;MACJ,CAAC,CAAC;MACF,OAAOR,sBAAsB,CAACI,KAAK,EAAE;QACjC,GAAGC,MAAM;QACTK;MACJ,CAAC,CAAC;IACN,CAAC;IAED,MAAME,mBAAmB,GAAGlB,OAAO,CAACO,GAAG,CAACY,QAAQ,CAACV,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IAClEP,OAAO,CAACO,GAAG,CAACY,QAAQ,GAAG,OAAOT,KAAK,EAAEC,MAAM,KAAK;MAC5C,MAAMS,KAAK,GAAG,MAAMF,mBAAmB,CAACR,KAAK,EAAEC,MAAM,CAAC;MAEtD,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MAEA,MAAMI,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMQ,uBAAuB,GAAG5B,OAAO,CAACO,GAAG,CAACsB,YAAY,CAACpB,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IAC1EP,OAAO,CAACO,GAAG,CAACsB,YAAY,GAAG,OAAOnB,KAAK,EAAEC,MAAM,KAAK;MAChD,MAAMS,KAAK,GAAG,MAAMQ,uBAAuB,CAAClB,KAAK,EAAEC,MAAM,CAAC;MAE1D,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MACA,MAAMI,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMU,6BAA6B,GAAG9B,OAAO,CAACO,GAAG,CAACwB,qBAAqB,CAACtB,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACzFP,OAAO,CAACO,GAAG,CAACwB,qBAAqB,GAAG,OAAOrB,KAAK,EAAEsB,GAAG,KAAK;MACtD,MAAMC,OAAO,GAAG,MAAMH,6BAA6B,CAACpB,KAAK,EAAEsB,GAAG,CAAC;MAE/D,OAAO5B,qBAAqB,CAACM,KAAK,EAAEuB,OAAO,CAAC;IAChD,CAAC;IAED,MAAMC,gCAAgC,GAAGlC,OAAO,CAACO,GAAG,CAAC4B,wBAAwB,CAAC1B,IAAI,CAC9ET,OAAO,CAACO,GACZ,CAAC;IACDP,OAAO,CAACO,GAAG,CAAC4B,wBAAwB,GAAG,OAAOzB,KAAK,EAAEsB,GAAG,KAAK;MACzD,MAAMC,OAAO,GAAG,MAAMC,gCAAgC,CAACxB,KAAK,EAAEsB,GAAG,CAAC;MAClE,OAAO5B,qBAAqB,CAACM,KAAK,EAAEuB,OAAO,CAAC;IAChD,CAAC;IAED,MAAMG,sBAAsB,GAAGpC,OAAO,CAACO,GAAG,CAAC8B,WAAW,CAAC5B,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxEP,OAAO,CAACO,GAAG,CAAC8B,WAAW,GAAG,OAAO3B,KAAK,EAAEC,MAAM,EAAE2B,OAAO,KAAK;MACxD,MAAMjB,QAAQ,GAAGV,MAAM,CAAC4B,eAAe,EAAElB,QAAQ,IAAIV,MAAM,CAACW,QAAQ,EAAED,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOa,sBAAsB,CAAC1B,KAAK,EAAEC,MAAM,EAAE2B,OAAO,CAAC;MACzD;MAEA,MAAMd,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOS,sBAAsB,CAAC1B,KAAK,EAAEC,MAAM,EAAE2B,OAAO,CAAC;IACzD,CAAC;IAED,MAAME,0BAA0B,GAAGxC,OAAO,CAACO,GAAG,CAACkC,uBAAuB,CAAChC,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxFP,OAAO,CAACO,GAAG,CAACkC,uBAAuB,GAAG,OAAO/B,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEL,OAAO,KAAK;MACvE,MAAMlB,KAAK,GAAG,MAAMpB,OAAO,CAACO,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAACnC,KAAK,EAAE;QAC7EgC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOiB,0BAA0B,CAAC9B,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;MAChE;MAEA,MAAMd,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOa,0BAA0B,CAAC9B,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;IAChE,CAAC;IAED,MAAMQ,sBAAsB,GAAG9C,OAAO,CAACO,GAAG,CAACwC,WAAW,CAACtC,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxEP,OAAO,CAACO,GAAG,CAACwC,WAAW,GAAG,OAAOrC,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,KAAK;MACjE,MAAMlB,KAAK,GAAG,MAAMpB,OAAO,CAACO,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAACnC,KAAK,EAAE;QAC7EgC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOuB,sBAAsB,CAACpC,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;MAClE;MAEA,MAAMd,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOmB,sBAAsB,CAACpC,KAAK,EAAEgC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;IAClE,CAAC;IAED,MAAMW,sBAAsB,GAAGjD,OAAO,CAACO,GAAG,CAAC2C,WAAW,CAACzC,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxEP