@webiny/api-aco 5.42.1 → 5.42.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/createAcoContext.js +15 -6
  2. package/createAcoContext.js.map +1 -1
  3. package/folder/folder.crud.js +9 -13
  4. package/folder/folder.crud.js.map +1 -1
  5. package/folder/folder.gql.js +30 -0
  6. package/folder/folder.gql.js.map +1 -1
  7. package/package.json +25 -25
  8. package/utils/FolderLevelPermissions.d.ts +6 -5
  9. package/utils/FolderLevelPermissions.js +17 -14
  10. package/utils/FolderLevelPermissions.js.map +1 -1
  11. package/utils/FoldersCacheFactory.d.ts +10 -0
  12. package/utils/FoldersCacheFactory.js +31 -0
  13. package/utils/FoldersCacheFactory.js.map +1 -0
  14. package/utils/ListCache.d.ts +23 -0
  15. package/utils/ListCache.js +31 -0
  16. package/utils/ListCache.js.map +1 -0
  17. package/utils/ListFoldersRepository.d.ts +10 -0
  18. package/utils/ListFoldersRepository.js +35 -0
  19. package/utils/ListFoldersRepository.js.map +1 -0
  20. package/utils/compress.d.ts +4 -0
  21. package/utils/compress.js +19 -0
  22. package/utils/compress.js.map +1 -0
package/createAcoContext.js CHANGED
@@ -76,7 +76,7 @@ const setupAcoContext = async (context, setupAcoContextParams) => {
76
76
  });
77
77
  },
78
78
  listPermissions: () => security.listPermissions(),
79
- listAllFolders: type => {
79
+ listAllFolders: params => {
80
80
  // When retrieving a list of all folders, we want to do it in the
81
81
  // fastest way and that is by directly using CMS's storage operations.
82
82
  const {
@@ -89,16 +89,21 @@ const setupAcoContext = async (context, setupAcoContextParams) => {
89
89
  });
90
90
  return withModel(async model => {
91
91
  try {
92
- const results = await context.cms.storageOperations.entries.list(model, {
93
- limit: 100_000,
92
+ const response = await context.cms.storageOperations.entries.list(model, {
93
+ limit: 10_000,
94
94
  where: {
95
- type,
95
+ ...params.where,
96
96
  // Folders always work with latest entries. We never publish them.
97
97
  latest: true
98
98
  },
99
+ after: params.after,
99
100
  sort: ["title_ASC"]
100
101
  });
101
- return results.items.map(_pickEntryFieldValues.pickEntryFieldValues);
102
+ return [response.items.map(_pickEntryFieldValues.pickEntryFieldValues), {
103
+ cursor: response.cursor,
104
+ totalCount: response.totalCount,
105
+ hasMoreItems: response.hasMoreItems
106
+ }];
102
107
  } catch (ex) {
103
108
  /**
104
109
  * Skip throwing an error if the error is related to the search phase execution.
@@ -107,7 +112,11 @@ const setupAcoContext = async (context, setupAcoContextParams) => {
107
112
  * TODO: figure out better way to handle this.
108
113
  */
109
114
  if (ex.message === "search_phase_execution_exception") {
110
- return [];
115
+ return [[], {
116
+ cursor: null,
117
+ totalCount: 0,
118
+ hasMoreItems: false
119
+ }];
111
120
  }
112
121
  throw ex;
113
122
  }
package/createAcoContext.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_error","_interopRequireDefault","require","_api","_apiHeadlessCms","_createAcoHooks","_createAcoStorageOperations","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_pickEntryFieldValues","_filter","setupAcoContext","context","setupAcoContextParams","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","listIdentityTeams","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","hasTeams","teams","length","listTeams","id_in","listPermissions","listAllFolders","type","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","results","entries","list","limit","latest","sort","items","map","pickEntryFieldValues","ex","message","canUseTeams","wcp","canUseFolderLevelPermissions","useFolderLevelPermissions","isAuthorizationEnabled","params","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","plugin","register","app","listAdminUsers","listUsers","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isHeadlessCmsReady","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { isHeadlessCmsReady } from \"@webiny/api-headless-cms\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport { AcoContext, CreateAcoParams, Folder, IAcoAppRegisterParams } from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { pickEntryFieldValues } from \"~/utils/pickEntryFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\ninterface CreateAcoContextParams {\n useFolderLevelPermissions?: boolean;\n}\n\nconst setupAcoContext = async (\n context: AcoContext,\n setupAcoContextParams: CreateAcoContextParams\n): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n listIdentityTeams: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n if (!identity) {\n return [];\n }\n\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return [];\n }\n\n const hasTeams = adminUser.teams && adminUser.teams.length > 0;\n if (hasTeams) {\n return context.security.listTeams({ where: { id_in: adminUser.teams } });\n }\n\n return [];\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: type => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n try {\n const results = await context.cms.storageOperations.entries.list(model, {\n limit: 100_000,\n where: {\n type,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n sort: [\"title_ASC\"]\n });\n\n return results.items.map(pickEntryFieldValues<Folder>);\n } catch (ex) {\n /**\n * Skip throwing an error if the error is related to the search phase execution.\n * This is a temporary solution to avoid breaking the entire system when no entries were ever inserted in the index.\n *\n * TODO: figure out better way to handle this.\n */\n if (ex.message === \"search_phase_execution_exception\") {\n return [];\n }\n throw ex;\n }\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => {\n if (setupAcoContextParams.useFolderLevelPermissions === false) {\n return false;\n }\n\n return context.wcp.canUseFolderLevelPermissions();\n },\n isAuthorizationEnabled: () => context.security.isAuthorizationEnabled()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => {\n return security.withoutAuthorization(async () => {\n return context.adminUsers.listUsers();\n });\n };\n const listTeams = () => {\n return security.withoutAuthorization(async () => {\n return context.security.listTeams();\n });\n };\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = (params: CreateAcoContextParams = {}) => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (!(await isHeadlessCmsReady(context))) {\n return;\n }\n\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context, params);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AACA,IAAAI,2BAAA,GAAAJ,OAAA;AAEA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,qBAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAMA,MAAMgB,eAAe,GAAG,MAAAA,CACpBC,OAAmB,EACnBC,qBAA6C,KAC7B;EAChB,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGJ,OAAO;EAE3C,MAAMK,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEb,OAAO,CAACa,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMd,OAAO;IAC5BG;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,iBAAiB,EAAE,MAAAA,CAAA,KAAY;MAC3B,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,IAAI,CAACG,QAAQ,EAAE;UACX,OAAO,EAAE;QACb;QAEA,MAAMC,SAAS,GAAG,MAAMrB,OAAO,CAACsB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,EAAE;QACb;QAEA,MAAMK,QAAQ,GAAGL,SAAS,CAACM,KAAK,IAAIN,SAAS,CAACM,KAAK,CAACC,MAAM,GAAG,CAAC;QAC9D,IAAIF,QAAQ,EAAE;UACV,OAAO1B,OAAO,CAACG,QAAQ,CAAC0B,SAAS,CAAC;YAAEL,KAAK,EAAE;cAAEM,KAAK,EAAET,SAAS,CAACM;YAAM;UAAE,CAAC,CAAC;QAC5E;QAEA,OAAO,EAAE;MACb,CAAC,CAAC;IACN,CAAC;IACDI,eAAe,EAAEA,CAAA,KAAM5B,QAAQ,CAAC4B,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAEC,IAAI,IAAI;MACpB;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BxB,GAAG,EAAEb,OAAO,CAACa,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMd,OAAO;QAC5BG;MACJ,CAAC,CAAC;MAEF,OAAO+B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,IAAI;UACA,MAAMC,OAAO,GAAG,MAAMvC,OAAO,CAACa,GAAG,CAACF,iBAAiB,CAAC6B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;YACpEI,KAAK,EAAE,OAAO;YACdlB,KAAK,EAAE;cACHS,IAAI;cAEJ;cACAU,MAAM,EAAE;YACZ,CAAC;YACDC,IAAI,EAAE,CAAC,WAAW;UACtB,CAAC,CAAC;UAEF,OAAOL,OAAO,CAACM,KAAK,CAACC,GAAG,CAACC,0CAA4B,CAAC;QAC1D,CAAC,CAAC,OAAOC,EAAE,EAAE;UACT;AACpB;AACA;AACA;AACA;AACA;UACoB,IAAIA,EAAE,CAACC,OAAO,KAAK,kCAAkC,EAAE;YACnD,OAAO,EAAE;UACb;UACA,MAAMD,EAAE;QACZ;MACJ,CAAC,CAAC;IACN,CAAC;IACDE,WAAW,EAAEA,CAAA,KAAMlD,OAAO,CAACmD,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAM;MAChC,IAAInD,qBAAqB,CAACoD,yBAAyB,KAAK,KAAK,EAAE;QAC3D,OAAO,KAAK;MAChB;MAEA,OAAOrD,OAAO,CAACmD,GAAG,CAACC,4BAA4B,CAAC,CAAC;IACrD,CAAC;IACDE,sBAAsB,EAAEA,CAAA,KAAMtD,OAAO,CAACG,QAAQ,CAACmD,sBAAsB,CAAC;EAC1E,CAAC,CAAC;EAEF,MAAMC,MAAuB,GAAG;IAC5BlD,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAMyC,kBAAkB,GAAG,MAAMxD,OAAO,CAACG,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOnB,OAAO,CAACa,GAAG,CAAC4C,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAIhD,cAAW,CAAC,uCAAuCkD,+BAAsB,EAAE,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAAC5D,OAAO,EAAEuD,MAAM,CAAC;EACzC,MAAMM,OAAO,GAAG7D,OAAO,CAAC6D,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAAC9B,IAAI,CAAC;EACvF,KAAK,MAAM+B,MAAM,IAAIH,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACM,QAAQ,CAAC;MAChB3B,KAAK,EAAEkB,kBAAkB;MACzB,GAAGQ,MAAM,CAACE;IACd,CAAC,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM;IACzB,OAAOhE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACsB,UAAU,CAAC8C,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC;EACN,CAAC;EACD,MAAMvC,SAAS,GAAGA,CAAA,KAAM;IACpB,OAAO1B,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACG,QAAQ,CAAC0B,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC;EACN,CAAC;EAED7B,OAAO,CAACqE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,EAAC;MAC5B,GAAGhB,MAAM;MACTY,cAAc;MACdtC;IACJ,CAAC,CAAC;IACF2C,MAAM,EAAE,IAAAC,qCAA6B,EAAClB,MAAM,CAAC;IAC7CxC,sBAAsB;IACtB2D,MAAM,EAAE,IAAAC,+BAAuB,EAACpB,MAAM,CAAC;IACvCI,IAAI;IACJiB,MAAM,EAAGC,IAAY,IAAKlB,IAAI,CAACmB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMpB,IAAI,CAAClB,IAAI,CAAC,CAAC;IAC3BuC,WAAW,EAAE,MAAOzB,MAA6B,IAAK;MAClD,OAAOI,IAAI,CAACM,QAAQ,CAAC;QACjB3B,KAAK,EAAEkB,kBAAkB;QACzB,GAAGD;MACP,CAAC,CAAC;IACN;EACJ,CAAC;EAED,IAAIvD,OAAO,CAACmD,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAI6B,kDAAwB,CAAC;MAAEjF;IAAQ,CAAC,CAAC,CAACkF,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;AAEM,MAAMC,gBAAgB,GAAGA,CAAC5B,MAA8B,GAAG,CAAC,CAAC,KAAK;EACrE,MAAMS,MAAM,GAAG,IAAIoB,kBAAa,CAAa,MAAMpF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,EAAE,MAAM,IAAAqF,kCAAkB,EAACrF,OAAO,CAAC,CAAC,EAAE;MACtC;IACJ;IAEA,MAAMA,OAAO,CAACsF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAMxF,eAAe,CAACC,OAAO,EAAEuD,MAAM,CAAC;IAC1C,CAAC,CAAC;IAEF,MAAMvD,OAAO,CAACsF,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAACxF,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEFgE,MAAM,CAACa,IAAI,GAAG,mBAAmB;EAEjC,OAAOb,MAAM;AACjB,CAAC;AAACyB,OAAA,CAAAN,gBAAA,GAAAA,gBAAA","ignoreList":[]}
1
+ {"version":3,"names":["_error","_interopRequireDefault","require","_api","_apiHeadlessCms","_createAcoHooks","_createAcoStorageOperations","_folder","_record","_apps","_record2","_plugins","_FolderLevelPermissions","_CmsEntriesCrudDecorators","_folder2","_createOperationsWrapper","_pickEntryFieldValues","_filter","setupAcoContext","context","setupAcoContextParams","tenancy","security","i18n","getLocale","locale","getContentLocale","WebinyError","getTenant","getCurrentTenant","storageOperations","createAcoStorageOperations","cms","getCmsContext","folderLevelPermissions","FolderLevelPermissions","getIdentity","listIdentityTeams","withoutAuthorization","identity","adminUser","adminUsers","getUser","where","id","hasTeams","teams","length","listTeams","id_in","listPermissions","listAllFolders","params","withModel","createOperationsWrapper","modelName","FOLDER_MODEL_ID","model","response","entries","list","limit","latest","after","sort","items","map","pickEntryFieldValues","cursor","totalCount","hasMoreItems","ex","message","canUseTeams","wcp","canUseFolderLevelPermissions","useFolderLevelPermissions","isAuthorizationEnabled","defaultRecordModel","getModel","SEARCH_RECORD_MODEL_ID","apps","AcoApps","plugins","byType","AcoAppRegisterPlugin","type","plugin","register","app","listAdminUsers","listUsers","aco","folder","createFolderCrudMethods","search","createSearchRecordCrudMethods","filter","createFilterCrudMethods","getApp","name","get","listApps","registerApp","CmsEntriesCrudDecorators","decorate","createAcoContext","ContextPlugin","isHeadlessCmsReady","benchmark","measure","createAcoHooks","exports"],"sources":["createAcoContext.ts"],"sourcesContent":["import WebinyError from \"@webiny/error\";\nimport { ContextPlugin } from \"@webiny/api\";\nimport { I18NLocale } from \"@webiny/api-i18n/types\";\nimport { Tenant } from \"@webiny/api-tenancy/types\";\nimport { isHeadlessCmsReady } from \"@webiny/api-headless-cms\";\nimport { createAcoHooks } from \"~/createAcoHooks\";\nimport { createAcoStorageOperations } from \"~/createAcoStorageOperations\";\nimport {\n AcoContext,\n CreateAcoParams,\n Folder,\n IAcoAppRegisterParams,\n ListFoldersParams\n} from \"~/types\";\nimport { createFolderCrudMethods } from \"~/folder/folder.crud\";\nimport { createSearchRecordCrudMethods } from \"~/record/record.crud\";\nimport { AcoApps } from \"./apps\";\nimport { SEARCH_RECORD_MODEL_ID } from \"~/record/record.model\";\nimport { AcoAppRegisterPlugin } from \"~/plugins\";\nimport { FolderLevelPermissions } from \"~/utils/FolderLevelPermissions\";\nimport { CmsEntriesCrudDecorators } from \"~/utils/decorators/CmsEntriesCrudDecorators\";\nimport { FOLDER_MODEL_ID } from \"~/folder/folder.model\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { pickEntryFieldValues } from \"~/utils/pickEntryFieldValues\";\nimport { createFilterCrudMethods } from \"~/filter/filter.crud\";\n\ninterface CreateAcoContextParams {\n useFolderLevelPermissions?: boolean;\n}\n\nconst setupAcoContext = async (\n context: AcoContext,\n setupAcoContextParams: CreateAcoContextParams\n): Promise<void> => {\n const { tenancy, security, i18n } = context;\n\n const getLocale = (): I18NLocale => {\n const locale = i18n.getContentLocale();\n if (!locale) {\n throw new WebinyError(\n \"Missing content locale in api-aco/plugins/context.ts\",\n \"LOCALE_ERROR\"\n );\n }\n\n return locale;\n };\n\n const getTenant = (): Tenant => {\n return tenancy.getCurrentTenant();\n };\n\n const storageOperations = createAcoStorageOperations({\n /**\n * TODO: We need to figure out a way to pass \"cms\" from outside (e.g. apps/api/graphql)\n */\n cms: context.cms,\n /**\n * TODO: This is required for \"entryFieldFromStorageTransform\" which access plugins from context.\n */\n getCmsContext: () => context,\n security\n });\n\n const folderLevelPermissions = new FolderLevelPermissions({\n getIdentity: () => security.getIdentity(),\n listIdentityTeams: async () => {\n return security.withoutAuthorization(async () => {\n const identity = security.getIdentity();\n if (!identity) {\n return [];\n }\n\n const adminUser = await context.adminUsers.getUser({ where: { id: identity.id } });\n if (!adminUser) {\n return [];\n }\n\n const hasTeams = adminUser.teams && adminUser.teams.length > 0;\n if (hasTeams) {\n return context.security.listTeams({ where: { id_in: adminUser.teams } });\n }\n\n return [];\n });\n },\n listPermissions: () => security.listPermissions(),\n listAllFolders: (params: ListFoldersParams) => {\n // When retrieving a list of all folders, we want to do it in the\n // fastest way and that is by directly using CMS's storage operations.\n const { withModel } = createOperationsWrapper({\n modelName: FOLDER_MODEL_ID,\n cms: context.cms,\n getCmsContext: () => context,\n security\n });\n\n return withModel(async model => {\n try {\n const response = await context.cms.storageOperations.entries.list(model, {\n limit: 10_000,\n where: {\n ...params.where,\n\n // Folders always work with latest entries. We never publish them.\n latest: true\n },\n after: params.after,\n sort: [\"title_ASC\"]\n });\n\n return [\n response.items.map(pickEntryFieldValues<Folder>),\n {\n cursor: response.cursor,\n totalCount: response.totalCount,\n hasMoreItems: response.hasMoreItems\n }\n ];\n } catch (ex) {\n /**\n * Skip throwing an error if the error is related to the search phase execution.\n * This is a temporary solution to avoid breaking the entire system when no entries were ever inserted in the index.\n *\n * TODO: figure out better way to handle this.\n */\n if (ex.message === \"search_phase_execution_exception\") {\n return [\n [],\n {\n cursor: null,\n totalCount: 0,\n hasMoreItems: false\n }\n ];\n }\n throw ex;\n }\n });\n },\n canUseTeams: () => context.wcp.canUseTeams(),\n canUseFolderLevelPermissions: () => {\n if (setupAcoContextParams.useFolderLevelPermissions === false) {\n return false;\n }\n\n return context.wcp.canUseFolderLevelPermissions();\n },\n isAuthorizationEnabled: () => context.security.isAuthorizationEnabled()\n });\n\n const params: CreateAcoParams = {\n getLocale,\n getTenant,\n storageOperations,\n folderLevelPermissions\n };\n\n const defaultRecordModel = await context.security.withoutAuthorization(async () => {\n return context.cms.getModel(SEARCH_RECORD_MODEL_ID);\n });\n\n if (!defaultRecordModel) {\n throw new WebinyError(`There is no default record model in ${SEARCH_RECORD_MODEL_ID}`);\n }\n\n /**\n * First we need to create all the apps.