,OAAO,CAACO,GAAG,CAAC2C,WAAW,GAAG,OAAOxC,KAAK,EAAEgC,EAAE,EAAEJ,OAAO,KAAK;MACpD,MAAMlB,KAAK,GAAG,MAAMpB,OAAO,CAACO,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACkB,0BAA0B,CAChFzC,KAAK,EACL;QACIgC;MACJ,CACJ,CAAC;MAED,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO0B,sBAAsB,CAACvC,KAAK,EAAEgC,EAAE,EAAEJ,OAAO,CAAC;MACrD;MAEA,MAAMd,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOsB,sBAAsB,CAACvC,KAAK,EAAEgC,EAAE,EAAEJ,OAAO,CAAC;IACrD,CAAC;IAED,MAAMc,8BAA8B,GAAGpD,OAAO,CAACO,GAAG,CAAC8C,mBAAmB,CAAC5C,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACxFP,OAAO,CAACO,GAAG,CAAC8C,mBAAmB,GAAG,OAAO3C,KAAK,EAAEgC,EAAE,KAAK;MACnD,MAAMtB,KAAK,GAAG,MAAMpB,OAAO,CAACO,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAACnC,KAAK,EAAE;QAC7EgC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO6B,8BAA8B,CAAC1C,KAAK,EAAEgC,EAAE,CAAC;MACpD;MAEA,MAAMlB,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOyB,8BAA8B,CAAC1C,KAAK,EAAEgC,EAAE,CAAC;IACpD,CAAC;IAED,MAAMY,oBAAoB,GAAGtD,OAAO,CAACO,GAAG,CAACgD,SAAS,CAAC9C,IAAI,CAACT,OAAO,CAACO,GAAG,CAAC;IACpEP,OAAO,CAACO,GAAG,CAACgD,SAAS,GAAG,OAAO7C,KAAK,EAAEgC,EAAE,EAAEc,cAAc,KAAK;MACzD;AACZ;AACA;MACY,MAAMpC,KAAK,GAAG,MAAMpB,OAAO,CAACO,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAACnC,KAAK,EAAE;QAC7EgC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ,IAAIE,sBAAW;MACzD;AACZ;AACA;MACY,IAAIF,QAAQ,KAAKmC,cAAc,EAAE;QAC7B,OAAOF,oBAAoB,CAAC5C,KAAK,EAAEgC,EAAE,EAAEc,cAAc,CAAC;MAC1D,CAAC,MAAM,IAAInC,QAAQ,KAAKE,sBAAW,EAAE;QACjC;AAChB;AACA;QACgB,MAAMC,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;QACrD,MAAMnB,sBAAsB,CAACwB,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MACA;AACZ;AACA;MACY,IAAI6B,cAAc,KAAKjC,sBAAW,EAAE;QAChC,MAAMC,MAAM,GAAG,MAAMxB,OAAO,CAACG,GAAG,CAACqB,MAAM,CAACC,GAAG,CAAC+B,cAAc,CAAC;QAC3D,MAAMtD,sBAAsB,CAACwB,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MAEA,OAAO2B,oBAAoB,CAAC5C,KAAK,EAAEgC,EAAE,EAAEc,cAAc,CAAC;IAC1D,CAAC;EACL;AACJ;AAACC,OAAA,CAAA3D,wBAAA,GAAAA,wBAAA"}
1
+ {"version":3,"names":["_where","require","_constants","_filterEntriesByFolderFactory","_createFolderType","CmsEntriesCrudDecorators","constructor","context","decorate","folderLevelPermissions","aco","filterEntriesByFolder","filterEntriesByFolderFactory","modelAuthorizationDisabled","model","authorization","flp","originalCmsListEntries","cms","listEntries","bind","allParams","params","folderType","createFolderType","folders","listAllFoldersWithPermissions","where","createWhere","originalCmsGetEntry","getEntry","entry","folderId","location","ROOT_FOLDER","folder","get","ensureCanAccessFolderContent","rwd","originalCmsGetEntryById","getEntryById","originalGetLatestEntriesByIds","getLatestEntriesByIds","ids","entries","originalGetPublishedEntriesByIds","getPublishedEntriesByIds","originalCmsCreateEntry","createEntry","options","wbyAco_location","originalCmsCreateFromEntry","createEntryRevisionFrom","id","input","storageOperations","getRevisionById","originalCmsUpdateEntry","updateEntry","meta","originalCmsDeleteEntry","deleteEntry","getLatestRevisionByEntryId","originalCmsDeleteEntryRevision","deleteEntryRevision","originalCmsMoveEntry","moveEntry","targetFolderId","exports"],"sources":["CmsEntriesCrudDecorators.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\nimport { createWhere } from \"./where\";\nimport { ROOT_FOLDER } from \"./constants\";\nimport { filterEntriesByFolderFactory } from \"./filterEntriesByFolderFactory\";\nimport { createFolderType } from \"./createFolderType\";\nimport { CmsModel } from \"@webiny/api-headless-cms/types\";\n\ntype Context = Pick<AcoContext, \"aco\" | \"cms\">;\n\ninterface EntryManagerCrudDecoratorsParams {\n context: Context;\n}\n\nexport class CmsEntriesCrudDecorators {\n private readonly context: Context;\n\n public constructor({ context }: EntryManagerCrudDecoratorsParams) {\n this.context = context;\n }\n\n public decorate() {\n const context = this.context;\n const folderLevelPermissions = context.aco.folderLevelPermissions;\n\n const filterEntriesByFolder = filterEntriesByFolderFactory(context, folderLevelPermissions);\n\n const modelAuthorizationDisabled = (model: CmsModel) => {\n if (typeof model.authorization === \"object\") {\n return model?.authorization?.flp === false;\n }\n\n return model.authorization === false;\n };\n\n const originalCmsListEntries = context.cms.listEntries.bind(context.cms);\n context.cms.listEntries = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsListEntries(...allParams);\n }\n\n const folderType = createFolderType(model);\n const folders = await folderLevelPermissions.listAllFoldersWithPermissions(folderType);\n\n const where = createWhere({\n model,\n where: params.where,\n folders\n });\n return originalCmsListEntries(model, {\n ...params,\n where\n });\n };\n\n const originalCmsGetEntry = context.cms.getEntry.bind(context.cms);\n context.cms.getEntry = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsGetEntry(...allParams);\n }\n\n const entry = await originalCmsGetEntry(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n\n return entry;\n };\n\n const originalCmsGetEntryById = context.cms.getEntryById.bind(context.cms);\n context.cms.getEntryById = async (...allParams) => {\n const [model, params] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsGetEntryById(...allParams);\n }\n\n const entry = await originalCmsGetEntryById(model, params);\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return entry;\n }\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"r\"\n });\n return entry;\n };\n\n const originalGetLatestEntriesByIds = context.cms.getLatestEntriesByIds.bind(context.cms);\n context.cms.getLatestEntriesByIds = async (...allParams) => {\n const [model, ids] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalGetLatestEntriesByIds(...allParams);\n }\n\n const entries = await originalGetLatestEntriesByIds(model, ids);\n\n return filterEntriesByFolder(model, entries);\n };\n\n const originalGetPublishedEntriesByIds = context.cms.getPublishedEntriesByIds.bind(\n context.cms\n );\n context.cms.getPublishedEntriesByIds = async (...allParams) => {\n const [model, ids] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalGetPublishedEntriesByIds(...allParams);\n }\n\n const entries = await originalGetPublishedEntriesByIds(model, ids);\n return filterEntriesByFolder(model, entries);\n };\n\n const originalCmsCreateEntry = context.cms.createEntry.bind(context.cms);\n context.cms.createEntry = async (...allParams) => {\n const [model, params, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsCreateEntry(...allParams);\n }\n\n const folderId = params.wbyAco_location?.folderId || params.location?.folderId;\n\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateEntry(model, params, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateEntry(model, params, options);\n };\n\n const originalCmsCreateFromEntry = context.cms.createEntryRevisionFrom.bind(context.cms);\n context.cms.createEntryRevisionFrom = async (...allParams) => {\n const [model, id, input, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsCreateFromEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsCreateFromEntry(model, id, input, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsCreateFromEntry(model, id, input, options);\n };\n\n const originalCmsUpdateEntry = context.cms.updateEntry.bind(context.cms);\n context.cms.updateEntry = async (...allParams) => {\n const [model, id, input, meta, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsUpdateEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsUpdateEntry(model, id, input, meta, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n\n return originalCmsUpdateEntry(model, id, input, meta, options);\n };\n\n const originalCmsDeleteEntry = context.cms.deleteEntry.bind(context.cms);\n context.cms.deleteEntry = async (...allParams) => {\n const [model, id, options] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsDeleteEntry(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getLatestRevisionByEntryId(\n model,\n {\n id\n }\n );\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntry(model, id, options);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntry(model, id, options);\n };\n\n const originalCmsDeleteEntryRevision = context.cms.deleteEntryRevision.bind(context.cms);\n context.cms.deleteEntryRevision = async (...allParams) => {\n const [model, id] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsDeleteEntryRevision(...allParams);\n }\n\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId;\n if (!folderId || folderId === ROOT_FOLDER) {\n return originalCmsDeleteEntryRevision(model, id);\n }\n\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"d\"\n });\n\n return originalCmsDeleteEntryRevision(model, id);\n };\n\n const originalCmsMoveEntry = context.cms.moveEntry.bind(context.cms);\n context.cms.moveEntry = async (...allParams) => {\n const [model, id, targetFolderId] = allParams;\n if (modelAuthorizationDisabled(model)) {\n return originalCmsMoveEntry(...allParams);\n }\n\n /**\n * First we need to check if user has access to the entries existing folder.\n */\n const entry = await context.cms.storageOperations.entries.getRevisionById(model, {\n id\n });\n\n const folderId = entry?.location?.folderId || ROOT_FOLDER;\n /**\n * If the entry is in the same folder we are trying to move it to, just continue.\n */\n if (folderId === targetFolderId) {\n return originalCmsMoveEntry(model, id, targetFolderId);\n } else if (folderId !== ROOT_FOLDER) {\n /**\n * If entry current folder is not a root, check for access\n */\n const folder = await context.aco.folder.get(folderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n /**\n * If target folder is not a ROOT_FOLDER, check for access.\n */\n if (targetFolderId !