\n */\n const apps = new AcoApps(context, params);\n const plugins = context.plugins.byType<AcoAppRegisterPlugin>(AcoAppRegisterPlugin.type);\n for (const plugin of plugins) {\n await apps.register({\n model: defaultRecordModel,\n ...plugin.app\n });\n }\n\n const listAdminUsers = () => {\n return security.withoutAuthorization(async () => {\n return context.adminUsers.listUsers();\n });\n };\n const listTeams = () => {\n return security.withoutAuthorization(async () => {\n return context.security.listTeams();\n });\n };\n\n context.aco = {\n folder: createFolderCrudMethods({\n ...params,\n listAdminUsers,\n listTeams\n }),\n search: createSearchRecordCrudMethods(params),\n folderLevelPermissions,\n filter: createFilterCrudMethods(params),\n apps,\n getApp: (name: string) => apps.get(name),\n listApps: () => apps.list(),\n registerApp: async (params: IAcoAppRegisterParams) => {\n return apps.register({\n model: defaultRecordModel,\n ...params\n });\n }\n };\n\n if (context.wcp.canUseFolderLevelPermissions()) {\n new CmsEntriesCrudDecorators({ context }).decorate();\n\n // PB decorators registered here: packages/api-page-builder-aco/src/index.ts\n // new PageBuilderCrudDecorators({ context }).decorate();\n }\n};\n\nexport const createAcoContext = (params: CreateAcoContextParams = {}) => {\n const plugin = new ContextPlugin<AcoContext>(async context => {\n /**\n * We can skip the ACO initialization if the installation is pending.\n */\n if (!(await isHeadlessCmsReady(context))) {\n return;\n }\n\n await context.benchmark.measure(\"aco.context.setup\", async () => {\n await setupAcoContext(context, params);\n });\n\n await context.benchmark.measure(\"aco.context.hooks\", async () => {\n await createAcoHooks(context);\n });\n });\n\n plugin.name = \"aco.createContext\";\n\n return plugin;\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAGA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,eAAA,GAAAH,OAAA;AACA,IAAAI,2BAAA,GAAAJ,OAAA;AAQA,IAAAK,OAAA,GAAAL,OAAA;AACA,IAAAM,OAAA,GAAAN,OAAA;AACA,IAAAO,KAAA,GAAAP,OAAA;AACA,IAAAQ,QAAA,GAAAR,OAAA;AACA,IAAAS,QAAA,GAAAT,OAAA;AACA,IAAAU,uBAAA,GAAAV,OAAA;AACA,IAAAW,yBAAA,GAAAX,OAAA;AACA,IAAAY,QAAA,GAAAZ,OAAA;AACA,IAAAa,wBAAA,GAAAb,OAAA;AACA,IAAAc,qBAAA,GAAAd,OAAA;AACA,IAAAe,OAAA,GAAAf,OAAA;AAMA,MAAMgB,eAAe,GAAG,MAAAA,CACpBC,OAAmB,EACnBC,qBAA6C,KAC7B;EAChB,MAAM;IAAEC,OAAO;IAAEC,QAAQ;IAAEC;EAAK,CAAC,GAAGJ,OAAO;EAE3C,MAAMK,SAAS,GAAGA,CAAA,KAAkB;IAChC,MAAMC,MAAM,GAAGF,IAAI,CAACG,gBAAgB,CAAC,CAAC;IACtC,IAAI,CAACD,MAAM,EAAE;MACT,MAAM,IAAIE,cAAW,CACjB,sDAAsD,EACtD,cACJ,CAAC;IACL;IAEA,OAAOF,MAAM;EACjB,CAAC;EAED,MAAMG,SAAS,GAAGA,CAAA,KAAc;IAC5B,OAAOP,OAAO,CAACQ,gBAAgB,CAAC,CAAC;EACrC,CAAC;EAED,MAAMC,iBAAiB,GAAG,IAAAC,sDAA0B,EAAC;IACjD;AACR;AACA;IACQC,GAAG,EAAEb,OAAO,CAACa,GAAG;IAChB;AACR;AACA;IACQC,aAAa,EAAEA,CAAA,KAAMd,OAAO;IAC5BG;EACJ,CAAC,CAAC;EAEF,MAAMY,sBAAsB,GAAG,IAAIC,8CAAsB,CAAC;IACtDC,WAAW,EAAEA,CAAA,KAAMd,QAAQ,CAACc,WAAW,CAAC,CAAC;IACzCC,iBAAiB,EAAE,MAAAA,CAAA,KAAY;MAC3B,OAAOf,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;QAC7C,MAAMC,QAAQ,GAAGjB,QAAQ,CAACc,WAAW,CAAC,CAAC;QACvC,IAAI,CAACG,QAAQ,EAAE;UACX,OAAO,EAAE;QACb;QAEA,MAAMC,SAAS,GAAG,MAAMrB,OAAO,CAACsB,UAAU,CAACC,OAAO,CAAC;UAAEC,KAAK,EAAE;YAAEC,EAAE,EAAEL,QAAQ,CAACK;UAAG;QAAE,CAAC,CAAC;QAClF,IAAI,CAACJ,SAAS,EAAE;UACZ,OAAO,EAAE;QACb;QAEA,MAAMK,QAAQ,GAAGL,SAAS,CAACM,KAAK,IAAIN,SAAS,CAACM,KAAK,CAACC,MAAM,GAAG,CAAC;QAC9D,IAAIF,QAAQ,EAAE;UACV,OAAO1B,OAAO,CAACG,QAAQ,CAAC0B,SAAS,CAAC;YAAEL,KAAK,EAAE;cAAEM,KAAK,EAAET,SAAS,CAACM;YAAM;UAAE,CAAC,CAAC;QAC5E;QAEA,OAAO,EAAE;MACb,CAAC,CAAC;IACN,CAAC;IACDI,eAAe,EAAEA,CAAA,KAAM5B,QAAQ,CAAC4B,eAAe,CAAC,CAAC;IACjDC,cAAc,EAAGC,MAAyB,IAAK;MAC3C;MACA;MACA,MAAM;QAAEC;MAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;QAC1CC,SAAS,EAAEC,wBAAe;QAC1BxB,GAAG,EAAEb,OAAO,CAACa,GAAG;QAChBC,aAAa,EAAEA,CAAA,KAAMd,OAAO;QAC5BG;MACJ,CAAC,CAAC;MAEF,OAAO+B,SAAS,CAAC,MAAMI,KAAK,IAAI;QAC5B,IAAI;UACA,MAAMC,QAAQ,GAAG,MAAMvC,OAAO,CAACa,GAAG,CAACF,iBAAiB,CAAC6B,OAAO,CAACC,IAAI,CAACH,KAAK,EAAE;YACrEI,KAAK,EAAE,MAAM;YACblB,KAAK,EAAE;cACH,GAAGS,MAAM,CAACT,KAAK;cAEf;cACAmB,MAAM,EAAE;YACZ,CAAC;YACDC,KAAK,EAAEX,MAAM,CAACW,KAAK;YACnBC,IAAI,EAAE,CAAC,WAAW;UACtB,CAAC,CAAC;UAEF,OAAO,CACHN,QAAQ,CAACO,KAAK,CAACC,GAAG,CAACC,0CAA4B,CAAC,EAChD;YACIC,MAAM,EAAEV,QAAQ,CAACU,MAAM;YACvBC,UAAU,EAAEX,QAAQ,CAACW,UAAU;YAC/BC,YAAY,EAAEZ,QAAQ,CAACY;UAC3B,CAAC,CACJ;QACL,CAAC,CAAC,OAAOC,EAAE,EAAE;UACT;AACpB;AACA;AACA;AACA;AACA;UACoB,IAAIA,EAAE,CAACC,OAAO,KAAK,kCAAkC,EAAE;YACnD,OAAO,CACH,EAAE,EACF;cACIJ,MAAM,EAAE,IAAI;cACZC,UAAU,EAAE,CAAC;cACbC,YAAY,EAAE;YAClB,CAAC,CACJ;UACL;UACA,MAAMC,EAAE;QACZ;MACJ,CAAC,CAAC;IACN,CAAC;IACDE,WAAW,EAAEA,CAAA,KAAMtD,OAAO,CAACuD,GAAG,CAACD,WAAW,CAAC,CAAC;IAC5CE,4BAA4B,EAAEA,CAAA,KAAM;MAChC,IAAIvD,qBAAqB,CAACwD,yBAAyB,KAAK,KAAK,EAAE;QAC3D,OAAO,KAAK;MAChB;MAEA,OAAOzD,OAAO,CAACuD,GAAG,CAACC,4BAA4B,CAAC,CAAC;IACrD,CAAC;IACDE,sBAAsB,EAAEA,CAAA,KAAM1D,OAAO,CAACG,QAAQ,CAACuD,sBAAsB,CAAC;EAC1E,CAAC,CAAC;EAEF,MAAMzB,MAAuB,GAAG;IAC5B5B,SAAS;IACTI,SAAS;IACTE,iBAAiB;IACjBI;EACJ,CAAC;EAED,MAAM4C,kBAAkB,GAAG,MAAM3D,OAAO,CAACG,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;IAC/E,OAAOnB,OAAO,CAACa,GAAG,CAAC+C,QAAQ,CAACC,+BAAsB,CAAC;EACvD,CAAC,CAAC;EAEF,IAAI,CAACF,kBAAkB,EAAE;IACrB,MAAM,IAAInD,cAAW,CAAC,uCAAuCqD,+BAAsB,EAAE,CAAC;EAC1F;;EAEA;AACJ;AACA;EACI,MAAMC,IAAI,GAAG,IAAIC,aAAO,CAAC/D,OAAO,EAAEiC,MAAM,CAAC;EACzC,MAAM+B,OAAO,GAAGhE,OAAO,CAACgE,OAAO,CAACC,MAAM,CAAuBC,6BAAoB,CAACC,IAAI,CAAC;EACvF,KAAK,MAAMC,MAAM,IAAIJ,OAAO,EAAE;IAC1B,MAAMF,IAAI,CAACO,QAAQ,CAAC;MAChB/B,KAAK,EAAEqB,kBAAkB;MACzB,GAAGS,MAAM,CAACE;IACd,CAAC,CAAC;EACN;EAEA,MAAMC,cAAc,GAAGA,CAAA,KAAM;IACzB,OAAOpE,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACsB,UAAU,CAACkD,SAAS,CAAC,CAAC;IACzC,CAAC,CAAC;EACN,CAAC;EACD,MAAM3C,SAAS,GAAGA,CAAA,KAAM;IACpB,OAAO1B,QAAQ,CAACgB,oBAAoB,CAAC,YAAY;MAC7C,OAAOnB,OAAO,CAACG,QAAQ,CAAC0B,SAAS,CAAC,CAAC;IACvC,CAAC,CAAC;EACN,CAAC;EAED7B,OAAO,CAACyE,GAAG,GAAG;IACVC,MAAM,EAAE,IAAAC,+BAAuB,EAAC;MAC5B,GAAG1C,MAAM;MACTsC,cAAc;MACd1C;IACJ,CAAC,CAAC;IACF+C,MAAM,EAAE,IAAAC,qCAA6B,EAAC5C,MAAM,CAAC;IAC7ClB,sBAAsB;IACtB+D,MAAM,EAAE,IAAAC,+BAAuB,EAAC9C,MAAM,CAAC;IACvC6B,IAAI;IACJkB,MAAM,EAAGC,IAAY,IAAKnB,IAAI,CAACoB,GAAG,CAACD,IAAI,CAAC;IACxCE,QAAQ,EAAEA,CAAA,KAAMrB,IAAI,CAACrB,IAAI,CAAC,CAAC;IAC3B2C,WAAW,EAAE,MAAOnD,MAA6B,IAAK;MAClD,OAAO6B,IAAI,CAACO,QAAQ,CAAC;QACjB/B,KAAK,EAAEqB,kBAAkB;QACzB,GAAG1B;MACP,CAAC,CAAC;IACN;EACJ,CAAC;EAED,IAAIjC,OAAO,CAACuD,GAAG,CAACC,4BAA4B,CAAC,CAAC,EAAE;IAC5C,IAAI6B,kDAAwB,CAAC;MAAErF;IAAQ,CAAC,CAAC,CAACsF,QAAQ,CAAC,CAAC;;IAEpD;IACA;EACJ;AACJ,CAAC;AAEM,MAAMC,gBAAgB,GAAGA,CAACtD,MAA8B,GAAG,CAAC,CAAC,KAAK;EACrE,MAAMmC,MAAM,GAAG,IAAIoB,kBAAa,CAAa,MAAMxF,OAAO,IAAI;IAC1D;AACR;AACA;IACQ,IAAI,EAAE,MAAM,IAAAyF,kCAAkB,EAACzF,OAAO,CAAC,CAAC,EAAE;MACtC;IACJ;IAEA,MAAMA,OAAO,CAAC0F,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM5F,eAAe,CAACC,OAAO,EAAEiC,MAAM,CAAC;IAC1C,CAAC,CAAC;IAEF,MAAMjC,OAAO,CAAC0F,SAAS,CAACC,OAAO,CAAC,mBAAmB,EAAE,YAAY;MAC7D,MAAM,IAAAC,8BAAc,EAAC5F,OAAO,CAAC;IACjC,CAAC,CAAC;EACN,CAAC,CAAC;EAEFoE,MAAM,CAACa,IAAI,GAAG,mBAAmB;EAEjC,OAAOb,MAAM;AACjB,CAAC;AAACyB,OAAA,CAAAN,gBAAA,GAAAA,gBAAA","ignoreList":[]}
package/folder/folder.crud.js CHANGED
@@ -115,9 +115,7 @@ const createFolderCrudMethods = ({
115
115
  // invalidating the permissions list cache for the folder type. We cannot rely on the cache
116
116
  // to check if the user has access, because the cache is no longer up to date.
117
117
  folderLevelPermissions.invalidateFoldersPermissionsListCache(folder.type);
118
- folderLevelPermissions.updateFoldersCache(folder.type, cachedFolders => {
119
- return [...cachedFolders, folder];
120
- });
118
+ folderLevelPermissions.addFolderToCache(folder.type, folder);
121
119
 
122
120
  // With caches updated and invalidated, we can now assign correct permissions to the folder.
123
121
  await folderLevelPermissions.assignFolderPermissions(folder);
@@ -171,16 +169,14 @@ const createFolderCrudMethods = ({
171
169
  // internal cache with new folder data. Then, we're invalidating the permissions list
172
170
  // cache for the folder type. We cannot rely on the cache to check if the user still
173
171
  // has access, because the cache might no longer be up-to-date.
174
- folderLevelPermissions.updateFoldersCache(original.type, cachedFolders => {
175
- return cachedFolders.map(currentFolder => {
176
- if (currentFolder.id !== id) {
177
- return currentFolder;
178
- }
179
- return {
180
- ...currentFolder,
181
- ...data
182
- };
183
- });
172
+ folderLevelPermissions.updateFoldersCache(original.type, cachedFolder => {
173
+ if (cachedFolder.id !== id) {
174
+ return cachedFolder;
175
+ }
176
+ return {
177
+ ...cachedFolder,
178
+ ...data
179
+ };
184
180
  });
185
181
  folderLevelPermissions.invalidateFoldersPermissionsListCache(original.type);
186
182
 
package/folder/folder.crud.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_pubsub","require","_validation","_getFolderAndItsAncestors","_NotAuthorizedError","_interopRequireDefault","_error","FIXED_FOLDER_LISTING_LIMIT","createFolderCrudMethods","storageOperations","folderLevelPermissions","listAdminUsers","listTeams","onFolderBeforeCreate","createTopic","onFolderAfterCreate","onFolderBeforeUpdate","onFolderAfterUpdate","onFolderBeforeDelete","onFolderAfterDelete","get","id","folder","getFolder","ensureCanAccessFolder","rwd","assignFolderPermissions","list","params","filteredFolders","listAllFoldersWithPermissions","where","type","then","parentId","filter","totalCount","length","hasMoreItems","cursor","after","afterListItemIndex","findIndex","splice","limit","listAll","create","data","canCreateFolder","parentFolder","canAccessFolder","canCreateFolderInRoot","NotAuthorizedError","publish","input","createFolder","invalidateFoldersPermissionsListCache","updateFoldersCache","cachedFolders","update","original","canUpdateFolder","Array","isArray","permissions","forEach","permission","targetIsValid","target","startsWith","Error","inheritedFrom","e","WError","map","currentFolder","stillHasAccess","updateFolder","delete","deleteFolder","getAncestors","folders","getFolderAndItsAncestors","getFolderWithAncestors","listFolderLevelPermissionsTargets","adminUsers","teams","teamTargets","team","name","meta","adminUserTargets","user","displayName","firstName","lastName","Boolean","join","email","validation","validateSync","image","avatar","src","results","exports"],"sources":["folder.crud.ts"],"sourcesContent":["import { createTopic } from \"@webiny/pubsub\";\nimport { validation } from \"@webiny/validation\";\nimport { CreateAcoParams, Folder } from \"~/types\";\nimport {\n AcoFolderCrud,\n OnFolderAfterCreateTopicParams,\n OnFolderAfterDeleteTopicParams,\n OnFolderAfterUpdateTopicParams,\n OnFolderBeforeCreateTopicParams,\n OnFolderBeforeDeleteTopicParams,\n OnFolderBeforeUpdateTopicParams\n} from \"./folder.types\";\n\nimport { getFolderAndItsAncestors } from \"~/utils/getFolderAndItsAncestors\";\nimport NotAuthorizedError from \"@webiny/api-security/NotAuthorizedError\";\nimport { AdminUser } from \"@webiny/api-admin-users/types\";\nimport { Team } from \"@webiny/api-security/types\";\nimport WError from \"@webiny/error\";\n\nconst FIXED_FOLDER_LISTING_LIMIT = 10_000;\n\ninterface CreateFolderCrudMethodsParams extends CreateAcoParams {\n listAdminUsers: () => Promise<AdminUser[]>;\n listTeams: () => Promise<Team[]>;\n}\n\nexport const createFolderCrudMethods = ({\n storageOperations,\n folderLevelPermissions,\n listAdminUsers,\n listTeams\n}: CreateFolderCrudMethodsParams): AcoFolderCrud => {\n // create\n const onFolderBeforeCreate = createTopic<OnFolderBeforeCreateTopicParams>(\n \"aco.onFolderBeforeCreate\"\n );\n const onFolderAfterCreate =\n createTopic<OnFolderAfterCreateTopicParams>(\"aco.onFolderAfterCreate\");\n // update\n const onFolderBeforeUpdate = createTopic<OnFolderBeforeUpdateTopicParams>(\n \"aco.onFolderBeforeUpdate\"\n );\n const onFolderAfterUpdate =\n createTopic<OnFolderAfterUpdateTopicParams>(\"aco.onFolderAfterUpdate\");\n // delete\n const onFolderBeforeDelete = createTopic<OnFolderBeforeDeleteTopicParams>(\n \"aco.onFolderBeforeDelete\"\n );\n const onFolderAfterDelete =\n createTopic<OnFolderAfterDeleteTopicParams>(\"aco.onFolderAfterDelete\");\n\n return {\n /**\n * Lifecycle events\n */\n onFolderBeforeCreate,\n onFolderAfterCreate,\n onFolderBeforeUpdate,\n onFolderAfterUpdate,\n onFolderBeforeDelete,\n onFolderAfterDelete,\n\n async get(id) {\n const folder = await storageOperations.getFolder({ id });\n\n await folderLevelPermissions.ensureCanAccessFolder({\n folder,\n rwd: \"r\"\n });\n\n await folderLevelPermissions.assignFolderPermissions(folder);\n return folder;\n },\n async list(params) {\n // No matter what was the limit set in the params, initially, we always retrieve\n // all folders. The limit is then applied with the filtered folders list below.\n const filteredFolders = await folderLevelPermissions\n .listAllFoldersWithPermissions(params.where.type)\n .then(filteredFolders => {\n // If `parentId` was included in the `where` clause, we need to filter the folders.\n // TODO: we might want to incorporate this into the `listAllFoldersWithPermissions` method.\n if (params.where.parentId) {\n // Filter by parent ID.\n return filteredFolders.filter(\n folder => folder.parentId === params.where.parentId\n );\n }\n return filteredFolders;\n });\n\n const totalCount = filteredFolders.length;\n let hasMoreItems = false;\n let cursor: string | null = null;\n\n // Apply cursor/limit params.\n if (params.after) {\n const afterListItemIndex = filteredFolders.findIndex(\n folder => folder.id === params.after\n );\n if (afterListItemIndex >= 0) {\n // Remove all items below the \"after\" item.\n filteredFolders.splice(0, afterListItemIndex + 1);\n }\n }\n\n hasMoreItems = !!params.limit && filteredFolders.length > params.limit;\n\n if (hasMoreItems) {\n cursor = filteredFolders[params.limit! - 1]?.id || null;\n filteredFolders.splice(params.limit!);\n }\n\n return [filteredFolders, { totalCount, hasMoreItems, cursor }];\n },\n\n async listAll(params) {\n return this.list({ ...params, limit: FIXED_FOLDER_LISTING_LIMIT });\n },\n\n async create(data) {\n let canCreateFolder = false;\n if (data.parentId) {\n const parentFolder = await storageOperations.getFolder({ id: data.parentId });\n canCreateFolder = await folderLevelPermissions.canAccessFolder({\n folder: parentFolder,\n rwd: \"w\"\n });\n } else {\n canCreateFolder = await folderLevelPermissions.canCreateFolderInRoot();\n }\n\n if (!canCreateFolder) {\n throw new NotAuthorizedError();\n }\n\n await onFolderBeforeCreate.publish({ input: data });\n const folder = await storageOperations.createFolder({ data });\n\n // We need to add the newly created folder to FLP's internal cache. Note that we're also\n // invalidating the permissions list cache for the folder type. We cannot rely on the cache\n // to check if the user has access, because the cache is no longer up to date.\n folderLevelPermissions.invalidateFoldersPermissionsListCache(folder.type);\n folderLevelPermissions.updateFoldersCache(folder.type, cachedFolders => {\n return [...cachedFolders, folder];\n });\n\n // With caches updated and invalidated, we can now assign correct permissions to the folder.\n await folderLevelPermissions.assignFolderPermissions(folder);\n\n await onFolderAfterCreate.publish({ folder });\n\n return folder;\n },\n\n async update(id, data) {\n const original = await storageOperations.getFolder({ id });\n\n const canUpdateFolder = await folderLevelPermissions.canAccessFolder({\n folder: original,\n rwd: \"w\"\n });\n\n if (!canUpdateFolder) {\n throw new NotAuthorizedError();\n }\n\n // Validate data.\n if (Array.isArray(data.permissions)) {\n data.permissions.forEach(permission => {\n const targetIsValid =\n permission.target.startsWith(\"admin:\") ||\n permission.target.startsWith(\"team:\");\n if (!targetIsValid) {\n throw new Error(`Permission target \"${permission.target}\" is not valid.`);\n }\n\n if (permission.inheritedFrom) {\n throw new Error(`Permission \"inheritedFrom\" cannot be set manually.`);\n }\n });\n }\n\n // Parent change is not allowed if the user doesn't have access to the new parent.\n if (data.parentId && data.parentId !== original.parentId) {\n try {\n // Getting the parent folder will throw an error if the user doesn't have access.\n await this.get(data.parentId);\n } catch (e) {\n if (e instanceof NotAuthorizedError) {\n throw new WError(\n `Cannot move folder to a new parent because you don't have access to the new parent.`,\n \"CANNOT_MOVE_FOLDER_TO_NEW_PARENT\"\n );\n }\n\n // If we didn't receive the expected error, we still want to throw it.\n throw e;\n }\n }\n\n // Finally, we check if the user would lose access to the folder by making the update.\n // In order to do this, we need to make a couple of steps. First, we're updating FLP's\n // internal cache with new folder data. Then, we're invalidating the permissions list\n // cache for the folder type. We cannot rely on the cache to check if the user still\n // has access, because the cache might no longer be up-to-date.\n folderLevelPermissions.updateFoldersCache(original.type, cachedFolders => {\n return cachedFolders.map(currentFolder => {\n if (currentFolder.id !== id) {\n return currentFolder;\n }\n return { ...currentFolder, ...data };\n });\n });\n folderLevelPermissions.invalidateFoldersPermissionsListCache(original.type);\n\n // With caches updated and invalidated, we can now check if the user still\n // has access to the folder.\n const stillHasAccess = await folderLevelPermissions.canAccessFolder({\n folder: { id, type: original.type },\n rwd: \"w\"\n });\n\n if (!stillHasAccess) {\n throw new WError(\n `Cannot continue because you would loose access to this folder.`,\n \"CANNOT_LOOSE_FOLDER_ACCESS\"\n );\n }\n\n await onFolderBeforeUpdate.publish({ original, input: { id, data } });\n\n const folder = await storageOperations.updateFolder({ id, data });\n await folderLevelPermissions.assignFolderPermissions(folder);\n\n await onFolderAfterUpdate.publish({ original, input: { id, data }, folder });\n\n return folder;\n },\n\n async delete(id: string) {\n const folder = await storageOperations.getFolder({ id });\n\n await folderLevelPermissions.ensureCanAccessFolder({\n folder,\n rwd: \"d\"\n });\n\n await onFolderBeforeDelete.publish({ folder });\n await storageOperations.deleteFolder({ id });\n await onFolderAfterDelete.publish({ folder });\n return true;\n },\n\n async getAncestors(folder: Folder) {\n const [folders] = await this.listAll({ where: { type: folder.type } });\n return getFolderAndItsAncestors({ folder, folders });\n },\n\n /**\n * @deprecated use `getAncestors` instead\n */\n async getFolderWithAncestors(id: string) {\n const folder = await this.get(id);\n return this.getAncestors(folder);\n },\n\n async listFolderLevelPermissionsTargets() {\n const adminUsers = await listAdminUsers();\n const teams = await listTeams();\n\n const teamTargets = teams.map(team => ({\n id: team.id,\n type: \"team\",\n target: `team:${team.id}`,\n name: team.name || \"\",\n meta: {}\n }));\n\n const adminUserTargets = adminUsers.map(user => {\n let name = user.displayName;\n if (!name) {\n // For backwards compatibility, we also want to try concatenating first and last name.\n name = [user.firstName, user.lastName].filter(Boolean).join(\" \");\n }\n\n // We're doing the validation because, with non-Cognito IdPs (Okta, Auth0), the email\n // field might actually contain a non-email value: `id:${IdP_Identity_ID}`. In that case,\n // let's not assign anything to the `email` field.\n let email: string | null = user.email;\n try {\n validation.validateSync(email, \"email\");\n } catch {\n email = null;\n }\n\n const image = user.avatar?.src || null;\n\n return {\n id: user.id,\n type: \"admin\",\n target: `admin:${user.id}`,\n name,\n meta: {\n email,\n image\n }\n };\n });\n\n const results = [...teamTargets, ...adminUserTargets];\n const meta = { totalCount: results.length };\n\n return [results, meta];\n }\n };\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAYA,IAAAE,yBAAA,GAAAF,OAAA;AACA,IAAAG,mBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAGA,IAAAK,MAAA,GAAAD,sBAAA,CAAAJ,OAAA;AAEA,MAAMM,0BAA0B,GAAG,MAAM;AAOlC,MAAMC,uBAAuB,GAAGA,CAAC;EACpCC,iBAAiB;EACjBC,sBAAsB;EACtBC,cAAc;EACdC;AAC2B,CAAC,KAAoB;EAChD;EACA,MAAMC,oBAAoB,GAAG,IAAAC,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMC,mBAAmB,GACrB,IAAAD,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAME,oBAAoB,GAAG,IAAAF,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMG,mBAAmB,GACrB,IAAAH,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAMI,oBAAoB,GAAG,IAAAJ,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMK,mBAAmB,GACrB,IAAAL,mBAAW,EAAiC,yBAAyB,CAAC;EAE1E,OAAO;IACH;AACR;AACA;IACQD,oBAAoB;IACpBE,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IAEnB,MAAMC,GAAGA,CAACC,EAAE,EAAE;MACV,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMf,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAC5D,OAAOA,MAAM;IACjB,CAAC;IACD,MAAMK,IAAIA,CAACC,MAAM,EAAE;MACf;MACA;MACA,MAAMC,eAAe,GAAG,MAAMnB,sBAAsB,CAC/CoB,6BAA6B,CAACF,MAAM,CAACG,KAAK,CAACC,IAAI,CAAC,CAChDC,IAAI,CAACJ,eAAe,IAAI;QACrB;QACA;QACA,IAAID,MAAM,CAACG,KAAK,CAACG,QAAQ,EAAE;UACvB;UACA,OAAOL,eAAe,CAACM,MAAM,CACzBb,MAAM,IAAIA,MAAM,CAACY,QAAQ,KAAKN,MAAM,CAACG,KAAK,CAACG,QAC/C,CAAC;QACL;QACA,OAAOL,eAAe;MAC1B,CAAC,CAAC;MAEN,MAAMO,UAAU,GAAGP,eAAe,CAACQ,MAAM;MACzC,IAAIC,YAAY,GAAG,KAAK;MACxB,IAAIC,MAAqB,GAAG,IAAI;;MAEhC;MACA,IAAIX,MAAM,CAACY,KAAK,EAAE;QACd,MAAMC,kBAAkB,GAAGZ,eAAe,CAACa,SAAS,CAChDpB,MAAM,IAAIA,MAAM,CAACD,EAAE,KAAKO,MAAM,CAACY,KACnC,CAAC;QACD,IAAIC,kBAAkB,IAAI,CAAC,EAAE;UACzB;UACAZ,eAAe,CAACc,MAAM,CAAC,CAAC,EAAEF,kBAAkB,GAAG,CAAC,CAAC;QACrD;MACJ;MAEAH,YAAY,GAAG,CAAC,CAACV,MAAM,CAACgB,KAAK,IAAIf,eAAe,CAACQ,MAAM,GAAGT,MAAM,CAACgB,KAAK;MAEtE,IAAIN,YAAY,EAAE;QACdC,MAAM,GAAGV,eAAe,CAACD,MAAM,CAACgB,KAAK,GAAI,CAAC,CAAC,EAAEvB,EAAE,IAAI,IAAI;QACvDQ,eAAe,CAACc,MAAM,CAACf,MAAM,CAACgB,KAAM,CAAC;MACzC;MAEA,OAAO,CAACf,eAAe,EAAE;QAAEO,UAAU;QAAEE,YAAY;QAAEC;MAAO,CAAC,CAAC;IAClE,CAAC;IAED,MAAMM,OAAOA,CAACjB,MAAM,EAAE;MAClB,OAAO,IAAI,CAACD,IAAI,CAAC;QAAE,GAAGC,MAAM;QAAEgB,KAAK,EAAErC;MAA2B,CAAC,CAAC;IACtE,CAAC;IAED,MAAMuC,MAAMA,CAACC,IAAI,EAAE;MACf,IAAIC,eAAe,GAAG,KAAK;MAC3B,IAAID,IAAI,CAACb,QAAQ,EAAE;QACf,MAAMe,YAAY,GAAG,MAAMxC,iBAAiB,CAACc,SAAS,CAAC;UAAEF,EAAE,EAAE0B,IAAI,CAACb;QAAS,CAAC,CAAC;QAC7Ec,eAAe,GAAG,MAAMtC,sBAAsB,CAACwC,eAAe,CAAC;UAC3D5B,MAAM,EAAE2B,YAAY;UACpBxB,GAAG,EAAE;QACT,CAAC,CAAC;MACN,CAAC,MAAM;QACHuB,eAAe,GAAG,MAAMtC,sBAAsB,CAACyC,qBAAqB,CAAC,CAAC;MAC1E;MAEA,IAAI,CAACH,eAAe,EAAE;QAClB,MAAM,IAAII,2BAAkB,CAAC,CAAC;MAClC;MAEA,MAAMvC,oBAAoB,CAACwC,OAAO,CAAC;QAAEC,KAAK,EAAEP;MAAK,CAAC,CAAC;MACnD,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAAC8C,YAAY,CAAC;QAAER;MAAK,CAAC,CAAC;;MAE7D;MACA;MACA;MACArC,sBAAsB,CAAC8C,qCAAqC,CAAClC,MAAM,CAACU,IAAI,CAAC;MACzEtB,sBAAsB,CAAC+C,kBAAkB,CAACnC,MAAM,CAACU,IAAI,EAAE0B,aAAa,IAAI;QACpE,OAAO,CAAC,GAAGA,aAAa,EAAEpC,MAAM,CAAC;MACrC,CAAC,CAAC;;MAEF;MACA,MAAMZ,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAE5D,MAAMP,mBAAmB,CAACsC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAE7C,OAAOA,MAAM;IACjB,CAAC;IAED,MAAMqC,MAAMA,CAACtC,EAAE,EAAE0B,IAAI,EAAE;MACnB,MAAMa,QAAQ,GAAG,MAAMnD,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAE1D,MAAMwC,eAAe,GAAG,MAAMnD,sBAAsB,CAACwC,eAAe,CAAC;QACjE5B,MAAM,EAAEsC,QAAQ;QAChBnC,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,IAAI,CAACoC,eAAe,EAAE;QAClB,MAAM,IAAIT,2BAAkB,CAAC,CAAC;MAClC;;MAEA;MACA,IAAIU,KAAK,CAACC,OAAO,CAAChB,IAAI,CAACiB,WAAW,CAAC,EAAE;QACjCjB,IAAI,CAACiB,WAAW,CAACC,OAAO,CAACC,UAAU,IAAI;UACnC,MAAMC,aAAa,GACfD,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,IACtCH,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,OAAO,CAAC;UACzC,IAAI,CAACF,aAAa,EAAE;YAChB,MAAM,IAAIG,KAAK,CAAC,sBAAsBJ,UAAU,CAACE,MAAM,iBAAiB,CAAC;UAC7E;UAEA,IAAIF,UAAU,CAACK,aAAa,EAAE;YAC1B,MAAM,IAAID,KAAK,CAAC,oDAAoD,CAAC;UACzE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA,IAAIvB,IAAI,CAACb,QAAQ,IAAIa,IAAI,CAACb,QAAQ,KAAK0B,QAAQ,CAAC1B,QAAQ,EAAE;QACtD,IAAI;UACA;UACA,MAAM,IAAI,CAACd,GAAG,CAAC2B,IAAI,CAACb,QAAQ,CAAC;QACjC,CAAC,CAAC,OAAOsC,CAAC,EAAE;UACR,IAAIA,CAAC,YAAYpB,2BAAkB,EAAE;YACjC,MAAM,IAAIqB,cAAM,CACZ,qFAAqF,EACrF,kCACJ,CAAC;UACL;;UAEA;UACA,MAAMD,CAAC;QACX;MACJ;;MAEA;MACA;MACA;MACA;MACA;MACA9D,sBAAsB,CAAC+C,kBAAkB,CAACG,QAAQ,CAAC5B,IAAI,EAAE0B,aAAa,IAAI;QACtE,OAAOA,aAAa,CAACgB,GAAG,CAACC,aAAa,IAAI;UACtC,IAAIA,aAAa,CAACtD,EAAE,KAAKA,EAAE,EAAE;YACzB,OAAOsD,aAAa;UACxB;UACA,OAAO;YAAE,GAAGA,aAAa;YAAE,GAAG5B;UAAK,CAAC;QACxC,CAAC,CAAC;MACN,CAAC,CAAC;MACFrC,sBAAsB,CAAC8C,qCAAqC,CAACI,QAAQ,CAAC5B,IAAI,CAAC;;MAE3E;MACA;MACA,MAAM4C,cAAc,GAAG,MAAMlE,sBAAsB,CAACwC,eAAe,CAAC;QAChE5B,MAAM,EAAE;UAAED,EAAE;UAAEW,IAAI,EAAE4B,QAAQ,CAAC5B;QAAK,CAAC;QACnCP,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,IAAI,CAACmD,cAAc,EAAE;QACjB,MAAM,IAAIH,cAAM,CACZ,gEAAgE,EAChE,4BACJ,CAAC;MACL;MAEA,MAAMzD,oBAAoB,CAACqC,OAAO,CAAC;QAAEO,QAAQ;QAAEN,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK;MAAE,CAAC,CAAC;MAErE,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAACoE,YAAY,CAAC;QAAExD,EAAE;QAAE0B;MAAK,CAAC,CAAC;MACjE,MAAMrC,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAE5D,MAAML,mBAAmB,CAACoC,OAAO,CAAC;QAAEO,QAAQ;QAAEN,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK,CAAC;QAAEzB;MAAO,CAAC,CAAC;MAE5E,OAAOA,MAAM;IACjB,CAAC;IAED,MAAMwD,MAAMA,CAACzD,EAAU,EAAE;MACrB,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMP,oBAAoB,CAACmC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC9C,MAAMb,iBAAiB,CAACsE,YAAY,CAAC;QAAE1D;MAAG,CAAC,CAAC;MAC5C,MAAMF,mBAAmB,CAACkC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC7C,OAAO,IAAI;IACf,CAAC;IAED,MAAM0D,YAAYA,CAAC1D,MAAc,EAAE;MAC/B,MAAM,CAAC2D,OAAO,CAAC,GAAG,MAAM,IAAI,CAACpC,OAAO,CAAC;QAAEd,KAAK,EAAE;UAAEC,IAAI,EAAEV,MAAM,CAACU;QAAK;MAAE,CAAC,CAAC;MACtE,OAAO,IAAAkD,kDAAwB,EAAC;QAAE5D,MAAM;QAAE2D;MAAQ,CAAC,CAAC;IACxD,CAAC;IAED;AACR;AACA;IACQ,MAAME,sBAAsBA,CAAC9D,EAAU,EAAE;MACrC,MAAMC,MAAM,GAAG,MAAM,IAAI,CAACF,GAAG,CAACC,EAAE,CAAC;MACjC,OAAO,IAAI,CAAC2D,YAAY,CAAC1D,MAAM,CAAC;IACpC,CAAC;IAED,MAAM8D,iCAAiCA,CAAA,EAAG;MACtC,MAAMC,UAAU,GAAG,MAAM1E,cAAc,CAAC,CAAC;MACzC,MAAM2E,KAAK,GAAG,MAAM1E,SAAS,CAAC,CAAC;MAE/B,MAAM2E,WAAW,GAAGD,KAAK,CAACZ,GAAG,CAACc,IAAI,KAAK;QACnCnE,EAAE,EAAEmE,IAAI,CAACnE,EAAE;QACXW,IAAI,EAAE,MAAM;QACZoC,MAAM,EAAE,QAAQoB,IAAI,CAACnE,EAAE,EAAE;QACzBoE,IAAI,EAAED,IAAI,CAACC,IAAI,IAAI,EAAE;QACrBC,IAAI,EAAE,CAAC;MACX,CAAC,CAAC,CAAC;MAEH,MAAMC,gBAAgB,GAAGN,UAAU,CAACX,GAAG,CAACkB,IAAI,IAAI;QAC5C,IAAIH,IAAI,GAAGG,IAAI,CAACC,WAAW;QAC3B,IAAI,CAACJ,IAAI,EAAE;UACP;UACAA,IAAI,GAAG,CAACG,IAAI,CAACE,SAAS,EAAEF,IAAI,CAACG,QAAQ,CAAC,CAAC5D,MAAM,CAAC6D,OAAO,CAAC,CAACC,IAAI,CAAC,GAAG,CAAC;QACpE;;QAEA;QACA;QACA;QACA,IAAIC,KAAoB,GAAGN,IAAI,CAACM,KAAK;QACrC,IAAI;UACAC,sBAAU,CAACC,YAAY,CAACF,KAAK,EAAE,OAAO,CAAC;QAC3C,CAAC,CAAC,MAAM;UACJA,KAAK,GAAG,IAAI;QAChB;QAEA,MAAMG,KAAK,GAAGT,IAAI,CAACU,MAAM,EAAEC,GAAG,IAAI,IAAI;QAEtC,OAAO;UACHlF,EAAE,EAAEuE,IAAI,CAACvE,EAAE;UACXW,IAAI,EAAE,OAAO;UACboC,MAAM,EAAE,SAASwB,IAAI,CAACvE,EAAE,EAAE;UAC1BoE,IAAI;UACJC,IAAI,EAAE;YACFQ,KAAK;YACLG;UACJ;QACJ,CAAC;MACL,CAAC,CAAC;MAEF,MAAMG,OAAO,GAAG,CAAC,GAAGjB,WAAW,EAAE,GAAGI,gBAAgB,CAAC;MACrD,MAAMD,IAAI,GAAG;QAAEtD,UAAU,EAAEoE,OAAO,CAACnE;MAAO,CAAC;MAE3C,OAAO,CAACmE,OAAO,EAAEd,IAAI,CAAC;IAC1B;EACJ,CAAC;AACL,CAAC;AAACe,OAAA,CAAAjG,uBAAA,GAAAA,uBAAA","ignoreList":[]}
1
+ {"version":3,"names":["_pubsub","require","_validation","_getFolderAndItsAncestors","_NotAuthorizedError","_interopRequireDefault","_error","FIXED_FOLDER_LISTING_LIMIT","createFolderCrudMethods","storageOperations","folderLevelPermissions","listAdminUsers","listTeams","onFolderBeforeCreate","createTopic","onFolderAfterCreate","onFolderBeforeUpdate","onFolderAfterUpdate","onFolderBeforeDelete","onFolderAfterDelete","get","id","folder","getFolder","ensureCanAccessFolder","rwd","assignFolderPermissions","list","params","filteredFolders","listAllFoldersWithPermissions","where","type","then","parentId","filter","totalCount","length","hasMoreItems","cursor","after","afterListItemIndex","findIndex","splice","limit","listAll","create","data","canCreateFolder","parentFolder","canAccessFolder","canCreateFolderInRoot","NotAuthorizedError","publish","input","createFolder","invalidateFoldersPermissionsListCache","addFolderToCache","update","original","canUpdateFolder","Array","isArray","permissions","forEach","permission","targetIsValid","target","startsWith","Error","inheritedFrom","e","WError","updateFoldersCache","cachedFolder","stillHasAccess","updateFolder","delete","deleteFolder","getAncestors","folders","getFolderAndItsAncestors","getFolderWithAncestors","listFolderLevelPermissionsTargets","adminUsers","teams","teamTargets","map","team","name","meta","adminUserTargets","user","displayName","firstName","lastName","Boolean","join","email","validation","validateSync","image","avatar","src","results","exports"],"sources":["folder.crud.ts"],"sourcesContent":["import { createTopic } from \"@webiny/pubsub\";\nimport { validation } from \"@webiny/validation\";\nimport { CreateAcoParams, Folder } from \"~/types\";\nimport {\n AcoFolderCrud,\n OnFolderAfterCreateTopicParams,\n OnFolderAfterDeleteTopicParams,\n OnFolderAfterUpdateTopicParams,\n OnFolderBeforeCreateTopicParams,\n OnFolderBeforeDeleteTopicParams,\n OnFolderBeforeUpdateTopicParams\n} from \"./folder.types\";\n\nimport { getFolderAndItsAncestors } from \"~/utils/getFolderAndItsAncestors\";\nimport NotAuthorizedError from \"@webiny/api-security/NotAuthorizedError\";\nimport { AdminUser } from \"@webiny/api-admin-users/types\";\nimport { Team } from \"@webiny/api-security/types\";\nimport WError from \"@webiny/error\";\n\nconst FIXED_FOLDER_LISTING_LIMIT = 10_000;\n\ninterface CreateFolderCrudMethodsParams extends CreateAcoParams {\n listAdminUsers: () => Promise<AdminUser[]>;\n listTeams: () => Promise<Team[]>;\n}\n\nexport const createFolderCrudMethods = ({\n storageOperations,\n folderLevelPermissions,\n listAdminUsers,\n listTeams\n}: CreateFolderCrudMethodsParams): AcoFolderCrud => {\n // create\n const onFolderBeforeCreate = createTopic<OnFolderBeforeCreateTopicParams>(\n \"aco.onFolderBeforeCreate\"\n );\n const onFolderAfterCreate =\n createTopic<OnFolderAfterCreateTopicParams>(\"aco.onFolderAfterCreate\");\n // update\n const onFolderBeforeUpdate = createTopic<OnFolderBeforeUpdateTopicParams>(\n \"aco.onFolderBeforeUpdate\"\n );\n const onFolderAfterUpdate =\n createTopic<OnFolderAfterUpdateTopicParams>(\"aco.onFolderAfterUpdate\");\n // delete\n const onFolderBeforeDelete = createTopic<OnFolderBeforeDeleteTopicParams>(\n \"aco.onFolderBeforeDelete\"\n );\n const onFolderAfterDelete =\n createTopic<OnFolderAfterDeleteTopicParams>(\"aco.onFolderAfterDelete\");\n\n return {\n /**\n * Lifecycle events\n */\n onFolderBeforeCreate,\n onFolderAfterCreate,\n onFolderBeforeUpdate,\n onFolderAfterUpdate,\n onFolderBeforeDelete,\n onFolderAfterDelete,\n\n async get(id) {\n const folder = await storageOperations.getFolder({ id });\n\n await folderLevelPermissions.ensureCanAccessFolder({\n folder,\n rwd: \"r\"\n });\n\n await folderLevelPermissions.assignFolderPermissions(folder);\n return folder;\n },\n async list(params) {\n // No matter what was the limit set in the params, initially, we always retrieve\n // all folders. The limit is then applied with the filtered folders list below.\n const filteredFolders = await folderLevelPermissions\n .listAllFoldersWithPermissions(params.where.type)\n .then(filteredFolders => {\n // If `parentId` was included in the `where` clause, we need to filter the folders.\n // TODO: we might want to incorporate this into the `listAllFoldersWithPermissions` method.\n if (params.where.parentId) {\n // Filter by parent ID.\n return filteredFolders.filter(\n folder => folder.parentId === params.where.parentId\n );\n }\n return filteredFolders;\n });\n\n const totalCount = filteredFolders.length;\n let hasMoreItems = false;\n let cursor: string | null = null;\n\n // Apply cursor/limit params.\n if (params.after) {\n const afterListItemIndex = filteredFolders.findIndex(\n folder => folder.id === params.after\n );\n if (afterListItemIndex >= 0) {\n // Remove all items below the \"after\" item.\n filteredFolders.splice(0, afterListItemIndex + 1);\n }\n }\n\n hasMoreItems = !!params.limit && filteredFolders.length > params.limit;\n\n if (hasMoreItems) {\n cursor = filteredFolders[params.limit! - 1]?.id || null;\n filteredFolders.splice(params.limit!);\n }\n\n return [filteredFolders, { totalCount, hasMoreItems, cursor }];\n },\n\n async listAll(params) {\n return this.list({ ...params, limit: FIXED_FOLDER_LISTING_LIMIT });\n },\n\n async create(data) {\n let canCreateFolder = false;\n if (data.parentId) {\n const parentFolder = await storageOperations.getFolder({ id: data.parentId });\n canCreateFolder = await folderLevelPermissions.canAccessFolder({\n folder: parentFolder,\n rwd: \"w\"\n });\n } else {\n canCreateFolder = await folderLevelPermissions.canCreateFolderInRoot();\n }\n\n if (!canCreateFolder) {\n throw new NotAuthorizedError();\n }\n\n await onFolderBeforeCreate.publish({ input: data });\n const folder = await storageOperations.createFolder({ data });\n\n // We need to add the newly created folder to FLP's internal cache. Note that we're also\n // invalidating the permissions list cache for the folder type. We cannot rely on the cache\n // to check if the user has access, because the cache is no longer up to date.\n folderLevelPermissions.invalidateFoldersPermissionsListCache(folder.type);\n folderLevelPermissions.addFolderToCache(folder.type, folder);\n\n // With caches updated and invalidated, we can now assign correct permissions to the folder.\n await folderLevelPermissions.assignFolderPermissions(folder);\n\n await onFolderAfterCreate.publish({ folder });\n\n return folder;\n },\n\n async update(id, data) {\n const original = await storageOperations.getFolder({ id });\n\n const canUpdateFolder = await folderLevelPermissions.canAccessFolder({\n folder: original,\n rwd: \"w\"\n });\n\n if (!canUpdateFolder) {\n throw new NotAuthorizedError();\n }\n\n // Validate data.\n if (Array.isArray(data.permissions)) {\n data.permissions.forEach(permission => {\n const targetIsValid =\n permission.target.startsWith(\"admin:\") ||\n permission.target.startsWith(\"team:\");\n if (!targetIsValid) {\n throw new Error(`Permission target \"${permission.target}\" is not valid.`);\n }\n\n if (permission.inheritedFrom) {\n throw new Error(`Permission \"inheritedFrom\" cannot be set manually.`);\n }\n });\n }\n\n // Parent change is not allowed if the user doesn't have access to the new parent.\n if (data.parentId && data.parentId !== original.parentId) {\n try {\n // Getting the parent folder will throw an error if the user doesn't have access.\n await this.get(data.parentId);\n } catch (e) {\n if (e instanceof NotAuthorizedError) {\n throw new WError(\n `Cannot move folder to a new parent because you don't have access to the new parent.`,\n \"CANNOT_MOVE_FOLDER_TO_NEW_PARENT\"\n );\n }\n\n // If we didn't receive the expected error, we still want to throw it.\n throw e;\n }\n }\n\n // Finally, we check if the user would lose access to the folder by making the update.\n // In order to do this, we need to make a couple of steps. First, we're updating FLP's\n // internal cache with new folder data. Then, we're invalidating the permissions list\n // cache for the folder type. We cannot rely on the cache to check if the user still\n // has access, because the cache might no longer be up-to-date.\n folderLevelPermissions.updateFoldersCache(original.type, cachedFolder => {\n if (cachedFolder.id !== id) {\n return cachedFolder;\n }\n return { ...cachedFolder, ...data };\n });\n folderLevelPermissions.invalidateFoldersPermissionsListCache(original.type);\n\n // With caches updated and invalidated, we can now check if the user still\n // has access to the folder.