== ROOT_FOLDER) {\n const folder = await context.aco.folder.get(targetFolderId);\n await folderLevelPermissions.ensureCanAccessFolderContent({\n folder,\n rwd: \"w\"\n });\n }\n\n return originalCmsMoveEntry(model, id, targetFolderId);\n };\n }\n}\n"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,6BAAA,GAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AASO,MAAMI,wBAAwB,CAAC;EAG3BC,WAAWA,CAAC;IAAEC;EAA0C,CAAC,EAAE;IAC9D,IAAI,CAACA,OAAO,GAAGA,OAAO;EAC1B;EAEOC,QAAQA,CAAA,EAAG;IACd,MAAMD,OAAO,GAAG,IAAI,CAACA,OAAO;IAC5B,MAAME,sBAAsB,GAAGF,OAAO,CAACG,GAAG,CAACD,sBAAsB;IAEjE,MAAME,qBAAqB,GAAG,IAAAC,0DAA4B,EAACL,OAAO,EAAEE,sBAAsB,CAAC;IAE3F,MAAMI,0BAA0B,GAAIC,KAAe,IAAK;MACpD,IAAI,OAAOA,KAAK,CAACC,aAAa,KAAK,QAAQ,EAAE;QACzC,OAAOD,KAAK,EAAEC,aAAa,EAAEC,GAAG,KAAK,KAAK;MAC9C;MAEA,OAAOF,KAAK,CAACC,aAAa,KAAK,KAAK;IACxC,CAAC;IAED,MAAME,sBAAsB,GAAGV,OAAO,CAACW,GAAG,CAACC,WAAW,CAACC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAACC,WAAW,GAAG,OAAO,GAAGE,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOG,sBAAsB,CAAC,GAAGI,SAAS,CAAC;MAC/C;MAEA,MAAME,UAAU,GAAG,IAAAC,kCAAgB,EAACV,KAAK,CAAC;MAC1C,MAAMW,OAAO,GAAG,MAAMhB,sBAAsB,CAACiB,6BAA6B,CAACH,UAAU,CAAC;MAEtF,MAAMI,KAAK,GAAG,IAAAC,kBAAW,EAAC;QACtBd,KAAK;QACLa,KAAK,EAAEL,MAAM,CAACK,KAAK;QACnBF;MACJ,CAAC,CAAC;MACF,OAAOR,sBAAsB,CAACH,KAAK,EAAE;QACjC,GAAGQ,MAAM;QACTK;MACJ,CAAC,CAAC;IACN,CAAC;IAED,MAAME,mBAAmB,GAAGtB,OAAO,CAACW,GAAG,CAACY,QAAQ,CAACV,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IAClEX,OAAO,CAACW,GAAG,CAACY,QAAQ,GAAG,OAAO,GAAGT,SAAS,KAAK;MAC3C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOe,mBAAmB,CAAC,GAAGR,SAAS,CAAC;MAC5C;MAEA,MAAMU,KAAK,GAAG,MAAMF,mBAAmB,CAACf,KAAK,EAAEQ,MAAM,CAAC;MAEtD,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MAEA,MAAMI,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMQ,uBAAuB,GAAGhC,OAAO,CAACW,GAAG,CAACsB,YAAY,CAACpB,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IAC1EX,OAAO,CAACW,GAAG,CAACsB,YAAY,GAAG,OAAO,GAAGnB,SAAS,KAAK;MAC/C,MAAM,CAACP,KAAK,EAAEQ,MAAM,CAAC,GAAGD,SAAS;MACjC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOyB,uBAAuB,CAAC,GAAGlB,SAAS,CAAC;MAChD;MAEA,MAAMU,KAAK,GAAG,MAAMQ,uBAAuB,CAACzB,KAAK,EAAEQ,MAAM,CAAC;MAE1D,MAAMU,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOH,KAAK;MAChB;MACA,MAAMI,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MACF,OAAOP,KAAK;IAChB,CAAC;IAED,MAAMU,6BAA6B,GAAGlC,OAAO,CAACW,GAAG,CAACwB,qBAAqB,CAACtB,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACzFX,OAAO,CAACW,GAAG,CAACwB,qBAAqB,GAAG,OAAO,GAAGrB,SAAS,KAAK;MACxD,MAAM,CAACP,KAAK,EAAE6B,GAAG,CAAC,GAAGtB,SAAS;MAC9B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO2B,6BAA6B,CAAC,GAAGpB,SAAS,CAAC;MACtD;MAEA,MAAMuB,OAAO,GAAG,MAAMH,6BAA6B,CAAC3B,KAAK,EAAE6B,GAAG,CAAC;MAE/D,OAAOhC,qBAAqB,CAACG,KAAK,EAAE8B,OAAO,CAAC;IAChD,CAAC;IAED,MAAMC,gCAAgC,GAAGtC,OAAO,CAACW,GAAG,CAAC4B,wBAAwB,CAAC1B,IAAI,CAC9Eb,OAAO,CAACW,GACZ,CAAC;IACDX,OAAO,CAACW,GAAG,CAAC4B,wBAAwB,GAAG,OAAO,GAAGzB,SAAS,KAAK;MAC3D,MAAM,CAACP,KAAK,EAAE6B,GAAG,CAAC,GAAGtB,SAAS;MAC9B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO+B,gCAAgC,CAAC,GAAGxB,SAAS,CAAC;MACzD;MAEA,MAAMuB,OAAO,GAAG,MAAMC,gCAAgC,CAAC/B,KAAK,EAAE6B,GAAG,CAAC;MAClE,OAAOhC,qBAAqB,CAACG,KAAK,EAAE8B,OAAO,CAAC;IAChD,CAAC;IAED,MAAMG,sBAAsB,GAAGxC,OAAO,CAACW,GAAG,CAAC8B,WAAW,CAAC5B,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAAC8B,WAAW,GAAG,OAAO,GAAG3B,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC,GAAG5B,SAAS;MAC1C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOiC,sBAAsB,CAAC,GAAG1B,SAAS,CAAC;MAC/C;MAEA,MAAMW,QAAQ,GAAGV,MAAM,CAAC4B,eAAe,EAAElB,QAAQ,IAAIV,MAAM,CAACW,QAAQ,EAAED,QAAQ;MAE9E,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOa,sBAAsB,CAACjC,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC;MACzD;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOS,sBAAsB,CAACjC,KAAK,EAAEQ,MAAM,EAAE2B,OAAO,CAAC;IACzD,CAAC;IAED,MAAME,0BAA0B,GAAG5C,OAAO,CAACW,GAAG,CAACkC,uBAAuB,CAAChC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxFX,OAAO,CAACW,GAAG,CAACkC,uBAAuB,GAAG,OAAO,GAAG/B,SAAS,KAAK;MAC1D,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC,GAAG5B,SAAS;MAC7C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOqC,0BAA0B,CAAC,GAAG9B,SAAS,CAAC;MACnD;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOiB,0BAA0B,CAACrC,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;MAChE;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOa,0BAA0B,CAACrC,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEL,OAAO,CAAC;IAChE,CAAC;IAED,MAAMQ,sBAAsB,GAAGlD,OAAO,CAACW,GAAG,CAACwC,WAAW,CAACtC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAACwC,WAAW,GAAG,OAAO,GAAGrC,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC,GAAG5B,SAAS;MACnD,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO2C,sBAAsB,CAAC,GAAGpC,SAAS,CAAC;MAC/C;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAOuB,sBAAsB,CAAC3C,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;MAClE;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOmB,sBAAsB,CAAC3C,KAAK,EAAEuC,EAAE,EAAEC,KAAK,EAAEK,IAAI,EAAEV,OAAO,CAAC;IAClE,CAAC;IAED,MAAMW,sBAAsB,GAAGrD,OAAO,CAACW,GAAG,CAAC2C,WAAW,CAACzC,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxEX,OAAO,CAACW,GAAG,CAAC2C,WAAW,GAAG,OAAO,GAAGxC,SAAS,KAAK;MAC9C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC,GAAG5B,SAAS;MACtC,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAO8C,sBAAsB,CAAC,GAAGvC,SAAS,CAAC;MAC/C;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACkB,0BAA0B,CAChFhD,KAAK,EACL;QACIuC;MACJ,CACJ,CAAC;MAED,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO0B,sBAAsB,CAAC9C,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC;MACrD;MAEA,MAAMd,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOsB,sBAAsB,CAAC9C,KAAK,EAAEuC,EAAE,EAAEJ,OAAO,CAAC;IACrD,CAAC;IAED,MAAMc,8BAA8B,GAAGxD,OAAO,CAACW,GAAG,CAAC8C,mBAAmB,CAAC5C,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACxFX,OAAO,CAACW,GAAG,CAAC8C,mBAAmB,GAAG,OAAO,GAAG3C,SAAS,KAAK;MACtD,MAAM,CAACP,KAAK,EAAEuC,EAAE,CAAC,GAAGhC,SAAS;MAC7B,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOiD,8BAA8B,CAAC,GAAG1C,SAAS,CAAC;MACvD;MAEA,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ;MAC1C,IAAI,CAACA,QAAQ,IAAIA,QAAQ,KAAKE,sBAAW,EAAE;QACvC,OAAO6B,8BAA8B,CAACjD,KAAK,EAAEuC,EAAE,CAAC;MACpD;MAEA,MAAMlB,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;MACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;QACtDF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,OAAOyB,8BAA8B,CAACjD,KAAK,EAAEuC,EAAE,CAAC;IACpD,CAAC;IAED,MAAMY,oBAAoB,GAAG1D,OAAO