\n const stillHasAccess = await folderLevelPermissions.canAccessFolder({\n folder: { id, type: original.type },\n rwd: \"w\"\n });\n\n if (!stillHasAccess) {\n throw new WError(\n `Cannot continue because you would loose access to this folder.`,\n \"CANNOT_LOOSE_FOLDER_ACCESS\"\n );\n }\n\n await onFolderBeforeUpdate.publish({ original, input: { id, data } });\n\n const folder = await storageOperations.updateFolder({ id, data });\n await folderLevelPermissions.assignFolderPermissions(folder);\n\n await onFolderAfterUpdate.publish({ original, input: { id, data }, folder });\n\n return folder;\n },\n\n async delete(id: string) {\n const folder = await storageOperations.getFolder({ id });\n\n await folderLevelPermissions.ensureCanAccessFolder({\n folder,\n rwd: \"d\"\n });\n\n await onFolderBeforeDelete.publish({ folder });\n await storageOperations.deleteFolder({ id });\n await onFolderAfterDelete.publish({ folder });\n return true;\n },\n\n async getAncestors(folder: Folder) {\n const [folders] = await this.listAll({ where: { type: folder.type } });\n return getFolderAndItsAncestors({ folder, folders });\n },\n\n /**\n * @deprecated use `getAncestors` instead\n */\n async getFolderWithAncestors(id: string) {\n const folder = await this.get(id);\n return this.getAncestors(folder);\n },\n\n async listFolderLevelPermissionsTargets() {\n const adminUsers = await listAdminUsers();\n const teams = await listTeams();\n\n const teamTargets = teams.map(team => ({\n id: team.id,\n type: \"team\",\n target: `team:${team.id}`,\n name: team.name || \"\",\n meta: {}\n }));\n\n const adminUserTargets = adminUsers.map(user => {\n let name = user.displayName;\n if (!name) {\n // For backwards compatibility, we also want to try concatenating first and last name.\n name = [user.firstName, user.lastName].filter(Boolean).join(\" \");\n }\n\n // We're doing the validation because, with non-Cognito IdPs (Okta, Auth0), the email\n // field might actually contain a non-email value: `id:${IdP_Identity_ID}`. In that case,\n // let's not assign anything to the `email` field.\n let email: string | null = user.email;\n try {\n validation.validateSync(email, \"email\");\n } catch {\n email = null;\n }\n\n const image = user.avatar?.src || null;\n\n return {\n id: user.id,\n type: \"admin\",\n target: `admin:${user.id}`,\n name,\n meta: {\n email,\n image\n }\n };\n });\n\n const results = [...teamTargets, ...adminUserTargets];\n const meta = { totalCount: results.length };\n\n return [results, meta];\n }\n };\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAYA,IAAAE,yBAAA,GAAAF,OAAA;AACA,IAAAG,mBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAGA,IAAAK,MAAA,GAAAD,sBAAA,CAAAJ,OAAA;AAEA,MAAMM,0BAA0B,GAAG,MAAM;AAOlC,MAAMC,uBAAuB,GAAGA,CAAC;EACpCC,iBAAiB;EACjBC,sBAAsB;EACtBC,cAAc;EACdC;AAC2B,CAAC,KAAoB;EAChD;EACA,MAAMC,oBAAoB,GAAG,IAAAC,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMC,mBAAmB,GACrB,IAAAD,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAME,oBAAoB,GAAG,IAAAF,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMG,mBAAmB,GACrB,IAAAH,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAMI,oBAAoB,GAAG,IAAAJ,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMK,mBAAmB,GACrB,IAAAL,mBAAW,EAAiC,yBAAyB,CAAC;EAE1E,OAAO;IACH;AACR;AACA;IACQD,oBAAoB;IACpBE,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IAEnB,MAAMC,GAAGA,CAACC,EAAE,EAAE;MACV,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMf,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAC5D,OAAOA,MAAM;IACjB,CAAC;IACD,MAAMK,IAAIA,CAACC,MAAM,EAAE;MACf;MACA;MACA,MAAMC,eAAe,GAAG,MAAMnB,sBAAsB,CAC/CoB,6BAA6B,CAACF,MAAM,CAACG,KAAK,CAACC,IAAI,CAAC,CAChDC,IAAI,CAACJ,eAAe,IAAI;QACrB;QACA;QACA,IAAID,MAAM,CAACG,KAAK,CAACG,QAAQ,EAAE;UACvB;UACA,OAAOL,eAAe,CAACM,MAAM,CACzBb,MAAM,IAAIA,MAAM,CAACY,QAAQ,KAAKN,MAAM,CAACG,KAAK,CAACG,QAC/C,CAAC;QACL;QACA,OAAOL,eAAe;MAC1B,CAAC,CAAC;MAEN,MAAMO,UAAU,GAAGP,eAAe,CAACQ,MAAM;MACzC,IAAIC,YAAY,GAAG,KAAK;MACxB,IAAIC,MAAqB,GAAG,IAAI;;MAEhC;MACA,IAAIX,MAAM,CAACY,KAAK,EAAE;QACd,MAAMC,kBAAkB,GAAGZ,eAAe,CAACa,SAAS,CAChDpB,MAAM,IAAIA,MAAM,CAACD,EAAE,KAAKO,MAAM,CAACY,KACnC,CAAC;QACD,IAAIC,kBAAkB,IAAI,CAAC,EAAE;UACzB;UACAZ,eAAe,CAACc,MAAM,CAAC,CAAC,EAAEF,kBAAkB,GAAG,CAAC,CAAC;QACrD;MACJ;MAEAH,YAAY,GAAG,CAAC,CAACV,MAAM,CAACgB,KAAK,IAAIf,eAAe,CAACQ,MAAM,GAAGT,MAAM,CAACgB,KAAK;MAEtE,IAAIN,YAAY,EAAE;QACdC,MAAM,GAAGV,eAAe,CAACD,MAAM,CAACgB,KAAK,GAAI,CAAC,CAAC,EAAEvB,EAAE,IAAI,IAAI;QACvDQ,eAAe,CAACc,MAAM,CAACf,MAAM,CAACgB,KAAM,CAAC;MACzC;MAEA,OAAO,CAACf,eAAe,EAAE;QAAEO,UAAU;QAAEE,YAAY;QAAEC;MAAO,CAAC,CAAC;IAClE,CAAC;IAED,MAAMM,OAAOA,CAACjB,MAAM,EAAE;MAClB,OAAO,IAAI,CAACD,IAAI,CAAC;QAAE,GAAGC,MAAM;QAAEgB,KAAK,EAAErC;MAA2B,CAAC,CAAC;IACtE,CAAC;IAED,MAAMuC,MAAMA,CAACC,IAAI,EAAE;MACf,IAAIC,eAAe,GAAG,KAAK;MAC3B,IAAID,IAAI,CAACb,QAAQ,EAAE;QACf,MAAMe,YAAY,GAAG,MAAMxC,iBAAiB,CAACc,SAAS,CAAC;UAAEF,EAAE,EAAE0B,IAAI,CAACb;QAAS,CAAC,CAAC;QAC7Ec,eAAe,GAAG,MAAMtC,sBAAsB,CAACwC,eAAe,CAAC;UAC3D5B,MAAM,EAAE2B,YAAY;UACpBxB,GAAG,EAAE;QACT,CAAC,CAAC;MACN,CAAC,MAAM;QACHuB,eAAe,GAAG,MAAMtC,sBAAsB,CAACyC,qBAAqB,CAAC,CAAC;MAC1E;MAEA,IAAI,CAACH,eAAe,EAAE;QAClB,MAAM,IAAII,2BAAkB,CAAC,CAAC;MAClC;MAEA,MAAMvC,oBAAoB,CAACwC,OAAO,CAAC;QAAEC,KAAK,EAAEP;MAAK,CAAC,CAAC;MACnD,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAAC8C,YAAY,CAAC;QAAER;MAAK,CAAC,CAAC;;MAE7D;MACA;MACA;MACArC,sBAAsB,CAAC8C,qCAAqC,CAAClC,MAAM,CAACU,IAAI,CAAC;MACzEtB,sBAAsB,CAAC+C,gBAAgB,CAACnC,MAAM,CAACU,IAAI,EAAEV,MAAM,CAAC;;MAE5D;MACA,MAAMZ,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAE5D,MAAMP,mBAAmB,CAACsC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAE7C,OAAOA,MAAM;IACjB,CAAC;IAED,MAAMoC,MAAMA,CAACrC,EAAE,EAAE0B,IAAI,EAAE;MACnB,MAAMY,QAAQ,GAAG,MAAMlD,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAE1D,MAAMuC,eAAe,GAAG,MAAMlD,sBAAsB,CAACwC,eAAe,CAAC;QACjE5B,MAAM,EAAEqC,QAAQ;QAChBlC,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,IAAI,CAACmC,eAAe,EAAE;QAClB,MAAM,IAAIR,2BAAkB,CAAC,CAAC;MAClC;;MAEA;MACA,IAAIS,KAAK,CAACC,OAAO,CAACf,IAAI,CAACgB,WAAW,CAAC,EAAE;QACjChB,IAAI,CAACgB,WAAW,CAACC,OAAO,CAACC,UAAU,IAAI;UACnC,MAAMC,aAAa,GACfD,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,IACtCH,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,OAAO,CAAC;UACzC,IAAI,CAACF,aAAa,EAAE;YAChB,MAAM,IAAIG,KAAK,CAAC,sBAAsBJ,UAAU,CAACE,MAAM,iBAAiB,CAAC;UAC7E;UAEA,IAAIF,UAAU,CAACK,aAAa,EAAE;YAC1B,MAAM,IAAID,KAAK,CAAC,oDAAoD,CAAC;UACzE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA,IAAItB,IAAI,CAACb,QAAQ,IAAIa,IAAI,CAACb,QAAQ,KAAKyB,QAAQ,CAACzB,QAAQ,EAAE;QACtD,IAAI;UACA;UACA,MAAM,IAAI,CAACd,GAAG,CAAC2B,IAAI,CAACb,QAAQ,CAAC;QACjC,CAAC,CAAC,OAAOqC,CAAC,EAAE;UACR,IAAIA,CAAC,YAAYnB,2BAAkB,EAAE;YACjC,MAAM,IAAIoB,cAAM,CACZ,qFAAqF,EACrF,kCACJ,CAAC;UACL;;UAEA;UACA,MAAMD,CAAC;QACX;MACJ;;MAEA;MACA;MACA;MACA;MACA;MACA7D,sBAAsB,CAAC+D,kBAAkB,CAACd,QAAQ,CAAC3B,IAAI,EAAE0C,YAAY,IAAI;QACrE,IAAIA,YAAY,CAACrD,EAAE,KAAKA,EAAE,EAAE;UACxB,OAAOqD,YAAY;QACvB;QACA,OAAO;UAAE,GAAGA,YAAY;UAAE,GAAG3B;QAAK,CAAC;MACvC,CAAC,CAAC;MACFrC,sBAAsB,CAAC8C,qCAAqC,CAACG,QAAQ,CAAC3B,IAAI,CAAC;;MAE3E;MACA;MACA,MAAM2C,cAAc,GAAG,MAAMjE,sBAAsB,CAACwC,eAAe,CAAC;QAChE5B,MAAM,EAAE;UAAED,EAAE;UAAEW,IAAI,EAAE2B,QAAQ,CAAC3B;QAAK,CAAC;QACnCP,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,IAAI,CAACkD,cAAc,EAAE;QACjB,MAAM,IAAIH,cAAM,CACZ,gEAAgE,EAChE,4BACJ,CAAC;MACL;MAEA,MAAMxD,oBAAoB,CAACqC,OAAO,CAAC;QAAEM,QAAQ;QAAEL,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK;MAAE,CAAC,CAAC;MAErE,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAACmE,YAAY,CAAC;QAAEvD,EAAE;QAAE0B;MAAK,CAAC,CAAC;MACjE,MAAMrC,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAE5D,MAAML,mBAAmB,CAACoC,OAAO,CAAC;QAAEM,QAAQ;QAAEL,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK,CAAC;QAAEzB;MAAO,CAAC,CAAC;MAE5E,OAAOA,MAAM;IACjB,CAAC;IAED,MAAMuD,MAAMA,CAACxD,EAAU,EAAE;MACrB,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMP,oBAAoB,CAACmC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC9C,MAAMb,iBAAiB,CAACqE,YAAY,CAAC;QAAEzD;MAAG,CAAC,CAAC;MAC5C,MAAMF,mBAAmB,CAACkC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC7C,OAAO,IAAI;IACf,CAAC;IAED,MAAMyD,YAAYA,CAACzD,MAAc,EAAE;MAC/B,MAAM,CAAC0D,OAAO,CAAC,GAAG,MAAM,IAAI,CAACnC,OAAO,CAAC;QAAEd,KAAK,EAAE;UAAEC,IAAI,EAAEV,MAAM,CAACU;QAAK;MAAE,CAAC,CAAC;MACtE,OAAO,IAAAiD,kDAAwB,EAAC;QAAE3D,MAAM;QAAE0D;MAAQ,CAAC,CAAC;IACxD,CAAC;IAED;AACR;AACA;IACQ,MAAME,sBAAsBA,CAAC7D,EAAU,EAAE;MACrC,MAAMC,MAAM,GAAG,MAAM,IAAI,CAACF,GAAG,CAACC,EAAE,CAAC;MACjC,OAAO,IAAI,CAAC0D,YAAY,CAACzD,MAAM,CAAC;IACpC,CAAC;IAED,MAAM6D,iCAAiCA,CAAA,EAAG;MACtC,MAAMC,UAAU,GAAG,MAAMzE,cAAc,CAAC,CAAC;MACzC,MAAM0E,KAAK,GAAG,MAAMzE,SAAS,CAAC,CAAC;MAE/B,MAAM0E,WAAW,GAAGD,KAAK,CAACE,GAAG,CAACC,IAAI,KAAK;QACnCnE,EAAE,EAAEmE,IAAI,CAACnE,EAAE;QACXW,IAAI,EAAE,MAAM;QACZmC,MAAM,EAAE,QAAQqB,IAAI,CAACnE,EAAE,EAAE;QACzBoE,IAAI,EAAED,IAAI,CAACC,IAAI,IAAI,EAAE;QACrBC,IAAI,EAAE,CAAC;MACX,CAAC,CAAC,CAAC;MAEH,MAAMC,gBAAgB,GAAGP,UAAU,CAACG,GAAG,CAACK,IAAI,IAAI;QAC5C,IAAIH,IAAI,GAAGG,IAAI,CAACC,WAAW;QAC3B,IAAI,CAACJ,IAAI,EAAE;UACP;UACAA,IAAI,GAAG,CAACG,IAAI,CAACE,SAAS,EAAEF,IAAI,CAACG,QAAQ,CAAC,CAAC5D,MAAM,CAAC6D,OAAO,CAAC,CAACC,IAAI,CAAC,GAAG,CAAC;QACpE;;QAEA;QACA;QACA;QACA,IAAIC,KAAoB,GAAGN,IAAI,CAACM,KAAK;QACrC,IAAI;UACAC,sBAAU,CAACC,YAAY,CAACF,KAAK,EAAE,OAAO,CAAC;QAC3C,CAAC,CAAC,MAAM;UACJA,KAAK,GAAG,IAAI;QAChB;QAEA,MAAMG,KAAK,GAAGT,IAAI,CAACU,MAAM,EAAEC,GAAG,IAAI,IAAI;QAEtC,OAAO;UACHlF,EAAE,EAAEuE,IAAI,CAACvE,EAAE;UACXW,IAAI,EAAE,OAAO;UACbmC,MAAM,EAAE,SAASyB,IAAI,CAACvE,EAAE,EAAE;UAC1BoE,IAAI;UACJC,IAAI,EAAE;YACFQ,KAAK;YACLG;UACJ;QACJ,CAAC;MACL,CAAC,CAAC;MAEF,MAAMG,OAAO,GAAG,CAAC,GAAGlB,WAAW,EAAE,GAAGK,gBAAgB,CAAC;MACrD,MAAMD,IAAI,GAAG;QAAEtD,UAAU,EAAEoE,OAAO,CAACnE;MAAO,CAAC;MAE3C,OAAO,CAACmE,OAAO,EAAEd,IAAI,CAAC;IAC1B;EACJ,CAAC;AACL,CAAC;AAACe,OAAA,CAAAjG,uBAAA,GAAAA,uBAAA","ignoreList":[]}
package/folder/folder.gql.js CHANGED
@@ -8,6 +8,7 @@ var _responses = require("@webiny/handler-graphql/responses");
8
8
  var _GraphQLSchemaPlugin = require("@webiny/handler-graphql/plugins/GraphQLSchemaPlugin");
9
9
  var _ensureAuthentication = require("../utils/ensureAuthentication");
10
10
  var _resolve = require("../utils/resolve");
11
+ var _compress = require("../utils/compress");
11
12
  const folderSchema = exports.folderSchema = new _GraphQLSchemaPlugin.GraphQLSchemaPlugin({
12
13
  typeDefs: /* GraphQL */`
13
14
  type FolderPermission {
@@ -16,6 +17,11 @@ const folderSchema = exports.folderSchema = new _GraphQLSchemaPlugin.GraphQLSche
16
17
  inheritedFrom: ID
17
18
  }
18
19
 
20
+ type CompressedResponse {
21
+ compression: String
22
+ value: String
23
+ }
24
+
19
25
  input FolderPermissionInput {
20
26
  target: String!
21
27
  level: String!
@@ -82,6 +88,11 @@ const folderSchema = exports.folderSchema = new _GraphQLSchemaPlugin.GraphQLSche
82
88
  meta: AcoMeta
83
89
  }
84
90
 
91
+ type FoldersListCompressedResponse {
92
+ data: CompressedResponse
93
+ error: AcoError
94
+ }
95
+
85
96
  type FolderLevelPermissionsTarget {
86
97
  id: ID!
87
98
  type: String!
@@ -108,6 +119,12 @@ const folderSchema = exports.folderSchema = new _GraphQLSchemaPlugin.GraphQLSche
108
119
  after: String
109
120
  sort: AcoSort
110
121
  ): FoldersListResponse
122
+ listFoldersCompressed(
123
+ where: FoldersListWhereInput!
124
+ limit: Int
125
+ after: String
126
+ sort: AcoSort
127
+ ): FoldersListCompressedResponse
111
128
 
112
129
  listFolderLevelPermissionsTargets: FolderLevelPermissionsTargetsListResponse
113
130
  }
@@ -151,6 +168,19 @@ const folderSchema = exports.folderSchema = new _GraphQLSchemaPlugin.GraphQLSche
151
168
  return new _responses.ErrorResponse(e);
152
169
  }
153
170
  },
171
+ listFoldersCompressed: async (_, args, context) => {
172
+ return (0, _resolve.resolve)(async () => {
173
+ const [entries] = await context.aco.folder.list(args);
174
+ const folders = entries.map(folder => ({
175
+ ...folder,
176
+ hasNonInheritedPermissions: context.aco.folderLevelPermissions.permissionsIncludeNonInheritedPermissions(folder.permissions),
177
+ canManageStructure: context.aco.folderLevelPermissions.canManageFolderStructure(folder),
178
+ canManagePermissions: context.aco.folderLevelPermissions.canManageFolderPermissions(folder),
179
+ canManageContent: context.aco.folderLevelPermissions.canManageFolderContent(folder)
180
+ }));
181
+ return (0, _compress.compress)(folders);
182
+ });
183
+ },
154
184
  listFolderLevelPermissionsTargets: async (_, args, context) => {
155
185
  try {
156
186
  (0, _ensureAuthentication.ensureAuthentication)(context);
package/folder/folder.gql.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_responses","require","_GraphQLSchemaPlugin","_ensureAuthentication","_resolve","folderSchema","exports","GraphQLSchemaPlugin","typeDefs","resolvers","Folder","hasNonInheritedPermissions","folder","_","context","aco","folderLevelPermissions","permissionsIncludeNonInheritedPermissions","permissions","canManageStructure","canManageFolderStructure","canManagePermissions","canManageFolderPermissions","canManageContent","canManageFolderContent","AcoQuery","getFolder","id","resolve","ensureAuthentication","get","listFolders","args","entries","meta","list","ListResponse","e","ErrorResponse","listFolderLevelPermissionsTargets","AcoMutation","createFolder","data","create","updateFolder","update","deleteFolder","delete"],"sources":["folder.gql.ts"],"sourcesContent":["import { ErrorResponse, ListResponse } from \"@webiny/handler-graphql/responses\";\nimport { GraphQLSchemaPlugin } from \"@webiny/handler-graphql/plugins/GraphQLSchemaPlugin\";\n\nimport { ensureAuthentication } from \"~/utils/ensureAuthentication\";\nimport { resolve } from \"~/utils/resolve\";\n\nimport { AcoContext, Folder } from \"~/types\";\n\nexport const folderSchema = new GraphQLSchemaPlugin<AcoContext>({\n typeDefs: /* GraphQL */ `\n type FolderPermission {\n target: String!\n level: String!\n inheritedFrom: ID\n }\n\n input FolderPermissionInput {\n target: String!\n level: String!\n inheritedFrom: ID\n }\n\n type Folder {\n id: ID!\n title: String!\n slug: String!\n permissions: [FolderPermission]\n\n # Tells us if the current user can manage folder structure.\n canManageStructure: Boolean\n\n # Tells us if the current user can manage folder permissions.\n canManagePermissions: Boolean\n\n # Tells us if the current user can manage folder content.\n canManageContent: Boolean\n\n # Tells us if the folder contains non-inherited permissions.\n hasNonInheritedPermissions: Boolean\n\n type: String!\n parentId: ID\n createdOn: DateTime\n modifiedOn: DateTime\n savedOn: DateTime\n createdBy: AcoUser\n modifiedBy: AcoUser\n savedBy: AcoUser\n }\n\n input FolderCreateInput {\n title: String!\n slug: String!\n permissions: [FolderPermissionInput]\n type: String!\n parentId: ID\n }\n\n input FolderUpdateInput {\n title: String\n slug: String\n permissions: [FolderPermissionInput]\n parentId: ID\n }\n\n input FoldersListWhereInput {\n type: String!\n parentId: String\n createdBy: ID\n }\n\n type FolderResponse {\n data: Folder\n error: AcoError\n }\n\n type FoldersListResponse {\n data: [Folder]\n error: AcoError\n meta: AcoMeta\n }\n\n type FolderLevelPermissionsTarget {\n id: ID!\n type: String!\n target: ID!\n name: String!\n meta: JSON\n }\n\n type FolderLevelPermissionsTargetsListMeta {\n totalCount: Int!\n }\n\n type FolderLevelPermissionsTargetsListResponse {\n data: [FolderLevelPermissionsTarget]\n meta: FolderLevelPermissionsTargetsListMeta\n error: AcoError\n }\n\n extend type AcoQuery {\n getFolder(id: ID!): FolderResponse\n listFolders(\n where: FoldersListWhereInput!\n limit: Int\n after: String\n sort: AcoSort\n ): FoldersListResponse\n\n listFolderLevelPermissionsTargets: FolderLevelPermissionsTargetsListResponse\n }\n\n extend type AcoMutation {\n createFolder(data: FolderCreateInput!): FolderResponse\n updateFolder(id: ID!, data: FolderUpdateInput!): FolderResponse\n deleteFolder(id: ID!): AcoBooleanResponse\n }\n `,\n resolvers: {\n Folder: {\n hasNonInheritedPermissions: (folder: Folder, _, context) => {\n return context.aco.folderLevelPermissions.permissionsIncludeNonInheritedPermissions(\n folder.permissions\n );\n },\n canManageStructure: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderStructure(folder);\n },\n canManagePermissions: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderPermissions(folder);\n },\n canManageContent: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderContent(folder);\n }\n },\n AcoQuery: {\n getFolder: async (_, { id }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.get(id);\n });\n },\n listFolders: async (_, args: any, context) => {\n try {\n ensureAuthentication(context);\n const [entries, meta] = await context.aco.folder.list(args);\n return new ListResponse(entries, meta);\n } catch (e) {\n return new ErrorResponse(e);\n }\n },\n listFolderLevelPermissionsTargets: async (_, args: any, context) => {\n try {\n ensureAuthentication(context);\n const [entries, meta] =\n await context.aco.folder.listFolderLevelPermissionsTargets();\n return new ListResponse(entries, meta);\n } catch (e) {\n return new ErrorResponse(e);\n }\n }\n },\n AcoMutation: {\n createFolder: async (_, { data }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.create(data);\n });\n },\n updateFolder: async (_, { id, data }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.update(id, data);\n });\n },\n deleteFolder: async (_, { id }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.delete(id);\n });\n }\n }\n }\n});\n"],"mappings":";;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAD,OAAA;AAEA,IAAAE,qBAAA,GAAAF,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AAIO,MAAMI,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAIE,wCAAmB,CAAa;EAC5DC,QAAQ,EAAE,aAAc;AAC5B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;EACDC,SAAS,EAAE;IACPC,MAAM,EAAE;MACJC,0BAA0B,EAAEA,CAACC,MAAc,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACxD,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACC,yCAAyC,CAC/EL,MAAM,CAACM,WACX,CAAC;MACL,CAAC;MACDC,kBAAkB,EAAEA,CAACP,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACxC,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACI,wBAAwB,CAACR,MAAM,CAAC;MAC9E,CAAC;MACDS,oBAAoB,EAAEA,CAACT,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QAC1C,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACM,0BAA0B,CAACV,MAAM,CAAC;MAChF,CAAC;MACDW,gBAAgB,EAAEA,CAACX,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACtC,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACQ,sBAAsB,CAACZ,MAAM,CAAC;MAC5E;IACJ,CAAC;IACDa,QAAQ,EAAE;MACNC,SAAS,EAAE,MAAAA,CAAOb,CAAC,EAAE;QAAEc;MAAG,CAAC,EAAEb,OAAO,KAAK;QACrC,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACkB,GAAG,CAACH,EAAE,CAAC;QACrC,CAAC,CAAC;MACN,CAAC;MACDI,WAAW,EAAE,MAAAA,CAAOlB,CAAC,EAAEmB,IAAS,EAAElB,OAAO,KAAK;QAC1C,IAAI;UACA,IAAAe,0CAAoB,EAACf,OAAO,CAAC;UAC7B,MAAM,CAACmB,OAAO,EAAEC,IAAI,CAAC,GAAG,MAAMpB,OAAO,CAACC,GAAG,CAACH,MAAM,CAACuB,IAAI,CAACH,IAAI,CAAC;UAC3D,OAAO,IAAII,uBAAY,CAACH,OAAO,EAAEC,IAAI,CAAC;QAC1C,CAAC,CAAC,OAAOG,CAAC,EAAE;UACR,OAAO,IAAIC,wBAAa,CAACD,CAAC,CAAC;QAC/B;MACJ,CAAC;MACDE,iCAAiC,EAAE,MAAAA,CAAO1B,CAAC,EAAEmB,IAAS,EAAElB,OAAO,KAAK;QAChE,IAAI;UACA,IAAAe,0CAAoB,EAACf,OAAO,CAAC;UAC7B,MAAM,CAACmB,OAAO,EAAEC,IAAI,CAAC,GACjB,MAAMpB,OAAO,CAACC,GAAG,CAACH,MAAM,CAAC2B,iCAAiC,CAAC,CAAC;UAChE,OAAO,IAAIH,uBAAY,CAACH,OAAO,EAAEC,IAAI,CAAC;QAC1C,CAAC,CAAC,OAAOG,CAAC,EAAE;UACR,OAAO,IAAIC,wBAAa,CAACD,CAAC,CAAC;QAC/B;MACJ;IACJ,CAAC;IACDG,WAAW,EAAE;MACTC,YAAY,EAAE,MAAAA,CAAO5B,CAAC,EAAE;QAAE6B;MAAK,CAAC,EAAE5B,OAAO,KAAK;QAC1C,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAAC+B,MAAM,CAACD,IAAI,CAAC;QAC1C,CAAC,CAAC;MACN,CAAC;MACDE,YAAY,EAAE,MAAAA,CAAO/B,CAAC,EAAE;QAAEc,EAAE;QAAEe;MAAK,CAAC,EAAE5B,OAAO,KAAK;QAC9C,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACiC,MAAM,CAAClB,EAAE,EAAEe,IAAI,CAAC;QAC9C,CAAC,CAAC;MACN,CAAC;MACDI,YAAY,EAAE,MAAAA,CAAOjC,CAAC,EAAE;QAAEc;MAAG,CAAC,EAAEb,OAAO,KAAK;QACxC,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACmC,MAAM,CAACpB,EAAE,CAAC;QACxC,CAAC,CAAC;MACN;IACJ;EACJ;AACJ,CAAC,CAAC","ignoreList":[]}
1
+ {"version":3,"names":["_responses","require","_GraphQLSchemaPlugin","_ensureAuthentication","_resolve","_compress","folderSchema","exports","GraphQLSchemaPlugin","typeDefs","resolvers","Folder","hasNonInheritedPermissions","folder","_","context","aco","folderLevelPermissions","permissionsIncludeNonInheritedPermissions","permissions","canManageStructure","canManageFolderStructure","canManagePermissions","canManageFolderPermissions","canManageContent","canManageFolderContent","AcoQuery","getFolder","id","resolve","ensureAuthentication","get","listFolders","args","entries","meta","list","ListResponse","e","ErrorResponse","listFoldersCompressed","folders","map","compress","listFolderLevelPermissionsTargets","AcoMutation","createFolder","data","create","updateFolder","update","deleteFolder","delete"],"sources":["folder.gql.ts"],"sourcesContent":["import { ErrorResponse, ListResponse } from \"@webiny/handler-graphql/responses\";\nimport { GraphQLSchemaPlugin } from \"@webiny/handler-graphql/plugins/GraphQLSchemaPlugin\";\n\nimport { ensureAuthentication } from \"~/utils/ensureAuthentication\";\nimport { resolve } from \"~/utils/resolve\";\nimport { compress } from \"~/utils/compress\";\n\nimport { AcoContext, Folder } from \"~/types\";\n\nexport const folderSchema = new GraphQLSchemaPlugin<AcoContext>({\n typeDefs: /* GraphQL */ `\n type FolderPermission {\n target: String!\n level: String!\n inheritedFrom: ID\n }\n\n type CompressedResponse {\n compression: String\n value: String\n }\n\n input FolderPermissionInput {\n target: String!\n level: String!\n inheritedFrom: ID\n }\n\n type Folder {\n id: ID!\n title: String!\n slug: String!\n permissions: [FolderPermission]\n\n # Tells us if the current user can manage folder structure.\n canManageStructure: Boolean\n\n # Tells us if the current user can manage folder permissions.\n canManagePermissions: Boolean\n\n # Tells us if the current user can manage folder content.\n canManageContent: Boolean\n\n # Tells us if the folder contains non-inherited permissions.\n hasNonInheritedPermissions: Boolean\n\n type: String!\n parentId: ID\n createdOn: DateTime\n modifiedOn: DateTime\n savedOn: DateTime\n createdBy: AcoUser\n modifiedBy: AcoUser\n savedBy: AcoUser\n }\n\n input FolderCreateInput {\n title: String!\n slug: String!\n permissions: [FolderPermissionInput]\n type: String!\n parentId: ID\n }\n\n input FolderUpdateInput {\n title: String\n slug: String\n permissions: [FolderPermissionInput]\n parentId: ID\n }\n\n input FoldersListWhereInput {\n type: String!\n parentId: String\n createdBy: ID\n }\n\n type FolderResponse {\n data: Folder\n error: AcoError\n }\n\n type FoldersListResponse {\n data: [Folder]\n error: AcoError\n meta: AcoMeta\n }\n\n type FoldersListCompressedResponse {\n data: CompressedResponse\n error: AcoError\n }\n\n type FolderLevelPermissionsTarget {\n id: ID!\n type: String!\n target: ID!\n name: String!\n meta: JSON\n }\n\n type FolderLevelPermissionsTargetsListMeta {\n totalCount: Int!\n }\n\n type FolderLevelPermissionsTargetsListResponse {\n data: [FolderLevelPermissionsTarget]\n meta: FolderLevelPermissionsTargetsListMeta\n error: AcoError\n }\n\n extend type AcoQuery {\n getFolder(id: ID!): FolderResponse\n listFolders(\n where: FoldersListWhereInput!\n limit: Int\n after: String\n sort: AcoSort\n ): FoldersListResponse\n listFoldersCompressed(\n where: FoldersListWhereInput!\n limit: Int\n after: String\n sort: AcoSort\n ): FoldersListCompressedResponse\n\n listFolderLevelPermissionsTargets: FolderLevelPermissionsTargetsListResponse\n }\n\n extend type AcoMutation {\n createFolder(data: FolderCreateInput!): FolderResponse\n updateFolder(id: ID!, data: FolderUpdateInput!): FolderResponse\n deleteFolder(id: ID!): AcoBooleanResponse\n }\n `,\n resolvers: {\n Folder: {\n hasNonInheritedPermissions: (folder: Folder, _, context) => {\n return context.aco.folderLevelPermissions.permissionsIncludeNonInheritedPermissions(\n folder.permissions\n );\n },\n canManageStructure: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderStructure(folder);\n },\n canManagePermissions: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderPermissions(folder);\n },\n canManageContent: (folder, _, context) => {\n return context.aco.folderLevelPermissions.canManageFolderContent(folder);\n }\n },\n AcoQuery: {\n getFolder: async (_, { id }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.get(id);\n });\n },\n listFolders: async (_, args: any, context) => {\n try {\n ensureAuthentication(context);\n const [entries, meta] = await context.aco.folder.list(args);\n return new ListResponse(entries, meta);\n } catch (e) {\n return new ErrorResponse(e);\n }\n },\n listFoldersCompressed: async (_, args: any, context) => {\n return resolve(async () => {\n const [entries] = await context.aco.folder.list(args);\n\n const folders = entries.map(folder => ({\n ...folder,\n hasNonInheritedPermissions:\n context.aco.folderLevelPermissions.permissionsIncludeNonInheritedPermissions(\n folder.permissions\n ),\n canManageStructure:\n context.aco.folderLevelPermissions.canManageFolderStructure(folder),\n canManagePermissions:\n context.aco.folderLevelPermissions.canManageFolderPermissions(folder),\n canManageContent:\n context.aco.folderLevelPermissions.canManageFolderContent(folder)\n }));\n\n return compress(folders);\n });\n },\n listFolderLevelPermissionsTargets: async (_, args: any, context) => {\n try {\n ensureAuthentication(context);\n const [entries, meta] =\n await context.aco.folder.listFolderLevelPermissionsTargets();\n return new ListResponse(entries, meta);\n } catch (e) {\n return new ErrorResponse(e);\n }\n }\n },\n AcoMutation: {\n createFolder: async (_, { data }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.create(data);\n });\n },\n updateFolder: async (_, { id, data }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.update(id, data);\n });\n },\n deleteFolder: async (_, { id }, context) => {\n return resolve(() => {\n ensureAuthentication(context);\n return context.aco.folder.delete(id);\n });\n }\n }\n }\n});\n"],"mappings":";;;;;;AAAA,IAAAA,UAAA,GAAAC,OAAA;AACA,IAAAC,oBAAA,GAAAD,OAAA;AAEA,IAAAE,qBAAA,GAAAF,OAAA;AACA,IAAAG,QAAA,GAAAH,OAAA;AACA,IAAAI,SAAA,GAAAJ,OAAA;AAIO,MAAMK,YAAY,GAAAC,OAAA,CAAAD,YAAA,GAAG,IAAIE,wCAAmB,CAAa;EAC5DC,QAAQ,EAAE,aAAc;AAC5B;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,KAAK;EACDC,SAAS,EAAE;IACPC,MAAM,EAAE;MACJC,0BAA0B,EAAEA,CAACC,MAAc,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACxD,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACC,yCAAyC,CAC/EL,MAAM,CAACM,WACX,CAAC;MACL,CAAC;MACDC,kBAAkB,EAAEA,CAACP,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACxC,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACI,wBAAwB,CAACR,MAAM,CAAC;MAC9E,CAAC;MACDS,oBAAoB,EAAEA,CAACT,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QAC1C,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACM,0BAA0B,CAACV,MAAM,CAAC;MAChF,CAAC;MACDW,gBAAgB,EAAEA,CAACX,MAAM,EAAEC,CAAC,EAAEC,OAAO,KAAK;QACtC,OAAOA,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACQ,sBAAsB,CAACZ,MAAM,CAAC;MAC5E;IACJ,CAAC;IACDa,QAAQ,EAAE;MACNC,SAAS,EAAE,MAAAA,CAAOb,CAAC,EAAE;QAAEc;MAAG,CAAC,EAAEb,OAAO,KAAK;QACrC,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACkB,GAAG,CAACH,EAAE,CAAC;QACrC,CAAC,CAAC;MACN,CAAC;MACDI,WAAW,EAAE,MAAAA,CAAOlB,CAAC,EAAEmB,IAAS,EAAElB,OAAO,KAAK;QAC1C,IAAI;UACA,IAAAe,0CAAoB,EAACf,OAAO,CAAC;UAC7B,MAAM,CAACmB,OAAO,EAAEC,IAAI,CAAC,GAAG,MAAMpB,OAAO,CAACC,GAAG,CAACH,MAAM,CAACuB,IAAI,CAACH,IAAI,CAAC;UAC3D,OAAO,IAAII,uBAAY,CAACH,OAAO,EAAEC,IAAI,CAAC;QAC1C,CAAC,CAAC,OAAOG,CAAC,EAAE;UACR,OAAO,IAAIC,wBAAa,CAACD,CAAC,CAAC;QAC/B;MACJ,CAAC;MACDE,qBAAqB,EAAE,MAAAA,CAAO1B,CAAC,EAAEmB,IAAS,EAAElB,OAAO,KAAK;QACpD,OAAO,IAAAc,gBAAO,EAAC,YAAY;UACvB,MAAM,CAACK,OAAO,CAAC,GAAG,MAAMnB,OAAO,CAACC,GAAG,CAACH,MAAM,CAACuB,IAAI,CAACH,IAAI,CAAC;UAErD,MAAMQ,OAAO,GAAGP,OAAO,CAACQ,GAAG,CAAC7B,MAAM,KAAK;YACnC,GAAGA,MAAM;YACTD,0BAA0B,EACtBG,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACC,yCAAyC,CACxEL,MAAM,CAACM,WACX,CAAC;YACLC,kBAAkB,EACdL,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACI,wBAAwB,CAACR,MAAM,CAAC;YACvES,oBAAoB,EAChBP,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACM,0BAA0B,CAACV,MAAM,CAAC;YACzEW,gBAAgB,EACZT,OAAO,CAACC,GAAG,CAACC,sBAAsB,CAACQ,sBAAsB,CAACZ,MAAM;UACxE,CAAC,CAAC,CAAC;UAEH,OAAO,IAAA8B,kBAAQ,EAACF,OAAO,CAAC;QAC5B,CAAC,CAAC;MACN,CAAC;MACDG,iCAAiC,EAAE,MAAAA,CAAO9B,CAAC,EAAEmB,IAAS,EAAElB,OAAO,KAAK;QAChE,IAAI;UACA,IAAAe,0CAAoB,EAACf,OAAO,CAAC;UAC7B,MAAM,CAACmB,OAAO,EAAEC,IAAI,CAAC,GACjB,MAAMpB,OAAO,CAACC,GAAG,CAACH,MAAM,CAAC+B,iCAAiC,CAAC,CAAC;UAChE,OAAO,IAAIP,uBAAY,CAACH,OAAO,EAAEC,IAAI,CAAC;QAC1C,CAAC,CAAC,OAAOG,CAAC,EAAE;UACR,OAAO,IAAIC,wBAAa,CAACD,CAAC,CAAC;QAC/B;MACJ;IACJ,CAAC;IACDO,WAAW,EAAE;MACTC,YAAY,EAAE,MAAAA,CAAOhC,CAAC,EAAE;QAAEiC;MAAK,CAAC,EAAEhC,OAAO,KAAK;QAC1C,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACmC,MAAM,CAACD,IAAI,CAAC;QAC1C,CAAC,CAAC;MACN,CAAC;MACDE,YAAY,EAAE,MAAAA,CAAOnC,CAAC,EAAE;QAAEc,EAAE;QAAEmB;MAAK,CAAC,EAAEhC,OAAO,KAAK;QAC9C,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACqC,MAAM,CAACtB,EAAE,EAAEmB,IAAI,CAAC;QAC9C,CAAC,CAAC;MACN,CAAC;MACDI,YAAY,EAAE,MAAAA,CAAOrC,CAAC,EAAE;QAAEc;MAAG,CAAC,EAAEb,OAAO,KAAK;QACxC,OAAO,IAAAc,gBAAO,EAAC,MAAM;UACjB,IAAAC,0CAAoB,EAACf,OAAO,CAAC;UAC7B,OAAOA,OAAO,CAACC,GAAG,CAACH,MAAM,CAACuC,MAAM,CAACxB,EAAE,CAAC;QACxC,CAAC,CAAC;MACN;IACJ;EACJ;AACJ,CAAC,CAAC","ignoreList":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@webiny/api-aco",
3
- "version": "5.42.1",
3
+ "version": "5.42.2-beta.0",
4
4
  "main": "index.js",
5
5
  "keywords": [
6
6
  "aco:base"
@@ -22,37 +22,37 @@
22
22
  "directory": "dist"
23
23
  },
24
24
  "dependencies": {
25
- "@webiny/api": "5.42.1",
26
- "@webiny/api-authentication": "5.42.1",
27
- "@webiny/api-headless-cms": "5.42.1",
28
- "@webiny/api-i18n": "5.42.1",
29
- "@webiny/api-security": "5.42.1",
30
- "@webiny/api-tenancy": "5.42.1",
31
- "@webiny/error": "5.42.1",
32
- "@webiny/handler": "5.42.1",
33
- "@webiny/handler-graphql": "5.42.1",
34
- "@webiny/pubsub": "5.42.1",
35
- "@webiny/utils": "5.42.1",
36
- "@webiny/validation": "5.42.1",
25
+ "@webiny/api": "5.42.2-beta.0",
26
+ "@webiny/api-authentication": "5.42.2-beta.0",
27
+ "@webiny/api-headless-cms": "5.42.2-beta.0",
28
+ "@webiny/api-i18n": "5.42.2-beta.0",
29
+ "@webiny/api-security": "5.42.2-beta.0",
30
+ "@webiny/api-tenancy": "5.42.2-beta.0",
31
+ "@webiny/error": "5.42.2-beta.0",
32
+ "@webiny/handler": "5.42.2-beta.0",
33
+ "@webiny/handler-graphql": "5.42.2-beta.0",
34
+ "@webiny/pubsub": "5.42.2-beta.0",
35
+ "@webiny/utils": "5.42.2-beta.0",
36
+ "@webiny/validation": "5.42.2-beta.0",
37
37
  "lodash": "4.17.21"
38
38
  },
39
39
  "devDependencies": {
40
- "@webiny/api-admin-users": "5.42.1",
41
- "@webiny/api-file-manager": "5.42.1",
42
- "@webiny/api-i18n-ddb": "5.42.1",
43
- "@webiny/api-security-so-ddb": "5.42.1",
44
- "@webiny/api-tenancy-so-ddb": "5.42.1",
45
- "@webiny/api-wcp": "5.42.1",
46
- "@webiny/cli": "5.42.1",
47
- "@webiny/handler-aws": "5.42.1",
48
- "@webiny/plugins": "5.42.1",
49
- "@webiny/project-utils": "5.42.1",
50
- "@webiny/wcp": "5.42.1",
40
+ "@webiny/api-admin-users": "5.42.2-beta.0",
41
+ "@webiny/api-file-manager": "5.42.2-beta.0",
42
+ "@webiny/api-i18n-ddb": "5.42.2-beta.0",
43
+ "@webiny/api-security-so-ddb": "5.42.2-beta.0",
44
+ "@webiny/api-tenancy-so-ddb": "5.42.2-beta.0",
45
+ "@webiny/api-wcp": "5.42.2-beta.0",
46
+ "@webiny/cli": "5.42.2-beta.0",
47
+ "@webiny/handler-aws": "5.42.2-beta.0",
48
+ "@webiny/plugins": "5.42.2-beta.0",
49
+ "@webiny/project-utils": "5.42.2-beta.0",
50
+ "@webiny/wcp": "5.42.2-beta.0",
51
51
  "graphql": "15.9.0",
52
52
  "prettier": "2.8.8",
53
53
  "rimraf": "6.0.1",
54
54
  "ttypescript": "1.5.15",
55
55
  "typescript": "4.9.5"
56
56
  },
57
- "gitHead": "f48143ded4859e333305e30d91b6e9df6692a9bf"
57
+ "gitHead": "e44791ee3279f9c24aef1a6500b5c6eb5357b30d"
58
58
  }
package/utils/FolderLevelPermissions.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import { Authentication } from "@webiny/api-authentication/types";
2
2
  import { SecurityPermission, Team } from "@webiny/api-security/types";
3
- import { Folder } from "../folder/folder.types";
3
+ import { Folder, ListFoldersParams } from "../folder/folder.types";
4
+ import { ListMeta } from "../types";
4
5
  export type FolderAccessLevel = "owner" | "viewer" | "editor" | "public";
5
6
  export interface FolderPermission {
6
7
  target: string;
@@ -36,7 +37,7 @@ export interface FolderLevelPermissionsParams {
36
37
  getIdentity: Authentication["getIdentity"];
37
38
  listIdentityTeams: () => Promise<Team[]>;
38
39
  listPermissions: () => Promise<SecurityPermission[]>;
39
- listAllFolders: (folderType: string) => Promise<Folder[]>;
40
+ listAllFolders: (params: ListFoldersParams) => Promise<[Folder[], ListMeta]>;
40
41
  canUseTeams: () => boolean;
41
42
  canUseFolderLevelPermissions: () => boolean;
42
43
  isAuthorizationEnabled: () => boolean;
@@ -46,17 +47,17 @@ export declare class FolderLevelPermissions {
46
47
  private readonly getIdentity;
47
48
  private readonly listIdentityTeams;
48
49
  private readonly listPermissions;
49
- private readonly listAllFoldersCallback;
50
50
  private readonly canUseTeams;
51
51
  private readonly isAuthorizationEnabled;
52
- private allFolders;
53
52
  private foldersPermissionsLists;
53
+ private foldersLoader;
54
54
  constructor(params: FolderLevelPermissionsParams);
55
55
  listAllFolders(folderType: string): Promise<Folder[]>;
56
56
  listAllFoldersWithPermissions(folderType: string): Promise<Folder[]>;
57
57
  invalidateFoldersCache(folderType?: string): void;
58
58
  invalidateFoldersPermissionsListCache(folderType?: string): void;
59
- updateFoldersCache(folderType: string, modifier: (folders: Folder[]) => Folder[]): void;
59
+ addFolderToCache(folderType: string, folder: Folder): void;
60
+ updateFoldersCache(folderType: string, modifier: (folder: Folder) => Folder): void;
60
61
  listFoldersPermissions(params: ListFolderPermissionsParams): Promise<FolderPermissionsList>;
61
62
  getFolderPermissions(params: GetFolderPermissionsParams): Promise<FolderPermissionsListItem | undefined>;
62
63
  canAccessFolder(params: CanAccessFolderParams): Promise<boolean>;
package/utils/FolderLevelPermissions.js CHANGED
@@ -5,14 +5,14 @@ Object.defineProperty(exports, "__esModule", {
5
5
  });
6
6
  exports.FolderLevelPermissions = void 0;
7
7
  var _apiSecurity = require("@webiny/api-security");
8
+ var _ListFoldersRepository = require("./ListFoldersRepository");
9
+ var _FoldersCacheFactory = require("./FoldersCacheFactory");
8
10
  class FolderLevelPermissions {
9
- allFolders = {};
10
11
  foldersPermissionsLists = {};
11
12
  constructor(params) {
12
13
  this.getIdentity = params.getIdentity;
13
14
  this.listIdentityTeams = params.listIdentityTeams;
14
15
  this.listPermissions = params.listPermissions;
15
- this.listAllFoldersCallback = params.listAllFolders;
16
16
  this.canUseTeams = params.canUseTeams;
17
17
  this.canUseFolderLevelPermissions = () => {
18
18
  const identity = this.getIdentity();
@@ -31,13 +31,16 @@ class FolderLevelPermissions {
31
31
  return params.canUseFolderLevelPermissions();
32
32
  };
33
33
  this.isAuthorizationEnabled = params.isAuthorizationEnabled;
34
+
35
+ // Delete the cache on constructor to avoid duplicated permissions lists,
36
+ // especially when calculating permissions based on folder parents.