,CAACW,GAAG,CAACgD,SAAS,CAAC9C,IAAI,CAACb,OAAO,CAACW,GAAG,CAAC;IACpEX,OAAO,CAACW,GAAG,CAACgD,SAAS,GAAG,OAAO,GAAG7C,SAAS,KAAK;MAC5C,MAAM,CAACP,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC,GAAG9C,SAAS;MAC7C,IAAIR,0BAA0B,CAACC,KAAK,CAAC,EAAE;QACnC,OAAOmD,oBAAoB,CAAC,GAAG5C,SAAS,CAAC;MAC7C;;MAEA;AACZ;AACA;MACY,MAAMU,KAAK,GAAG,MAAMxB,OAAO,CAACW,GAAG,CAACqC,iBAAiB,CAACX,OAAO,CAACY,eAAe,CAAC1C,KAAK,EAAE;QAC7EuC;MACJ,CAAC,CAAC;MAEF,MAAMrB,QAAQ,GAAGD,KAAK,EAAEE,QAAQ,EAAED,QAAQ,IAAIE,sBAAW;MACzD;AACZ;AACA;MACY,IAAIF,QAAQ,KAAKmC,cAAc,EAAE;QAC7B,OAAOF,oBAAoB,CAACnD,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC;MAC1D,CAAC,MAAM,IAAInC,QAAQ,KAAKE,sBAAW,EAAE;QACjC;AAChB;AACA;QACgB,MAAMC,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAACJ,QAAQ,CAAC;QACrD,MAAMvB,sBAAsB,CAAC4B,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MACA;AACZ;AACA;MACY,IAAI6B,cAAc,KAAKjC,sBAAW,EAAE;QAChC,MAAMC,MAAM,GAAG,MAAM5B,OAAO,CAACG,GAAG,CAACyB,MAAM,CAACC,GAAG,CAAC+B,cAAc,CAAC;QAC3D,MAAM1D,sBAAsB,CAAC4B,4BAA4B,CAAC;UACtDF,MAAM;UACNG,GAAG,EAAE;QACT,CAAC,CAAC;MACN;MAEA,OAAO2B,oBAAoB,CAACnD,KAAK,EAAEuC,EAAE,EAAEc,cAAc,CAAC;IAC1D,CAAC;EACL;AACJ;AAACC,OAAA,CAAA/D,wBAAA,GAAAA,wBAAA"}
package/utils/isInstallationPending.d.ts DELETED
@@ -1,4 +0,0 @@
1
- import { AcoContext } from "../types";
2
- declare type CheckInstallationParams = Pick<AcoContext, "tenancy" | "i18n">;
3
- export declare const isInstallationPending: ({ tenancy, i18n }: CheckInstallationParams) => boolean;
4
- export {};
package/utils/isInstallationPending.js DELETED
@@ -1,23 +0,0 @@
1
- "use strict";
2
-
3
- Object.defineProperty(exports, "__esModule", {
4
- value: true
5
- });
6
- exports.isInstallationPending = void 0;
7
- const isInstallationPending = ({
8
- tenancy,
9
- i18n
10
- }) => {
11
- /**
12
- * In case of a fresh webiny project "tenant" and "locale" won't be there until
13
- * installation is completed. So, we need to skip "ACO" creation till then.
14
- */
15
- const tenant = tenancy.getCurrentTenant();
16
- if (!tenant) {
17
- return true;
18
- }
19
- return !i18n.getContentLocale();
20
- };
21
- exports.isInstallationPending = isInstallationPending;
22
-
23
- //# sourceMappingURL=isInstallationPending.js.map
package/utils/isInstallationPending.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"names":["isInstallationPending","tenancy","i18n","tenant","getCurrentTenant","getContentLocale","exports"],"sources":["isInstallationPending.ts"],"sourcesContent":["import { AcoContext } from \"~/types\";\n\ntype CheckInstallationParams = Pick<AcoContext, \"tenancy\" | \"i18n\">;\nexport const isInstallationPending = ({ tenancy, i18n }: CheckInstallationParams): boolean => {\n /**\n * In case of a fresh webiny project \"tenant\" and \"locale\" won't be there until\n * installation is completed. So, we need to skip \"ACO\" creation till then.\n */\n const tenant = tenancy.getCurrentTenant();\n if (!tenant) {\n return true;\n }\n\n return !i18n.getContentLocale();\n};\n"],"mappings":";;;;;;AAGO,MAAMA,qBAAqB,GAAGA,CAAC;EAAEC,OAAO;EAAEC;AAA8B,CAAC,KAAc;EAC1F;AACJ;AACA;AACA;EACI,MAAMC,MAAM,GAAGF,OAAO,CAACG,gBAAgB,CAAC,CAAC;EACzC,IAAI,CAACD,MAAM,EAAE;IACT,OAAO,IAAI;EACf;EAEA,OAAO,CAACD,IAAI,CAACG,gBAAgB,CAAC,CAAC;AACnC,CAAC;AAACC,OAAA,CAAAN,qBAAA,GAAAA,qBAAA"}