37
+ _FoldersCacheFactory.folderCacheFactory.deleteCache();
38
+ this.foldersLoader = new _ListFoldersRepository.ListFoldersRepository({
39
+ gateway: params.listAllFolders
40
+ });
34
41
  }
35
42
  async listAllFolders(folderType) {
36
- if (folderType in this.allFolders) {
37
- return structuredClone(this.allFolders[folderType]);
38
- }
39
- this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);
40
- return structuredClone(this.allFolders[folderType]);
43
+ return await this.foldersLoader.execute(folderType);
41
44
  }
42
45
  async listAllFoldersWithPermissions(folderType) {
43
46
  const folders = await this.listAllFolders(folderType);
@@ -52,11 +55,9 @@ class FolderLevelPermissions {
52
55
  }
53
56
  invalidateFoldersCache(folderType) {
54
57
  if (folderType) {
55
- if (folderType in this.allFolders) {
56
- delete this.allFolders[folderType];
57
- }
58
+ _FoldersCacheFactory.folderCacheFactory.getCache(folderType).clear();
58
59
  } else {
59
- this.allFolders = {};
60
+ _FoldersCacheFactory.folderCacheFactory.deleteCache();
60
61
  }
61
62
  }
62
63
  invalidateFoldersPermissionsListCache(folderType) {
@@ -65,12 +66,14 @@ class FolderLevelPermissions {
65
66
  delete this.foldersPermissionsLists[folderType];
66
67
  }
67
68
  } else {
68
- this.allFolders = {};
69
+ _FoldersCacheFactory.folderCacheFactory.deleteCache();
69
70
  }
70
71
  }
72
+ addFolderToCache(folderType, folder) {
73
+ _FoldersCacheFactory.folderCacheFactory.getCache(folderType).addItems([folder]);
74
+ }
71
75
  updateFoldersCache(folderType, modifier) {
72
- const foldersClone = structuredClone(this.allFolders[folderType]) || [];
73
- this.allFolders[folderType] = modifier(foldersClone);
76
+ _FoldersCacheFactory.folderCacheFactory.getCache(folderType).updateItems(modifier);
74
77
  }
75
78
  async listFoldersPermissions(params) {
76
79
  const existingFoldersPermissionsList = this.foldersPermissionsLists[params.folderType];
package/utils/FolderLevelPermissions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"names":["_apiSecurity","require","FolderLevelPermissions","allFolders","foldersPermissionsLists","constructor","params","getIdentity","listIdentityTeams","listPermissions","listAllFoldersCallback","listAllFolders","canUseTeams","canUseFolderLevelPermissions","identity","type","isAuthorizationEnabled","folderType","structuredClone","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateFoldersCache","invalidateFoldersPermissionsListCache","updateFoldersCache","modifier","foldersClone","listFoldersPermissions","existingFoldersPermissionsList","Promise","resolve","foldersList","permissions","identityTeams","processedFolderPermissions","processFolderPermissions","folder","some","fp","folderId","id","currentFolderPermissions","map","permission","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","hasFullAccess","name","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","accessInheritedFrom","identityTeam","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","canAccessFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n listIdentityTeams: () => Promise<Team[]>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (folderType: string) => Promise<Folder[]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n isAuthorizationEnabled: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n canUseFolderLevelPermissions: () => boolean;\n\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly listIdentityTeams: () => Promise<Team[]>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly listAllFoldersCallback: (folderType: string) => Promise<Folder[]>;\n private readonly canUseTeams: () => boolean;\n private readonly isAuthorizationEnabled: () => boolean;\n private allFolders: Record<string, Folder[]> = {};\n private foldersPermissionsLists: Record<string, Promise<FolderPermissionsList> | null> = {};\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.listIdentityTeams = params.listIdentityTeams;\n this.listPermissions = params.listPermissions;\n this.listAllFoldersCallback = params.listAllFolders;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = () => {\n const identity = this.getIdentity();\n\n // FLPs only work with authenticated identities (logged-in users).\n if (!identity) {\n return false;\n }\n\n // At the moment, we only want FLP to be used with identities of type \"admin\".\n // This temporarily addresses the issue of API keys not being able to access content, because\n // FLPs doesn't work with them. Once we start adding FLPs to API keys, we can remove this check.\n if (identity.type !== \"admin\") {\n return false;\n }\n\n return params.canUseFolderLevelPermissions();\n };\n\n this.isAuthorizationEnabled = params.isAuthorizationEnabled;\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n if (folderType in this.allFolders) {\n return structuredClone(this.allFolders[folderType]);\n }\n\n this.allFolders[folderType] = await this.listAllFoldersCallback(folderType);\n return structuredClone(this.allFolders[folderType]);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateFoldersCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.allFolders) {\n delete this.allFolders[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n invalidateFoldersPermissionsListCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.foldersPermissionsLists) {\n delete this.foldersPermissionsLists[folderType];\n }\n } else {\n this.allFolders = {};\n }\n }\n\n updateFoldersCache(folderType: string, modifier: (folders: Folder[]) => Folder[]) {\n const foldersClone = structuredClone(this.allFolders[folderType]) || [];\n this.allFolders[folderType] = modifier(foldersClone);\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n const existingFoldersPermissionsList = this.foldersPermissionsLists[params.folderType];\n if (existingFoldersPermissionsList) {\n return existingFoldersPermissionsList;\n }\n\n this.foldersPermissionsLists[params.folderType] = new Promise(async resolve => {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n resolve([]);\n return;\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeams: Team[];\n if (this.canUseTeams()) {\n identityTeams = await this.listIdentityTeams();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" +\n processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions =\n currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n\n if (currentIdentityIncludedInPermissions) {\n // 1. Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] =\n currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n\n // 2. We must ensure current identity has the \"owner\" level if they possess full access\n // based on security permissions. This protects us from non-full-access users restricting\n // access to full-access users. This should not happen. Full-access users should always\n // be in control of the permissions for a folder.\n if (hasFullAccess) {\n const accessInheritedFrom =\n currentFolderPermissions.permissions[0].inheritedFrom;\n\n // Why are we checking for non-existence of `accessInheritedFrom`?\n // Because if it doesn't exist, it means the permission is not inherited from\n // a parent folder, which means it's a direct permission set on the folder.\n // In this case, we must ensure the permission is set to \"owner\".\n if (!accessInheritedFrom) {\n currentFolderPermissions.permissions[0] = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n }\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeams.length) {\n // 2. Check the teams user belongs to and that grant access to the folder.\n for (const identityTeam of identityTeams) {\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n resolve(processedFolderPermissions);\n return;\n //return processedFolderPermissions;\n });\n\n return this.foldersPermissionsLists[params.folderType]!;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n if (!this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AAoDO,MAAMC,sBAAsB,CAAC;EASxBC,UAAU,GAA6B,CAAC,CAAC;EACzCC,uBAAuB,GAA0D,CAAC,CAAC;EAE3FC,WAAWA,CAACC,MAAoC,EAAE;IAC9C,IAAI,CAACC,WAAW,GAAGD,MAAM,CAACC,WAAW;IACrC,IAAI,CAACC,iBAAiB,GAAGF,MAAM,CAACE,iBAAiB;IACjD,IAAI,CAACC,eAAe,GAAGH,MAAM,CAACG,eAAe;IAC7C,IAAI,CAACC,sBAAsB,GAAGJ,MAAM,CAACK,cAAc;IACnD,IAAI,CAACC,WAAW,GAAGN,MAAM,CAACM,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAG,MAAM;MACtC,MAAMC,QAAQ,GAAG,IAAI,CAACP,WAAW,CAAC,CAAC;;MAEnC;MACA,IAAI,CAACO,QAAQ,EAAE;QACX,OAAO,KAAK;MAChB;;MAEA;MACA;MACA;MACA,IAAIA,QAAQ,CAACC,IAAI,KAAK,OAAO,EAAE;QAC3B,OAAO,KAAK;MAChB;MAEA,OAAOT,MAAM,CAACO,4BAA4B,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,CAACG,sBAAsB,GAAGV,MAAM,CAACU,sBAAsB;EAC/D;EAEA,MAAML,cAAcA,CAACM,UAAkB,EAAqB;IACxD,IAAIA,UAAU,IAAI,IAAI,CAACd,UAAU,EAAE;MAC/B,OAAOe,eAAe,CAAC,IAAI,CAACf,UAAU,CAACc,UAAU,CAAC,CAAC;IACvD;IAEA,IAAI,CAACd,UAAU,CAACc,UAAU,CAAC,GAAG,MAAM,IAAI,CAACP,sBAAsB,CAACO,UAAU,CAAC;IAC3E,OAAOC,eAAe,CAAC,IAAI,CAACf,UAAU,CAACc,UAAU,CAAC,CAAC;EACvD;EAEA,MAAME,6BAA6BA,CAACF,UAAkB,EAAE;IACpD,MAAMG,OAAO,GAAG,MAAM,IAAI,CAACT,cAAc,CAACM,UAAU,CAAC;;IAErD;IACA,MAAMI,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,sBAAsBA,CAACR,UAAmB,EAAE;IACxC,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACd,UAAU,EAAE;QAC/B,OAAO,IAAI,CAACA,UAAU,CAACc,UAAU,CAAC;MACtC;IACJ,CAAC,MAAM;MACH,IAAI,CAACd,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEAuB,qCAAqCA,CAACT,UAAmB,EAAE;IACvD,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACb,uBAAuB,EAAE;QAC5C,OAAO,IAAI,CAACA,uBAAuB,CAACa,UAAU,CAAC;MACnD;IACJ,CAAC,MAAM;MACH,IAAI,CAACd,UAAU,GAAG,CAAC,CAAC;IACxB;EACJ;EAEAwB,kBAAkBA,CAACV,UAAkB,EAAEW,QAAyC,EAAE;IAC9E,MAAMC,YAAY,GAAGX,eAAe,CAAC,IAAI,CAACf,UAAU,CAACc,UAAU,CAAC,CAAC,IAAI,EAAE;IACvE,IAAI,CAACd,UAAU,CAACc,UAAU,CAAC,GAAGW,QAAQ,CAACC,YAAY,CAAC;EACxD;EAEA,MAAMC,sBAAsBA,CACxBxB,MAAmC,EACL;IAC9B,MAAMyB,8BAA8B,GAAG,IAAI,CAAC3B,uBAAuB,CAACE,MAAM,CAACW,UAAU,CAAC;IACtF,IAAIc,8BAA8B,EAAE;MAChC,OAAOA,8BAA8B;IACzC;IAEA,IAAI,CAAC3B,uBAAuB,CAACE,MAAM,CAACW,UAAU,CAAC,GAAG,IAAIe,OAAO,CAAC,MAAMC,OAAO,IAAI;MAC3E,IAAI,CAAC,IAAI,CAACpB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;QACxEiB,OAAO,CAAC,EAAE,CAAC;QACX;MACJ;MAEA,MAAM;QAAEhB,UAAU;QAAEiB;MAAY,CAAC,GAAG5B,MAAM;MAE1C,MAAMH,UAAU,GAAG+B,WAAW,KAAK,MAAM,IAAI,CAACvB,cAAc,CAACM,UAAU,CAAC,CAAC;MACzE,MAAMH,QAAQ,GAAG,IAAI,CAACP,WAAW,CAAC,CAAC;MACnC,MAAM4B,WAAW,GAAG,MAAM,IAAI,CAAC1B,eAAe,CAAC,CAAC;MAEhD,IAAI2B,aAAqB;MACzB,IAAI,IAAI,CAACxB,WAAW,CAAC,CAAC,EAAE;QACpBwB,aAAa,GAAG,MAAM,IAAI,CAAC5B,iBAAiB,CAAC,CAAC;MAClD;MAEA,MAAM6B,0BAAuD,GAAG,EAAE;MAElE,MAAMC,wBAAwB,GAAIC,MAAc,IAAK;QACjD,IAAIF,0BAA0B,CAACG,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC,EAAE;UAClE;QACJ;;QAEA;QACA,MAAMC,wBAAmD,GAAG;UACxDF,QAAQ,EAAEH,MAAM,CAACI,EAAE;UACnB;UACAR,WAAW,EAAEI,MAAM,CAACJ,WAAW,EAAEU,GAAG,CAACC,UAAU,KAAK;YAAE,GAAGA;UAAW,CAAC,CAAC,CAAC,IAAI;QAC/E,CAAC;;QAED;QACA,IAAIP,MAAM,CAACQ,QAAQ,EAAE;UACjB,MAAMC,YAAY,GAAG7C,UAAU,CAAE8C,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACP,EAAE,KAAKJ,MAAM,CAACQ,QAAQ,CAAE;UACrE,IAAIC,YAAY,EAAE;YACd;YACA,IAAIG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAClER,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKM,YAAY,CAACL,EACvC,CAAC;;YAED;YACA,IAAI,CAACQ,gCAAgC,EAAE;cACnCb,wBAAwB,CAACU,YAAY,CAAC;cACtCG,gCAAgC,GAAGd,0BAA0B,CAACY,IAAI,CAC9DR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACQ,QACjC,CAAC;YACL;;YAEA;YACA,IAAII,gCAAgC,EAAE;cAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAAChB,WAAW,CAACK,IAAI,CAC7Ca,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;cAEL;cACA;cACA;cACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBR,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;cAErD,IAAID,WAAW,EAAE;gBACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAAChB,WAAW,CAACU,GAAG,CAACQ,CAAC,IAAI;kBAClD,OAAO;oBACH,GAAGA,CAAC;oBACJK,aAAa,EACT,SAAS,GACTP,gCAAgC,CAAET;kBAC1C,CAAC;gBACL,CAAC,CAAC;gBAENE,wBAAwB,CAACT,WAAW,CAACwB,IAAI,CAAC,GAAGF,oBAAoB,CAAC;cACtE;YACJ;UACJ;QACJ;;QAEA;QACA;QACA;QACA,MAAMG,oCAAoC,GACtChB,wBAAwB,CAACT,WAAW,CAACK,IAAI,CACrCa,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,SAAS/C,QAAQ,CAAC6B,EAAE,EAC1C,CAAC;QAEL,MAAMmB,aAAa,GAAG3B,WAAW,CAACK,IAAI,CAACa,CAAC,IAAIA,CAAC,CAACU,IAAI,KAAK,GAAG,CAAC;QAE3D,IAAIH,oCAAoC,EAAE;UACtC;UACA,MAAMI,8BAA8B,GAChCpB,wBAAwB,CAACT,WAAW,CAAC8B,SAAS,CAC1CZ,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,SAAS/C,QAAQ,CAAC6B,EAAE,EAC1C,CAAC;UAEL,IAAIqB,8BAA8B,GAAG,CAAC,EAAE;YACpC,MAAM,CAACE,yBAAyB,CAAC,GAC7BtB,wBAAwB,CAACT,WAAW,CAACgC,MAAM,CACvCH,8BAA8B,EAC9B,CACJ,CAAC;YACLpB,wBAAwB,CAACT,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;;UAEA;UACA;UACA;UACA;UACA,IAAIJ,aAAa,EAAE;YACf,MAAMO,mBAAmB,GACrBzB,wBAAwB,CAACT,WAAW,CAAC,CAAC,CAAC,CAACuB,aAAa;;YAEzD;YACA;YACA;YACA;YACA,IAAI,CAACW,mBAAmB,EAAE;cACtBzB,wBAAwB,CAACT,WAAW,CAAC,CAAC,CAAC,GAAG;gBACtC0B,MAAM,EAAE,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;gBAC9BW,KAAK,EAAE,OAAO;gBACdI,aAAa,EAAE;cACnB,CAAC;YACL;UACJ;QACJ,CAAC,MAAM;UACH;UACA,IAAIQ,yBAAkD,GAAG,IAAI;;UAE7D;UACA,IAAIJ,aAAa,EAAE;YACfI,yBAAyB,GAAG;cACxBL,MAAM,EAAE,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;cAC9BW,KAAK,EAAE,OAAO;cACdI,aAAa,EAAE;YACnB,CAAC;UACL,CAAC,MAAM,IAAItB,aAAa,CAACoB,MAAM,EAAE;YAC7B;YACA,KAAK,MAAMc,YAAY,IAAIlC,aAAa,EAAE;cACtC,MAAMmC,cAAc,GAAG3B,wBAAwB,CAACT,WAAW,CAACc,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,QAAQS,YAAY,CAAE3B,EAAE,EAC9C,CAAC;cAED,IAAI4B,cAAc,EAAE;gBAChBL,yBAAyB,GAAG;kBACxBL,MAAM,EAAE,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;kBAC9BW,KAAK,EAAEiB,cAAc,CAACjB,KAAK;kBAC3BI,aAAa,EAAE,OAAO,GAAGY,YAAY,CAAE3B;gBAC3C,CAAC;cACL;YACJ;UACJ;UAEA,IAAIuB,yBAAyB,EAAE;YAC3B;YACA;YACAtB,wBAAwB,CAACT,WAAW,CAACiC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;QACJ;;QAEA;QACA;QACA,MAAMM,uBAAuB,GAAG5B,wBAAwB,CAACT,WAAW,CAACqB,MAAM,KAAK,CAAC;QACjF,IAAIgB,uBAAuB,EAAE;UACzB5B,wBAAwB,CAACT,WAAW,GAAG,CACnC;YACI0B,MAAM,EAAE,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;YAC9BW,KAAK,EAAE,QAAQ;YACfI,aAAa,EAAE;UACnB,CAAC,CACJ;QACL;QAEArB,0BAA0B,CAACsB,IAAI,CAACf,wBAAwB,CAAC;MAC7D,CAAC;MAED,KAAK,IAAI6B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGtE,UAAU,CAAEqD,MAAM,EAAEiB,CAAC,EAAE,EAAE;QACzC,MAAMlC,MAAM,GAAGpC,UAAU,CAAEsE,CAAC,CAAC;QAC7BnC,wBAAwB,CAACC,MAAM,CAAC;MACpC;MAEAN,OAAO,CAACI,0BAA0B,CAAC;MACnC;MACA;IACJ,CAAC,CAAC;IAEF,OAAO,IAAI,CAACjC,uBAAuB,CAACE,MAAM,CAACW,UAAU,CAAC;EAC1D;EAEA,MAAMyD,oBAAoBA,CACtBpE,MAAkC,EACY;IAC9C,MAAM;MAAEiC,MAAM;MAAEL;IAAY,CAAC,GAAG5B,MAAM;IACtC,MAAMqE,qBAAqB,GAAG,MAAM,IAAI,CAAC7C,sBAAsB,CAAC;MAC5Db,UAAU,EAAEsB,MAAM,CAACxB,IAAI;MACvBmB;IACJ,CAAC,CAAC;IAEF,OAAOyC,qBAAqB,CAAC1B,IAAI,CAACR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKH,MAAM,CAACI,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAACtE,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEuB;IAAO,CAAC,GAAGjC,MAAM;IAEzB,MAAMuE,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;MACtDnC,MAAM;MACNL,WAAW,EAAE5B,MAAM,CAAC4B;IACxB,CAAC,CAAC;IAEF,MAAMpB,QAAQ,GAAG,IAAI,CAACP,WAAW,CAAC,CAAC;IACnC,MAAM2D,yBAAyB,GAAGW,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAK,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEZ;IAAM,CAAC,GAAGY,yBAAyB;IAE3C,IAAI5D,MAAM,CAACwE,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAIhD,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAO+B,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAACzE,MAA6B,EAAE;IACvD,MAAMsE,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAACtE,MAAM,CAAC;IAC1D,IAAI,CAACsE,eAAe,EAAE;MAClB,MAAM,IAAII,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAAC1C,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAAC1B,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MAChC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAAC4D,eAAe,CAAC;MAAErC,MAAM;MAAEhB,GAAG,EAAE,GAAG;MAAEuD,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAAC3C,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAAC1B,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAAC4D,eAAe,CAAC;MAAErC,MAAM;MAAEhB,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEA4D,sBAAsBA,CAAC5C,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAAC1B,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACoE,sBAAsB,CAAC;MAAE7C,MAAM;MAAEhB,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAM6D,sBAAsBA,CAAC9E,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACO,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEuB,MAAM;MAAEL;IAAY,CAAC,GAAG5B,MAAM;IAEtC,MAAMuE,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;MACtDnC,MAAM;MACNL;IACJ,CAAC,CAAC;IAEF,MAAMpB,QAAQ,GAAG,IAAI,CAACP,WAAW,CAAC,CAAC;IACnC,MAAM2D,yBAAyB,GAAGW,iBAAiB,EAAE1C,WAAW,CAACc,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAK,SAAS/C,QAAQ,CAAC6B,EAAE,EAAE;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAI5D,MAAM,CAACiB,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAE+B;MAAM,CAAC,GAAGY,yBAAyB;MAC3C,OAAOZ,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAAC/E,MAAoC,EAAE;IACrE,MAAM8E,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAAC9E,MAAM,CAAC;IACxE,IAAI,CAAC8E,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAMhE,aAAaA,CAAChB,MAA2B,EAAE;IAC7C,MAAMiF,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAEnE,OAAO;MAAEG;IAAI,CAAC,GAAGjB,MAAM;IAC/B,KAAK,IAAImE,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGrD,OAAO,CAACoC,MAAM,EAAEiB,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGnB,OAAO,CAACqD,CAAC,CAAC;MACzB,MAAMG,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAErC,MAAM;QAAEhB;MAAI,CAAC,CAAC;MACnE,IAAIqD,eAAe,EAAE;QACjBW,eAAe,CAAC5B,IAAI,CAACpB,MAAM,CAAC;MAChC;IACJ;IAEA,OAAOgD,eAAe;EAC1B;EAEA,MAAM/D,uBAAuBA,CAACe,MAAyB,EAAE;IACrD,MAAMnB,OAAO,GAAGoE,KAAK,CAACC,OAAO,CAAClD,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIkC,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGrD,OAAO,CAACoC,MAAM,EAAEiB,CAAC,EAAE,EAAE;MACrC,MAAMlC,MAAM,GAAGnB,OAAO,CAACqD,CAAC,CAAC;MACzB,MAAMI,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;QAAEnC;MAAO,CAAC,CAAC;MACrE,IAAIsC,iBAAiB,EAAE;QACnBtC,MAAM,CAACJ,WAAW,GAAG0C,iBAAiB,CAAC1C,WAAW;MACtD,CAAC,MAAM;QACHI,MAAM,CAACJ,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAuD,yCAAyCA,CAACf,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,EAAEnC,IAAI,CAACa,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAAzF,sBAAA,GAAAA,sBAAA","ignoreList":[]}
1
+ {"version":3,"names":["_apiSecurity","require","_ListFoldersRepository","_FoldersCacheFactory","FolderLevelPermissions","foldersPermissionsLists","constructor","params","getIdentity","listIdentityTeams","listPermissions","canUseTeams","canUseFolderLevelPermissions","identity","type","isAuthorizationEnabled","folderCacheFactory","deleteCache","foldersLoader","ListFoldersRepository","gateway","listAllFolders","folderType","execute","listAllFoldersWithPermissions","folders","filteredFoldersWithPermissions","filterFolders","rwd","assignFolderPermissions","invalidateFoldersCache","getCache","clear","invalidateFoldersPermissionsListCache","addFolderToCache","folder","addItems","updateFoldersCache","modifier","updateItems","listFoldersPermissions","existingFoldersPermissionsList","Promise","resolve","foldersList","allFolders","permissions","identityTeams","processedFolderPermissions","processFolderPermissions","some","fp","folderId","id","currentFolderPermissions","map","permission","parentId","parentFolder","find","f","processedParentFolderPermissions","isPublicParentFolder","p","level","mustInherit","length","inheritedPermissions","inheritedFrom","push","currentIdentityIncludedInPermissions","target","hasFullAccess","name","currentIdentityPermissionIndex","findIndex","currentIdentityPermission","splice","unshift","accessInheritedFrom","identityTeam","teamPermission","mustAddPublicPermission","i","getFolderPermissions","folderPermissionsList","canAccessFolder","folderPermissions","managePermissions","ensureCanAccessFolder","NotAuthorizedError","canManageFolderPermissions","canManageFolderStructure","canManageFolderContent","canAccessFolderContent","ensureCanAccessFolderContent","canCreateFolderInRoot","filteredFolders","Array","isArray","permissionsIncludeNonInheritedPermissions","exports"],"sources":["FolderLevelPermissions.ts"],"sourcesContent":["import { Authentication } from \"@webiny/api-authentication/types\";\nimport { SecurityPermission, Team } from \"@webiny/api-security/types\";\nimport { Folder, ListFoldersParams } from \"~/folder/folder.types\";\nimport { NotAuthorizedError } from \"@webiny/api-security\";\nimport { ListFoldersRepository } from \"~/utils/ListFoldersRepository\";\nimport { ListMeta } from \"~/types\";\nimport { folderCacheFactory } from \"~/utils/FoldersCacheFactory\";\n\nexport type FolderAccessLevel = \"owner\" | \"viewer\" | \"editor\" | \"public\";\n\nexport interface FolderPermission {\n target: string;\n level: FolderAccessLevel;\n inheritedFrom?: string;\n}\n\nexport interface FolderPermissionsListItem {\n folderId: string;\n permissions: FolderPermission[];\n}\n\nexport type FolderPermissionsList = FolderPermissionsListItem[];\n\nexport interface CanAccessFolderContentParams {\n folder: Pick<Folder, \"id\" | \"type\" | \"parentId\">;\n rwd?: \"r\" | \"w\" | \"d\";\n foldersList?: Folder[];\n}\n\nexport interface CanAccessFolderParams extends CanAccessFolderContentParams {\n managePermissions?: boolean;\n}\n\ninterface FilterFoldersParams {\n folders: Array<Folder>;\n rwd?: \"r\" | \"w\" | \"d\";\n}\n\ninterface GetFolderPermissionsParams {\n folder: Pick<Folder, \"id\" | \"type\">;\n foldersList?: Folder[];\n}\n\ninterface ListFolderPermissionsParams {\n folderType: string;\n foldersList?: Folder[];\n}\n\nexport interface FolderLevelPermissionsParams {\n getIdentity: Authentication[\"getIdentity\"];\n listIdentityTeams: () => Promise<Team[]>;\n listPermissions: () => Promise<SecurityPermission[]>;\n listAllFolders: (params: ListFoldersParams) => Promise<[Folder[], ListMeta]>;\n canUseTeams: () => boolean;\n canUseFolderLevelPermissions: () => boolean;\n isAuthorizationEnabled: () => boolean;\n}\n\nexport class FolderLevelPermissions {\n canUseFolderLevelPermissions: () => boolean;\n\n private readonly getIdentity: Authentication[\"getIdentity\"];\n private readonly listIdentityTeams: () => Promise<Team[]>;\n private readonly listPermissions: () => Promise<SecurityPermission[]>;\n private readonly canUseTeams: () => boolean;\n private readonly isAuthorizationEnabled: () => boolean;\n private foldersPermissionsLists: Record<string, Promise<FolderPermissionsList> | null> = {};\n private foldersLoader: ListFoldersRepository;\n\n constructor(params: FolderLevelPermissionsParams) {\n this.getIdentity = params.getIdentity;\n this.listIdentityTeams = params.listIdentityTeams;\n this.listPermissions = params.listPermissions;\n this.canUseTeams = params.canUseTeams;\n this.canUseFolderLevelPermissions = () => {\n const identity = this.getIdentity();\n\n // FLPs only work with authenticated identities (logged-in users).\n if (!identity) {\n return false;\n }\n\n // At the moment, we only want FLP to be used with identities of type \"admin\".\n // This temporarily addresses the issue of API keys not being able to access content, because\n // FLPs doesn't work with them. Once we start adding FLPs to API keys, we can remove this check.\n if (identity.type !== \"admin\") {\n return false;\n }\n\n return params.canUseFolderLevelPermissions();\n };\n\n this.isAuthorizationEnabled = params.isAuthorizationEnabled;\n\n // Delete the cache on constructor to avoid duplicated permissions lists,\n // especially when calculating permissions based on folder parents.\n folderCacheFactory.deleteCache();\n this.foldersLoader = new ListFoldersRepository({\n gateway: params.listAllFolders\n });\n }\n\n async listAllFolders(folderType: string): Promise<Folder[]> {\n return await this.foldersLoader.execute(folderType);\n }\n\n async listAllFoldersWithPermissions(folderType: string) {\n const folders = await this.listAllFolders(folderType);\n\n // Filter folders based on permissions and assign permissions to each folder.\n const filteredFoldersWithPermissions = await this.filterFolders({\n folders,\n rwd: \"r\"\n });\n\n await this.assignFolderPermissions(filteredFoldersWithPermissions);\n\n return filteredFoldersWithPermissions;\n }\n\n invalidateFoldersCache(folderType?: string) {\n if (folderType) {\n folderCacheFactory.getCache(folderType).clear();\n } else {\n folderCacheFactory.deleteCache();\n }\n }\n\n invalidateFoldersPermissionsListCache(folderType?: string) {\n if (folderType) {\n if (folderType in this.foldersPermissionsLists) {\n delete this.foldersPermissionsLists[folderType];\n }\n } else {\n folderCacheFactory.deleteCache();\n }\n }\n\n addFolderToCache(folderType: string, folder: Folder) {\n folderCacheFactory.getCache(folderType).addItems([folder]);\n }\n\n updateFoldersCache(folderType: string, modifier: (folder: Folder) => Folder) {\n folderCacheFactory.getCache(folderType).updateItems(modifier);\n }\n\n async listFoldersPermissions(\n params: ListFolderPermissionsParams\n ): Promise<FolderPermissionsList> {\n const existingFoldersPermissionsList = this.foldersPermissionsLists[params.folderType];\n if (existingFoldersPermissionsList) {\n return existingFoldersPermissionsList;\n }\n\n this.foldersPermissionsLists[params.folderType] = new Promise(async resolve => {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n resolve([]);\n return;\n }\n\n const { folderType, foldersList } = params;\n\n const allFolders = foldersList || (await this.listAllFolders(folderType));\n const identity = this.getIdentity();\n const permissions = await this.listPermissions();\n\n let identityTeams: Team[];\n if (this.canUseTeams()) {\n identityTeams = await this.listIdentityTeams();\n }\n\n const processedFolderPermissions: FolderPermissionsListItem[] = [];\n\n const processFolderPermissions = (folder: Folder) => {\n if (processedFolderPermissions.some(fp => fp.folderId === folder.id)) {\n return;\n }\n\n // Copy permissions, so we don't modify the original object.\n const currentFolderPermissions: FolderPermissionsListItem = {\n folderId: folder.id,\n // On new folders, permissions can be `null`. Guard against that.\n permissions: folder.permissions?.map(permission => ({ ...permission })) || []\n };\n\n // Check for permissions inherited from parent folder.\n if (folder.parentId) {\n const parentFolder = allFolders!.find(f => f.id === folder.parentId)!;\n if (parentFolder) {\n // First check if the parent folder has already been processed.\n let processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === parentFolder.id\n );\n\n // If not, process the parent folder.\n if (!processedParentFolderPermissions) {\n processFolderPermissions(parentFolder);\n processedParentFolderPermissions = processedFolderPermissions.find(\n fp => fp.folderId === folder.parentId\n );\n }\n\n // If the parent folder has permissions, let's add them to the current folder.\n if (processedParentFolderPermissions) {\n const isPublicParentFolder =\n processedParentFolderPermissions.permissions.some(\n p => p.level === \"public\"\n );\n\n // We inherit parent permissions if:\n // 1. the parent folder is not public or...\n // 2. ...the parent folder is public, but the current folder doesn't have any permissions set\n const mustInherit =\n !isPublicParentFolder ||\n currentFolderPermissions.permissions.length === 0;\n\n if (mustInherit) {\n const inheritedPermissions =\n processedParentFolderPermissions.permissions.map(p => {\n return {\n ...p,\n inheritedFrom:\n \"parent:\" +\n processedParentFolderPermissions!.folderId\n };\n });\n\n currentFolderPermissions.permissions.push(...inheritedPermissions);\n }\n }\n }\n }\n\n // Let's ensure current identity's permission is included in the permissions array.\n // We first check if the current identity is already included in the permissions array.\n // If not, we check if the user has full access or if the team user belongs to has access.\n const currentIdentityIncludedInPermissions =\n currentFolderPermissions.permissions.some(\n p => p.target === `admin:${identity.id}`\n );\n\n const hasFullAccess = permissions.some(p => p.name === \"*\");\n\n if (currentIdentityIncludedInPermissions) {\n // 1. Ensure existing identity permission is always the first one in the array.\n const currentIdentityPermissionIndex =\n currentFolderPermissions.permissions.findIndex(\n p => p.target === `admin:${identity.id}`\n );\n\n if (currentIdentityPermissionIndex > 0) {\n const [currentIdentityPermission] =\n currentFolderPermissions.permissions.splice(\n currentIdentityPermissionIndex,\n 1\n );\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n\n // 2. We must ensure current identity has the \"owner\" level if they possess full access\n // based on security permissions. This protects us from non-full-access users restricting\n // access to full-access users. This should not happen. Full-access users should always\n // be in control of the permissions for a folder.\n if (hasFullAccess) {\n const accessInheritedFrom =\n currentFolderPermissions.permissions[0].inheritedFrom;\n\n // Why are we checking for non-existence of `accessInheritedFrom`?\n // Because if it doesn't exist, it means the permission is not inherited from\n // a parent folder, which means it's a direct permission set on the folder.\n // In this case, we must ensure the permission is set to \"owner\".\n if (!accessInheritedFrom) {\n currentFolderPermissions.permissions[0] = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n }\n }\n } else {\n // Current identity not included in permissions? Let's add it.\n let currentIdentityPermission: FolderPermission | null = null;\n\n // 1. Check if the user has full access.\n if (hasFullAccess) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: \"owner\",\n inheritedFrom: \"role:full-access\"\n };\n } else if (identityTeams.length) {\n // 2. Check the teams user belongs to and that grant access to the folder.\n for (const identityTeam of identityTeams) {\n const teamPermission = currentFolderPermissions.permissions.find(\n p => p.target === `team:${identityTeam!.id}`\n );\n\n if (teamPermission) {\n currentIdentityPermission = {\n target: `admin:${identity.id}`,\n level: teamPermission.level,\n inheritedFrom: \"team:\" + identityTeam!.id\n };\n }\n }\n }\n\n if (currentIdentityPermission) {\n // If permission is found, let's add it to the beginning of the array.\n // We're doing this just because it looks nicer in the UI.\n currentFolderPermissions.permissions.unshift(currentIdentityPermission);\n }\n }\n\n // Note that this can only happen with root folders. All other (child) folders will\n // always have at least one permission (inherited from parent).\n const mustAddPublicPermission = currentFolderPermissions.permissions.length === 0;\n if (mustAddPublicPermission) {\n currentFolderPermissions.permissions = [\n {\n target: `admin:${identity.id}`,\n level: \"public\",\n inheritedFrom: \"public\"\n }\n ];\n }\n\n processedFolderPermissions.push(currentFolderPermissions);\n };\n\n for (let i = 0; i < allFolders!.length; i++) {\n const folder = allFolders![i];\n processFolderPermissions(folder);\n }\n\n resolve(processedFolderPermissions);\n return;\n //return processedFolderPermissions;\n });\n\n return this.foldersPermissionsLists[params.folderType]!;\n }\n\n async getFolderPermissions(\n params: GetFolderPermissionsParams\n ): Promise<FolderPermissionsListItem | undefined> {\n const { folder, foldersList } = params;\n const folderPermissionsList = await this.listFoldersPermissions({\n folderType: folder.type,\n foldersList\n });\n\n return folderPermissionsList.find(fp => fp.folderId === folder.id);\n }\n\n async canAccessFolder(params: CanAccessFolderParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList: params.foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n const { level } = currentIdentityPermission;\n\n if (params.managePermissions) {\n return level === \"owner\";\n }\n\n // Checking for \"write\" or \"delete\" access. Allow only if the\n // user is an owner or the folder is public (no FLP assigned).\n if (params.rwd !== \"r\") {\n return level === \"owner\" || level === \"public\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolder(params: CanAccessFolderParams) {\n const canAccessFolder = await this.canAccessFolder(params);\n if (!canAccessFolder) {\n throw new NotAuthorizedError();\n }\n }\n\n canManageFolderPermissions(folder: Folder) {\n if (!this.canUseFolderLevelPermissions()) {\n return false;\n }\n\n if (!this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\", managePermissions: true });\n }\n\n canManageFolderStructure(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolder({ folder, rwd: \"w\" });\n }\n\n canManageFolderContent(folder: Folder) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n return this.canAccessFolderContent({ folder, rwd: \"w\" });\n }\n\n async canAccessFolderContent(params: CanAccessFolderContentParams) {\n if (!this.canUseFolderLevelPermissions() || !this.isAuthorizationEnabled()) {\n return true;\n }\n\n const { folder, foldersList } = params;\n\n const folderPermissions = await this.getFolderPermissions({\n folder,\n foldersList\n });\n\n const identity = this.getIdentity();\n const currentIdentityPermission = folderPermissions?.permissions.find(p => {\n return p.target === `admin:${identity.id}`;\n });\n\n if (!currentIdentityPermission) {\n return false;\n }\n\n // If the user is not an owner and we're checking for \"write\" or\n // \"delete\" access, then we can immediately return false.\n if (params.rwd !== \"r\") {\n const { level } = currentIdentityPermission;\n return level !== \"viewer\";\n }\n\n return true;\n }\n\n async ensureCanAccessFolderContent(params: CanAccessFolderContentParams) {\n const canAccessFolderContent = await this.canAccessFolderContent(params);\n if (!canAccessFolderContent) {\n throw new NotAuthorizedError();\n }\n }\n\n async canCreateFolderInRoot() {\n return true;\n }\n\n async filterFolders(params: FilterFoldersParams) {\n const filteredFolders: Folder[] = [];\n\n const { folders, rwd } = params;\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const canAccessFolder = await this.canAccessFolder({ folder, rwd });\n if (canAccessFolder) {\n filteredFolders.push(folder);\n }\n }\n\n return filteredFolders;\n }\n\n async assignFolderPermissions(folder: Folder | Folder[]) {\n const folders = Array.isArray(folder) ? folder : [folder];\n\n for (let i = 0; i < folders.length; i++) {\n const folder = folders[i];\n const folderPermissions = await this.getFolderPermissions({ folder });\n if (folderPermissions) {\n folder.permissions = folderPermissions.permissions;\n } else {\n folder.permissions = [];\n }\n }\n }\n\n permissionsIncludeNonInheritedPermissions(folderPermissionsList?: FolderPermission[]) {\n return folderPermissionsList?.some(p => !p.inheritedFrom);\n }\n}\n"],"mappings":";;;;;;AAGA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,sBAAA,GAAAD,OAAA;AAEA,IAAAE,oBAAA,GAAAF,OAAA;AAoDO,MAAMG,sBAAsB,CAAC;EAQxBC,uBAAuB,GAA0D,CAAC,CAAC;EAG3FC,WAAWA,CAACC,MAAoC,EAAE;IAC9C,IAAI,CAACC,WAAW,GAAGD,MAAM,CAACC,WAAW;IACrC,IAAI,CAACC,iBAAiB,GAAGF,MAAM,CAACE,iBAAiB;IACjD,IAAI,CAACC,eAAe,GAAGH,MAAM,CAACG,eAAe;IAC7C,IAAI,CAACC,WAAW,GAAGJ,MAAM,CAACI,WAAW;IACrC,IAAI,CAACC,4BAA4B,GAAG,MAAM;MACtC,MAAMC,QAAQ,GAAG,IAAI,CAACL,WAAW,CAAC,CAAC;;MAEnC;MACA,IAAI,CAACK,QAAQ,EAAE;QACX,OAAO,KAAK;MAChB;;MAEA;MACA;MACA;MACA,IAAIA,QAAQ,CAACC,IAAI,KAAK,OAAO,EAAE;QAC3B,OAAO,KAAK;MAChB;MAEA,OAAOP,MAAM,CAACK,4BAA4B,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,CAACG,sBAAsB,GAAGR,MAAM,CAACQ,sBAAsB;;IAE3D;IACA;IACAC,uCAAkB,CAACC,WAAW,CAAC,CAAC;IAChC,IAAI,CAACC,aAAa,GAAG,IAAIC,4CAAqB,CAAC;MAC3CC,OAAO,EAAEb,MAAM,CAACc;IACpB,CAAC,CAAC;EACN;EAEA,MAAMA,cAAcA,CAACC,UAAkB,EAAqB;IACxD,OAAO,MAAM,IAAI,CAACJ,aAAa,CAACK,OAAO,CAACD,UAAU,CAAC;EACvD;EAEA,MAAME,6BAA6BA,CAACF,UAAkB,EAAE;IACpD,MAAMG,OAAO,GAAG,MAAM,IAAI,CAACJ,cAAc,CAACC,UAAU,CAAC;;IAErD;IACA,MAAMI,8BAA8B,GAAG,MAAM,IAAI,CAACC,aAAa,CAAC;MAC5DF,OAAO;MACPG,GAAG,EAAE;IACT,CAAC,CAAC;IAEF,MAAM,IAAI,CAACC,uBAAuB,CAACH,8BAA8B,CAAC;IAElE,OAAOA,8BAA8B;EACzC;EAEAI,sBAAsBA,CAACR,UAAmB,EAAE;IACxC,IAAIA,UAAU,EAAE;MACZN,uCAAkB,CAACe,QAAQ,CAACT,UAAU,CAAC,CAACU,KAAK,CAAC,CAAC;IACnD,CAAC,MAAM;MACHhB,uCAAkB,CAACC,WAAW,CAAC,CAAC;IACpC;EACJ;EAEAgB,qCAAqCA,CAACX,UAAmB,EAAE;IACvD,IAAIA,UAAU,EAAE;MACZ,IAAIA,UAAU,IAAI,IAAI,CAACjB,uBAAuB,EAAE;QAC5C,OAAO,IAAI,CAACA,uBAAuB,CAACiB,UAAU,CAAC;MACnD;IACJ,CAAC,MAAM;MACHN,uCAAkB,CAACC,WAAW,CAAC,CAAC;IACpC;EACJ;EAEAiB,gBAAgBA,CAACZ,UAAkB,EAAEa,MAAc,EAAE;IACjDnB,uCAAkB,CAACe,QAAQ,CAACT,UAAU,CAAC,CAACc,QAAQ,CAAC,CAACD,MAAM,CAAC,CAAC;EAC9D;EAEAE,kBAAkBA,CAACf,UAAkB,EAAEgB,QAAoC,EAAE;IACzEtB,uCAAkB,CAACe,QAAQ,CAACT,UAAU,CAAC,CAACiB,WAAW,CAACD,QAAQ,CAAC;EACjE;EAEA,MAAME,sBAAsBA,CACxBjC,MAAmC,EACL;IAC9B,MAAMkC,8BAA8B,GAAG,IAAI,CAACpC,uBAAuB,CAACE,MAAM,CAACe,UAAU,CAAC;IACtF,IAAImB,8BAA8B,EAAE;MAChC,OAAOA,8BAA8B;IACzC;IAEA,IAAI,CAACpC,uBAAuB,CAACE,MAAM,CAACe,UAAU,CAAC,GAAG,IAAIoB,OAAO,CAAC,MAAMC,OAAO,IAAI;MAC3E,IAAI,CAAC,IAAI,CAAC/B,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;QACxE4B,OAAO,CAAC,EAAE,CAAC;QACX;MACJ;MAEA,MAAM;QAAErB,UAAU;QAAEsB;MAAY,CAAC,GAAGrC,MAAM;MAE1C,MAAMsC,UAAU,GAAGD,WAAW,KAAK,MAAM,IAAI,CAACvB,cAAc,CAACC,UAAU,CAAC,CAAC;MACzE,MAAMT,QAAQ,GAAG,IAAI,CAACL,WAAW,CAAC,CAAC;MACnC,MAAMsC,WAAW,GAAG,MAAM,IAAI,CAACpC,eAAe,CAAC,CAAC;MAEhD,IAAIqC,aAAqB;MACzB,IAAI,IAAI,CAACpC,WAAW,CAAC,CAAC,EAAE;QACpBoC,aAAa,GAAG,MAAM,IAAI,CAACtC,iBAAiB,CAAC,CAAC;MAClD;MAEA,MAAMuC,0BAAuD,GAAG,EAAE;MAElE,MAAMC,wBAAwB,GAAId,MAAc,IAAK;QACjD,IAAIa,0BAA0B,CAACE,IAAI,CAACC,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKjB,MAAM,CAACkB,EAAE,CAAC,EAAE;UAClE;QACJ;;QAEA;QACA,MAAMC,wBAAmD,GAAG;UACxDF,QAAQ,EAAEjB,MAAM,CAACkB,EAAE;UACnB;UACAP,WAAW,EAAEX,MAAM,CAACW,WAAW,EAAES,GAAG,CAACC,UAAU,KAAK;YAAE,GAAGA;UAAW,CAAC,CAAC,CAAC,IAAI;QAC/E,CAAC;;QAED;QACA,IAAIrB,MAAM,CAACsB,QAAQ,EAAE;UACjB,MAAMC,YAAY,GAAGb,UAAU,CAAEc,IAAI,CAACC,CAAC,IAAIA,CAAC,CAACP,EAAE,KAAKlB,MAAM,CAACsB,QAAQ,CAAE;UACrE,IAAIC,YAAY,EAAE;YACd;YACA,IAAIG,gCAAgC,GAAGb,0BAA0B,CAACW,IAAI,CAClER,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKM,YAAY,CAACL,EACvC,CAAC;;YAED;YACA,IAAI,CAACQ,gCAAgC,EAAE;cACnCZ,wBAAwB,CAACS,YAAY,CAAC;cACtCG,gCAAgC,GAAGb,0BAA0B,CAACW,IAAI,CAC9DR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKjB,MAAM,CAACsB,QACjC,CAAC;YACL;;YAEA;YACA,IAAII,gCAAgC,EAAE;cAClC,MAAMC,oBAAoB,GACtBD,gCAAgC,CAACf,WAAW,CAACI,IAAI,CAC7Ca,CAAC,IAAIA,CAAC,CAACC,KAAK,KAAK,QACrB,CAAC;;cAEL;cACA;cACA;cACA,MAAMC,WAAW,GACb,CAACH,oBAAoB,IACrBR,wBAAwB,CAACR,WAAW,CAACoB,MAAM,KAAK,CAAC;cAErD,IAAID,WAAW,EAAE;gBACb,MAAME,oBAAoB,GACtBN,gCAAgC,CAACf,WAAW,CAACS,GAAG,CAACQ,CAAC,IAAI;kBAClD,OAAO;oBACH,GAAGA,CAAC;oBACJK,aAAa,EACT,SAAS,GACTP,gCAAgC,CAAET;kBAC1C,CAAC;gBACL,CAAC,CAAC;gBAENE,wBAAwB,CAACR,WAAW,CAACuB,IAAI,CAAC,GAAGF,oBAAoB,CAAC;cACtE;YACJ;UACJ;QACJ;;QAEA;QACA;QACA;QACA,MAAMG,oCAAoC,GACtChB,wBAAwB,CAACR,WAAW,CAACI,IAAI,CACrCa,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,SAAS1D,QAAQ,CAACwC,EAAE,EAC1C,CAAC;QAEL,MAAMmB,aAAa,GAAG1B,WAAW,CAACI,IAAI,CAACa,CAAC,IAAIA,CAAC,CAACU,IAAI,KAAK,GAAG,CAAC;QAE3D,IAAIH,oCAAoC,EAAE;UACtC;UACA,MAAMI,8BAA8B,GAChCpB,wBAAwB,CAACR,WAAW,CAAC6B,SAAS,CAC1CZ,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,SAAS1D,QAAQ,CAACwC,EAAE,EAC1C,CAAC;UAEL,IAAIqB,8BAA8B,GAAG,CAAC,EAAE;YACpC,MAAM,CAACE,yBAAyB,CAAC,GAC7BtB,wBAAwB,CAACR,WAAW,CAAC+B,MAAM,CACvCH,8BAA8B,EAC9B,CACJ,CAAC;YACLpB,wBAAwB,CAACR,WAAW,CAACgC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;;UAEA;UACA;UACA;UACA;UACA,IAAIJ,aAAa,EAAE;YACf,MAAMO,mBAAmB,GACrBzB,wBAAwB,CAACR,WAAW,CAAC,CAAC,CAAC,CAACsB,aAAa;;YAEzD;YACA;YACA;YACA;YACA,IAAI,CAACW,mBAAmB,EAAE;cACtBzB,wBAAwB,CAACR,WAAW,CAAC,CAAC,CAAC,GAAG;gBACtCyB,MAAM,EAAE,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;gBAC9BW,KAAK,EAAE,OAAO;gBACdI,aAAa,EAAE;cACnB,CAAC;YACL;UACJ;QACJ,CAAC,MAAM;UACH;UACA,IAAIQ,yBAAkD,GAAG,IAAI;;UAE7D;UACA,IAAIJ,aAAa,EAAE;YACfI,yBAAyB,GAAG;cACxBL,MAAM,EAAE,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;cAC9BW,KAAK,EAAE,OAAO;cACdI,aAAa,EAAE;YACnB,CAAC;UACL,CAAC,MAAM,IAAIrB,aAAa,CAACmB,MAAM,EAAE;YAC7B;YACA,KAAK,MAAMc,YAAY,IAAIjC,aAAa,EAAE;cACtC,MAAMkC,cAAc,GAAG3B,wBAAwB,CAACR,WAAW,CAACa,IAAI,CAC5DI,CAAC,IAAIA,CAAC,CAACQ,MAAM,KAAK,QAAQS,YAAY,CAAE3B,EAAE,EAC9C,CAAC;cAED,IAAI4B,cAAc,EAAE;gBAChBL,yBAAyB,GAAG;kBACxBL,MAAM,EAAE,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;kBAC9BW,KAAK,EAAEiB,cAAc,CAACjB,KAAK;kBAC3BI,aAAa,EAAE,OAAO,GAAGY,YAAY,CAAE3B;gBAC3C,CAAC;cACL;YACJ;UACJ;UAEA,IAAIuB,yBAAyB,EAAE;YAC3B;YACA;YACAtB,wBAAwB,CAACR,WAAW,CAACgC,OAAO,CAACF,yBAAyB,CAAC;UAC3E;QACJ;;QAEA;QACA;QACA,MAAMM,uBAAuB,GAAG5B,wBAAwB,CAACR,WAAW,CAACoB,MAAM,KAAK,CAAC;QACjF,IAAIgB,uBAAuB,EAAE;UACzB5B,wBAAwB,CAACR,WAAW,GAAG,CACnC;YACIyB,MAAM,EAAE,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;YAC9BW,KAAK,EAAE,QAAQ;YACfI,aAAa,EAAE;UACnB,CAAC,CACJ;QACL;QAEApB,0BAA0B,CAACqB,IAAI,CAACf,wBAAwB,CAAC;MAC7D,CAAC;MAED,KAAK,IAAI6B,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAGtC,UAAU,CAAEqB,MAAM,EAAEiB,CAAC,EAAE,EAAE;QACzC,MAAMhD,MAAM,GAAGU,UAAU,CAAEsC,CAAC,CAAC;QAC7BlC,wBAAwB,CAACd,MAAM,CAAC;MACpC;MAEAQ,OAAO,CAACK,0BAA0B,CAAC;MACnC;MACA;IACJ,CAAC,CAAC;IAEF,OAAO,IAAI,CAAC3C,uBAAuB,CAACE,MAAM,CAACe,UAAU,CAAC;EAC1D;EAEA,MAAM8D,oBAAoBA,CACtB7E,MAAkC,EACY;IAC9C,MAAM;MAAE4B,MAAM;MAAES;IAAY,CAAC,GAAGrC,MAAM;IACtC,MAAM8E,qBAAqB,GAAG,MAAM,IAAI,CAAC7C,sBAAsB,CAAC;MAC5DlB,UAAU,EAAEa,MAAM,CAACrB,IAAI;MACvB8B;IACJ,CAAC,CAAC;IAEF,OAAOyC,qBAAqB,CAAC1B,IAAI,CAACR,EAAE,IAAIA,EAAE,CAACC,QAAQ,KAAKjB,MAAM,CAACkB,EAAE,CAAC;EACtE;EAEA,MAAMiC,eAAeA,CAAC/E,MAA6B,EAAE;IACjD,IAAI,CAAC,IAAI,CAACK,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEoB;IAAO,CAAC,GAAG5B,MAAM;IAEzB,MAAMgF,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;MACtDjD,MAAM;MACNS,WAAW,EAAErC,MAAM,CAACqC;IACxB,CAAC,CAAC;IAEF,MAAM/B,QAAQ,GAAG,IAAI,CAACL,WAAW,CAAC,CAAC;IACnC,MAAMoE,yBAAyB,GAAGW,iBAAiB,EAAEzC,WAAW,CAACa,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAK,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;IAEA,MAAM;MAAEZ;IAAM,CAAC,GAAGY,yBAAyB;IAE3C,IAAIrE,MAAM,CAACiF,iBAAiB,EAAE;MAC1B,OAAOxB,KAAK,KAAK,OAAO;IAC5B;;IAEA;IACA;IACA,IAAIzD,MAAM,CAACqB,GAAG,KAAK,GAAG,EAAE;MACpB,OAAOoC,KAAK,KAAK,OAAO,IAAIA,KAAK,KAAK,QAAQ;IAClD;IAEA,OAAO,IAAI;EACf;EAEA,MAAMyB,qBAAqBA,CAAClF,MAA6B,EAAE;IACvD,MAAM+E,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC/E,MAAM,CAAC;IAC1D,IAAI,CAAC+E,eAAe,EAAE;MAClB,MAAM,IAAII,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEAC,0BAA0BA,CAACxD,MAAc,EAAE;IACvC,IAAI,CAAC,IAAI,CAACvB,4BAA4B,CAAC,CAAC,EAAE;MACtC,OAAO,KAAK;IAChB;IAEA,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MAChC,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACuE,eAAe,CAAC;MAAEnD,MAAM;MAAEP,GAAG,EAAE,GAAG;MAAE4D,iBAAiB,EAAE;IAAK,CAAC,CAAC;EAC9E;EAEAI,wBAAwBA,CAACzD,MAAc,EAAE;IACrC,IAAI,CAAC,IAAI,CAACvB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAACuE,eAAe,CAAC;MAAEnD,MAAM;MAAEP,GAAG,EAAE;IAAI,CAAC,CAAC;EACrD;EAEAiE,sBAAsBA,CAAC1D,MAAc,EAAE;IACnC,IAAI,CAAC,IAAI,CAACvB,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,OAAO,IAAI,CAAC+E,sBAAsB,CAAC;MAAE3D,MAAM;MAAEP,GAAG,EAAE;IAAI,CAAC,CAAC;EAC5D;EAEA,MAAMkE,sBAAsBA,CAACvF,MAAoC,EAAE;IAC/D,IAAI,CAAC,IAAI,CAACK,4BAA4B,CAAC,CAAC,IAAI,CAAC,IAAI,CAACG,sBAAsB,CAAC,CAAC,EAAE;MACxE,OAAO,IAAI;IACf;IAEA,MAAM;MAAEoB,MAAM;MAAES;IAAY,CAAC,GAAGrC,MAAM;IAEtC,MAAMgF,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;MACtDjD,MAAM;MACNS;IACJ,CAAC,CAAC;IAEF,MAAM/B,QAAQ,GAAG,IAAI,CAACL,WAAW,CAAC,CAAC;IACnC,MAAMoE,yBAAyB,GAAGW,iBAAiB,EAAEzC,WAAW,CAACa,IAAI,CAACI,CAAC,IAAI;MACvE,OAAOA,CAAC,CAACQ,MAAM,KAAK,SAAS1D,QAAQ,CAACwC,EAAE,EAAE;IAC9C,CAAC,CAAC;IAEF,IAAI,CAACuB,yBAAyB,EAAE;MAC5B,OAAO,KAAK;IAChB;;IAEA;IACA;IACA,IAAIrE,MAAM,CAACqB,GAAG,KAAK,GAAG,EAAE;MACpB,MAAM;QAAEoC;MAAM,CAAC,GAAGY,yBAAyB;MAC3C,OAAOZ,KAAK,KAAK,QAAQ;IAC7B;IAEA,OAAO,IAAI;EACf;EAEA,MAAM+B,4BAA4BA,CAACxF,MAAoC,EAAE;IACrE,MAAMuF,sBAAsB,GAAG,MAAM,IAAI,CAACA,sBAAsB,CAACvF,MAAM,CAAC;IACxE,IAAI,CAACuF,sBAAsB,EAAE;MACzB,MAAM,IAAIJ,+BAAkB,CAAC,CAAC;IAClC;EACJ;EAEA,MAAMM,qBAAqBA,CAAA,EAAG;IAC1B,OAAO,IAAI;EACf;EAEA,MAAMrE,aAAaA,CAACpB,MAA2B,EAAE;IAC7C,MAAM0F,eAAyB,GAAG,EAAE;IAEpC,MAAM;MAAExE,OAAO;MAAEG;IAAI,CAAC,GAAGrB,MAAM;IAC/B,KAAK,IAAI4E,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG1D,OAAO,CAACyC,MAAM,EAAEiB,CAAC,EAAE,EAAE;MACrC,MAAMhD,MAAM,GAAGV,OAAO,CAAC0D,CAAC,CAAC;MACzB,MAAMG,eAAe,GAAG,MAAM,IAAI,CAACA,eAAe,CAAC;QAAEnD,MAAM;QAAEP;MAAI,CAAC,CAAC;MACnE,IAAI0D,eAAe,EAAE;QACjBW,eAAe,CAAC5B,IAAI,CAAClC,MAAM,CAAC;MAChC;IACJ;IAEA,OAAO8D,eAAe;EAC1B;EAEA,MAAMpE,uBAAuBA,CAACM,MAAyB,EAAE;IACrD,MAAMV,OAAO,GAAGyE,KAAK,CAACC,OAAO,CAAChE,MAAM,CAAC,GAAGA,MAAM,GAAG,CAACA,MAAM,CAAC;IAEzD,KAAK,IAAIgD,CAAC,GAAG,CAAC,EAAEA,CAAC,GAAG1D,OAAO,CAACyC,MAAM,EAAEiB,CAAC,EAAE,EAAE;MACrC,MAAMhD,MAAM,GAAGV,OAAO,CAAC0D,CAAC,CAAC;MACzB,MAAMI,iBAAiB,GAAG,MAAM,IAAI,CAACH,oBAAoB,CAAC;QAAEjD;MAAO,CAAC,CAAC;MACrE,IAAIoD,iBAAiB,EAAE;QACnBpD,MAAM,CAACW,WAAW,GAAGyC,iBAAiB,CAACzC,WAAW;MACtD,CAAC,MAAM;QACHX,MAAM,CAACW,WAAW,GAAG,EAAE;MAC3B;IACJ;EACJ;EAEAsD,yCAAyCA,CAACf,qBAA0C,EAAE;IAClF,OAAOA,qBAAqB,EAAEnC,IAAI,CAACa,CAAC,IAAI,CAACA,CAAC,CAACK,aAAa,CAAC;EAC7D;AACJ;AAACiC,OAAA,CAAAjG,sBAAA,GAAAA,sBAAA","ignoreList":[]}
package/utils/FoldersCacheFactory.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ import { Folder } from "../folder/folder.types";
2
+ import { ListCache } from "./ListCache";
3
+ export declare class FoldersCacheFactory {
4
+ private cache;
5
+ hasCache(namespace: string): boolean;
6
+ getCache(namespace: string): ListCache<Folder>;
7
+ deleteCache(): void;
8
+ private getCacheKey;
9
+ }
10
+ export declare const folderCacheFactory: FoldersCacheFactory;
package/utils/FoldersCacheFactory.js ADDED
@@ -0,0 +1,31 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.folderCacheFactory = exports.FoldersCacheFactory = void 0;
7
+ var _ListCache = require("./ListCache");
8
+ class FoldersCacheFactory {
9
+ cache = new Map();
10
+ hasCache(namespace) {
11
+ const cacheKey = this.getCacheKey(namespace);
12
+ return this.cache.has(cacheKey);
13
+ }
14
+ getCache(namespace) {
15
+ const cacheKey = this.getCacheKey(namespace);
16
+ if (!this.cache.has(cacheKey)) {
17
+ this.cache.set(cacheKey, new _ListCache.ListCache());
18
+ }
19
+ return this.cache.get(cacheKey);
20
+ }
21
+ deleteCache() {
22
+ this.cache.clear();
23
+ }
24
+ getCacheKey(namespace) {
25
+ return namespace;
26
+ }
27
+ }
28
+ exports.FoldersCacheFactory = FoldersCacheFactory;
29
+ const folderCacheFactory = exports.folderCacheFactory = new FoldersCacheFactory();
30
+
31
+ //# sourceMappingURL=FoldersCacheFactory.js.map
package/utils/FoldersCacheFactory.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_ListCache","require","FoldersCacheFactory","cache","Map","hasCache","namespace","cacheKey","getCacheKey","has","getCache","set","ListCache","get","deleteCache","clear","exports","folderCacheFactory"],"sources":["FoldersCacheFactory.ts"],"sourcesContent":["import { Folder } from \"~/folder/folder.types\";\nimport { ListCache } from \"~/utils/ListCache\";\n\nexport class FoldersCacheFactory {\n private cache: Map<string, ListCache<Folder>> = new Map();\n\n hasCache(namespace: string) {\n const cacheKey = this.getCacheKey(namespace);\n return this.cache.has(cacheKey);\n }\n\n getCache(namespace: string) {\n const cacheKey = this.getCacheKey(namespace);\n\n if (!this.cache.has(cacheKey)) {\n this.cache.set(cacheKey, new ListCache<Folder>());\n }\n\n return this.cache.get(cacheKey) as ListCache<Folder>;\n }\n\n deleteCache() {\n this.cache.clear();\n }\n\n private getCacheKey(namespace: string) {\n return namespace;\n }\n}\n\nexport const folderCacheFactory = new FoldersCacheFactory();\n"],"mappings":";;;;;;AACA,IAAAA,UAAA,GAAAC,OAAA;AAEO,MAAMC,mBAAmB,CAAC;EACrBC,KAAK,GAAmC,IAAIC,GAAG,CAAC,CAAC;EAEzDC,QAAQA,CAACC,SAAiB,EAAE;IACxB,MAAMC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAACF,SAAS,CAAC;IAC5C,OAAO,IAAI,CAACH,KAAK,CAACM,GAAG,CAACF,QAAQ,CAAC;EACnC;EAEAG,QAAQA,CAACJ,SAAiB,EAAE;IACxB,MAAMC,QAAQ,GAAG,IAAI,CAACC,WAAW,CAACF,SAAS,CAAC;IAE5C,IAAI,CAAC,IAAI,CAACH,KAAK,CAACM,GAAG,CAACF,QAAQ,CAAC,EAAE;MAC3B,IAAI,CAACJ,KAAK,CAACQ,GAAG,CAACJ,QAAQ,EAAE,IAAIK,oBAAS,CAAS,CAAC,CAAC;IACrD;IAEA,OAAO,IAAI,CAACT,KAAK,CAACU,GAAG,CAACN,QAAQ,CAAC;EACnC;EAEAO,WAAWA,CAAA,EAAG;IACV,IAAI,CAACX,KAAK,CAACY,KAAK,CAAC,CAAC;EACtB;EAEQP,WAAWA,CAACF,SAAiB,EAAE;IACnC,OAAOA,SAAS;EACpB;AACJ;AAACU,OAAA,CAAAd,mBAAA,GAAAA,mBAAA;AAEM,MAAMe,kBAAkB,GAAAD,OAAA,CAAAC,kBAAA,GAAG,IAAIf,mBAAmB,CAAC,CAAC","ignoreList":[]}
package/utils/ListCache.d.ts ADDED
@@ -0,0 +1,23 @@
1
+ export type Constructor<T> = new (...args: any[]) => T;
2
+ export interface IListCachePredicate<T> {
3
+ (item: T): boolean;
4
+ }
5
+ export interface IListCacheItemUpdater<T> {
6
+ (item: T): T;
7
+ }
8
+ export interface IListCache<T> {
9
+ clear(): void;
10
+ hasItems(): boolean;
11
+ getItems(): T[];
12
+ addItems(items: T[]): void;
13
+ updateItems(updater: IListCacheItemUpdater<T>): void;
14
+ }
15
+ export declare class ListCache<T> implements IListCache<T> {
16
+ private state;
17
+ constructor();
18
+ clear(): void;
19
+ hasItems(): boolean;
20
+ getItems(): T[];
21
+ addItems(items: T[]): void;
22
+ updateItems(updater: IListCacheItemUpdater<T>): void;
23
+ }
package/utils/ListCache.js ADDED
@@ -0,0 +1,31 @@
1
+ "use strict";
2
+
3
+ var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
4
+ Object.defineProperty(exports, "__esModule", {
5
+ value: true
6
+ });
7
+ exports.ListCache = void 0;
8
+ var _cloneDeep = _interopRequireDefault(require("lodash/cloneDeep"));
9
+ class ListCache {
10
+ constructor() {
11
+ this.state = [];
12
+ }
13
+ clear() {
14
+ this.state = [];
15
+ }
16
+ hasItems() {
17
+ return this.state.length > 0;
18
+ }
19
+ getItems() {
20
+ return (0, _cloneDeep.default)(this.state);
21
+ }
22
+ addItems(items) {
23
+ this.state.push(...items);
24
+ }
25
+ updateItems(updater) {
26
+ this.state = this.state.map(item => updater(item));
27
+ }
28
+ }
29
+ exports.ListCache = ListCache;
30
+
31
+ //# sourceMappingURL=ListCache.js.map
package/utils/ListCache.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_cloneDeep","_interopRequireDefault","require","ListCache","constructor","state","clear","hasItems","length","getItems","cloneDeep","addItems","items","push","updateItems","updater","map","item","exports"],"sources":["ListCache.ts"],"sourcesContent":["import cloneDeep from \"lodash/cloneDeep\";\n\nexport type Constructor<T> = new (...args: any[]) => T;\n\nexport interface IListCachePredicate<T> {\n (item: T): boolean;\n}\n\nexport interface IListCacheItemUpdater<T> {\n (item: T): T;\n}\n\nexport interface IListCache<T> {\n clear(): void;\n hasItems(): boolean;\n getItems(): T[];\n addItems(items: T[]): void;\n updateItems(updater: IListCacheItemUpdater<T>): void;\n}\n\nexport class ListCache<T> implements IListCache<T> {\n private state: T[];\n\n constructor() {\n this.state = [];\n }\n\n clear(): void {\n this.state = [];\n }\n\n hasItems(): boolean {\n return this.state.length > 0;\n }\n\n getItems(): T[] {\n return cloneDeep(this.state);\n }\n\n addItems(items: T[]): void {\n this.state.push(...items);\n }\n\n updateItems(updater: IListCacheItemUpdater<T>): void {\n this.state = this.state.map(item => updater(item));\n }\n}\n"],"mappings":";;;;;;;AAAA,IAAAA,UAAA,GAAAC,sBAAA,CAAAC,OAAA;AAoBO,MAAMC,SAAS,CAA6B;EAG/CC,WAAWA,CAAA,EAAG;IACV,IAAI,CAACC,KAAK,GAAG,EAAE;EACnB;EAEAC,KAAKA,CAAA,EAAS;IACV,IAAI,CAACD,KAAK,GAAG,EAAE;EACnB;EAEAE,QAAQA,CAAA,EAAY;IAChB,OAAO,IAAI,CAACF,KAAK,CAACG,MAAM,GAAG,CAAC;EAChC;EAEAC,QAAQA,CAAA,EAAQ;IACZ,OAAO,IAAAC,kBAAS,EAAC,IAAI,CAACL,KAAK,CAAC;EAChC;EAEAM,QAAQA,CAACC,KAAU,EAAQ;IACvB,IAAI,CAACP,KAAK,CAACQ,IAAI,CAAC,GAAGD,KAAK,CAAC;EAC7B;EAEAE,WAAWA,CAACC,OAAiC,EAAQ;IACjD,IAAI,CAACV,KAAK,GAAG,IAAI,CAACA,KAAK,CAACW,GAAG,CAACC,IAAI,IAAIF,OAAO,CAACE,IAAI,CAAC,CAAC;EACtD;AACJ;AAACC,OAAA,CAAAf,SAAA,GAAAA,SAAA","ignoreList":[]}
package/utils/ListFoldersRepository.d.ts ADDED
@@ -0,0 +1,10 @@
1
+ import { Folder, ListFoldersParams } from "../folder/folder.types";
2
+ import { ListMeta } from "../types";
3
+ export interface ListFoldersRepositoryParams {
4
+ gateway: (params: ListFoldersParams) => Promise<[Folder[], ListMeta]>;
5
+ }
6
+ export declare class ListFoldersRepository {
7
+ private readonly gateway;
8
+ constructor(params: ListFoldersRepositoryParams);
9
+ execute(folderType: string): Promise<Folder[]>;
10
+ }
package/utils/ListFoldersRepository.js ADDED
@@ -0,0 +1,35 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.ListFoldersRepository = void 0;
7
+ var _FoldersCacheFactory = require("./FoldersCacheFactory");
8
+ class ListFoldersRepository {
9
+ constructor(params) {
10
+ this.gateway = params.gateway;
11
+ }
12
+ async execute(folderType) {
13
+ if (_FoldersCacheFactory.folderCacheFactory.hasCache(folderType)) {
14
+ return _FoldersCacheFactory.folderCacheFactory.getCache(folderType).getItems();
15
+ }
16
+ let hasMoreItems = true;
17
+ let cursor = null;
18
+ while (hasMoreItems) {
19
+ const response = await this.gateway({
20
+ where: {
21
+ type: folderType
22
+ },
23
+ after: cursor
24
+ });
25
+ const [folders, meta] = response;
26
+ _FoldersCacheFactory.folderCacheFactory.getCache(folderType).addItems(folders);
27
+ hasMoreItems = meta.hasMoreItems;
28
+ cursor = meta.cursor;
29
+ }
30
+ return _FoldersCacheFactory.folderCacheFactory.getCache(folderType).getItems();
31
+ }
32
+ }
33
+ exports.ListFoldersRepository = ListFoldersRepository;
34
+
35
+ //# sourceMappingURL=ListFoldersRepository.js.map
package/utils/ListFoldersRepository.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_FoldersCacheFactory","require","ListFoldersRepository","constructor","params","gateway","execute","folderType","folderCacheFactory","hasCache","getCache","getItems","hasMoreItems","cursor","response","where","type","after","folders","meta","addItems","exports"],"sources":["ListFoldersRepository.ts"],"sourcesContent":["import { folderCacheFactory } from \"~/utils/FoldersCacheFactory\";\nimport { Folder, ListFoldersParams } from \"~/folder/folder.types\";\nimport { ListMeta } from \"~/types\";\n\nexport interface ListFoldersRepositoryParams {\n gateway: (params: ListFoldersParams) => Promise<[Folder[], ListMeta]>;\n}\n\nexport class ListFoldersRepository {\n private readonly gateway: (params: ListFoldersParams) => Promise<[Folder[], ListMeta]>;\n\n constructor(params: ListFoldersRepositoryParams) {\n this.gateway = params.gateway;\n }\n\n public async execute(folderType: string): Promise<Folder[]> {\n if (folderCacheFactory.hasCache(folderType)) {\n return folderCacheFactory.getCache(folderType).getItems();\n }\n\n let hasMoreItems: ListMeta[\"hasMoreItems\"] = true;\n let cursor: ListMeta[\"cursor\"] = null;\n\n while (hasMoreItems) {\n const response: [Folder[], ListMeta] = await this.gateway({\n where: { type: folderType },\n after: cursor\n });\n\n const [folders, meta] = response;\n\n folderCacheFactory.getCache(folderType).addItems(folders);\n hasMoreItems = meta.hasMoreItems;\n cursor = meta.cursor;\n }\n\n return folderCacheFactory.getCache(folderType).getItems();\n }\n}\n"],"mappings":";;;;;;AAAA,IAAAA,oBAAA,GAAAC,OAAA;AAQO,MAAMC,qBAAqB,CAAC;EAG/BC,WAAWA,CAACC,MAAmC,EAAE;IAC7C,IAAI,CAACC,OAAO,GAAGD,MAAM,CAACC,OAAO;EACjC;EAEA,MAAaC,OAAOA,CAACC,UAAkB,EAAqB;IACxD,IAAIC,uCAAkB,CAACC,QAAQ,CAACF,UAAU,CAAC,EAAE;MACzC,OAAOC,uCAAkB,CAACE,QAAQ,CAACH,UAAU,CAAC,CAACI,QAAQ,CAAC,CAAC;IAC7D;IAEA,IAAIC,YAAsC,GAAG,IAAI;IACjD,IAAIC,MAA0B,GAAG,IAAI;IAErC,OAAOD,YAAY,EAAE;MACjB,MAAME,QAA8B,GAAG,MAAM,IAAI,CAACT,OAAO,CAAC;QACtDU,KAAK,EAAE;UAAEC,IAAI,EAAET;QAAW,CAAC;QAC3BU,KAAK,EAAEJ;MACX,CAAC,CAAC;MAEF,MAAM,CAACK,OAAO,EAAEC,IAAI,CAAC,GAAGL,QAAQ;MAEhCN,uCAAkB,CAACE,QAAQ,CAACH,UAAU,CAAC,CAACa,QAAQ,CAACF,OAAO,CAAC;MACzDN,YAAY,GAAGO,IAAI,CAACP,YAAY;MAChCC,MAAM,GAAGM,IAAI,CAACN,MAAM;IACxB;IAEA,OAAOL,uCAAkB,CAACE,QAAQ,CAACH,UAAU,CAAC,CAACI,QAAQ,CAAC,CAAC;EAC7D;AACJ;AAACU,OAAA,CAAAnB,qBAAA,GAAAA,qBAAA","ignoreList":[]}
package/utils/compress.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ export declare const compress: (data: any) => Promise<{
2
+ compression: string;
3
+ value: string;
4
+ }>;
package/utils/compress.js ADDED
@@ -0,0 +1,19 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.compress = void 0;
7
+ var _gzip = require("@webiny/utils/compression/gzip");
8
+ const GZIP = "gzip";
9
+ const TO_STORAGE_ENCODING = "base64";
10
+ const compress = async data => {
11
+ const value = await (0, _gzip.compress)(JSON.stringify(data));
12
+ return {
13
+ compression: GZIP,
14
+ value: value.toString(TO_STORAGE_ENCODING)
15
+ };
16
+ };
17
+ exports.compress = compress;
18
+
19
+ //# sourceMappingURL=compress.js.map
package/utils/compress.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"names":["_gzip","require","GZIP","TO_STORAGE_ENCODING","compress","data","value","gzip","JSON","stringify","compression","toString","exports"],"sources":["compress.ts"],"sourcesContent":["import { compress as gzip } from \"@webiny/utils/compression/gzip\";\n\nconst GZIP = \"gzip\";\nconst TO_STORAGE_ENCODING = \"base64\";\n\nexport const compress = async (data: any) => {\n const value = await gzip(JSON.stringify(data));\n\n return {\n compression: GZIP,\n value: value.toString(TO_STORAGE_ENCODING)\n };\n};\n"],"mappings":";;;;;;AAAA,IAAAA,KAAA,GAAAC,OAAA;AAEA,MAAMC,IAAI,GAAG,MAAM;AACnB,MAAMC,mBAAmB,GAAG,QAAQ;AAE7B,MAAMC,QAAQ,GAAG,MAAOC,IAAS,IAAK;EACzC,MAAMC,KAAK,GAAG,MAAM,IAAAC,cAAI,EAACC,IAAI,CAACC,SAAS,CAACJ,IAAI,CAAC,CAAC;EAE9C,OAAO;IACHK,WAAW,EAAER,IAAI;IACjBI,KAAK,EAAEA,KAAK,CAACK,QAAQ,CAACR,mBAAmB;EAC7C,CAAC;AACL,CAAC;AAACS,OAAA,CAAAR,QAAA,GAAAA,QAAA","ignoreList":[]}