@webiny/app-security-access-management 0.0.0-mt-1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) Webiny
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,115 @@
+# @webiny/app-security
+[![](https://img.shields.io/npm/dw/@webiny/app-security.svg)](https://www.npmjs.com/package/@webiny/app-security) 
+[![](https://img.shields.io/npm/v/@webiny/app-security.svg)](https://www.npmjs.com/package/@webiny/app-security)
+[![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)
+[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com)
+
+Exposes a simple `SecurityProvider` React provider component and enables you to quickly retrieve the currently signed-in user via the `useSecurity` React hook.
+
+## Install
+```
+npm install --save @webiny/app-security
+```
+
+Or if you prefer yarn: 
+```
+yarn add @webiny/app-security
+```
+
+## Quick Example
+
+First, make sure you mount the `SecurityProvider` React provider component in your application's entrypoint component, for example the `App` component: 
+
+```tsx
+import React from "react";
+import { Routes } from "@webiny/app/components/Routes";
+import { BrowserRouter } from "@webiny/react-router";
+import { SecurityProvider } from "@webiny/app-security";
+import Authenticator from "./components/Authenticator";
+
+export const App = () => (
+    <>
+        {/*
+        <SecurityProvider> is a generic provider of identity information. 3rd party identity providers (like Cognito,
+        Okta, Auth0) will handle the authentication, and set the information about the user into this provider,
+        so other parts of the system have a centralized place to fetch user information from.
+    */}
+        <SecurityProvider>
+            {/* This is the component that might trigger the initial authentication
+        process and set the retrieved user data into the Security provider.*/}
+            <Authenticator>
+                <BrowserRouter basename={process.env.PUBLIC_URL}>
+                    <Routes />
+                </BrowserRouter>
+            </Authenticator>
+        </SecurityProvider>
+    </>
+);
+```
+
+A simple `Authenticator` React component (uses Amazon Cognito and AWS Amplify's [`Auth`](https://github.com/aws-amplify/amplify-js/blob/main/packages/auth/src/Auth.ts#L100) class):
+
+```tsx
+import React, { useEffect } from "react";
+import Auth from "@aws-amplify/auth";
+import { useSecurity, SecurityIdentity } from "@webiny/app-security";
+
+// Apart from the React component, we also configure the Auth class here.
+Auth.configure({
+    region: process.env.REACT_APP_USER_POOL_REGION,
+    userPoolId: process.env.REACT_APP_USER_POOL_ID,
+    userPoolWebClientId: process.env.REACT_APP_USER_POOL_WEB_CLIENT_ID,
+    oauth: {
+        domain: process.env.REACT_APP_USER_POOL_DOMAIN,
+        redirectSignIn: `${location.origin}?signIn`,
+        redirectSignOut: `${location.origin}?signOut`,
+        responseType: "token"
+    }
+});
+
+// The `Authenticator` component.
+const Authenticator: React.FC = props => {
+    const { setIdentity } = useSecurity();
+
+    useEffect(() => {
+        // Get the currently signed-in user.
+        Auth.currentSession().then(response => {
+            const user = response.getIdToken().payload;
+            setIdentity(
+                new SecurityIdentity({
+                    login: user.email,
+                    firstName: user.given_name,
+                    lastName: user.family_name,
+                    logout: () => {
+                        Auth.signOut();
+                        setIdentity(null);
+                    }
+                })
+            );
+        }).catch(() => { /* Do nothing. */ });
+    }, []);
+
+    return <>{props.children}</>;
+};
+
+export default Authenticator;
+```
+
+Finally, use the `useSecurity` React hook in any of your components:
+
+```tsx
+import React from "react";
+import { useSecurity } from "@webiny/app-security";
+
+const MyComponent: React.FC = () => {
+  const { identity } = useSecurity();
+
+  if (identity) {
+    return <>Logged in.</>;
+  }
+
+  return <>Not logged in.</>;
+};
+
+export default MyComponent;
+```

package/components/GroupAutocomplete/graphql.d.ts

@@ -0,0 +1 @@
+export declare const LIST_GROUPS: any;

package/components/GroupAutocomplete/graphql.js

@@ -0,0 +1,6 @@
+import _taggedTemplateLiteral from "@babel/runtime/helpers/taggedTemplateLiteral";
+
+var _templateObject;
+
+import gql from "graphql-tag";
+export var LIST_GROUPS = gql(_templateObject || (_templateObject = _taggedTemplateLiteral(["\n    query listGroups {\n        security {\n            groups: listGroups {\n                data {\n                    id\n                    slug\n                    name\n                    description\n                    createdOn\n                }\n            }\n        }\n    }\n"])));

package/components/GroupAutocomplete/index.d.ts

@@ -0,0 +1,2 @@
+/// <reference types="react" />
+export declare const GroupAutocomplete: (props: any) => JSX.Element;

package/components/GroupAutocomplete/index.js

@@ -0,0 +1,16 @@
+import React from "react";
+import { AutoComplete } from "@webiny/ui/AutoComplete";
+import { LIST_GROUPS } from "./graphql";
+import { useQuery } from "@apollo/react-hooks";
+export var GroupAutocomplete = function GroupAutocomplete(props) {
+  var _useQuery = useQuery(LIST_GROUPS),
+      data = _useQuery.data,
+      loading = _useQuery.loading;
+
+  var options = loading && !data ? [] : data.security.groups.data;
+  return /*#__PURE__*/React.createElement(AutoComplete, Object.assign({}, props, {
+    options: options,
+    valueProp: "id",
+    value: loading ? null : props.value
+  }));
+};

package/components/NotAuthorizedError/NotAuthorizedError.d.ts

@@ -0,0 +1,2 @@
+/// <reference types="react" />
+export declare const NotAuthorizedError: () => JSX.Element;

package/components/NotAuthorizedError/NotAuthorizedError.js

@@ -0,0 +1,50 @@
+import * as React from "react";
+import { Link } from "@webiny/react-router";
+import { css } from "emotion";
+import styled from "@emotion/styled";
+import Helmet from "react-helmet";
+import authErrorImg from "./SecureRouteError.svg";
+import { Typography } from "@webiny/ui/Typography";
+var ContentWrapper = /*#__PURE__*/styled("div", {
+  target: "e18nns4o0",
+  label: "ContentWrapper"
+})({
+  display: "block",
+  paddingTop: "15%",
+  textAlign: "center",
+  margin: "auto"
+});
+var styles = {
+  authErrorImgStyle: /*#__PURE__*/css({
+    width: "192px",
+    paddingBottom: "24px"
+  }, "label:authErrorImgStyle;"),
+  bodyStyle: /*#__PURE__*/css({
+    color: "var(--mdc-theme-text-primary-on-background)",
+    display: "block"
+  }, "label:bodyStyle;"),
+  linkStyle: /*#__PURE__*/css({
+    textDecoration: "none",
+    "&:hover": {
+      textDecoration: "none"
+    }
+  }, "label:linkStyle;")
+};
+export var NotAuthorizedError = function NotAuthorizedError() {
+  return /*#__PURE__*/React.createElement(ContentWrapper, null, /*#__PURE__*/React.createElement(Helmet, {
+    title: "Not authorized"
+  }), /*#__PURE__*/React.createElement("img", {
+    className: styles.authErrorImgStyle,
+    src: authErrorImg,
+    alt: "Not Authorized"
+  }), /*#__PURE__*/React.createElement(Typography, {
+    use: "body1",
+    className: styles.bodyStyle
+  }, "You are not authorized to view this route."), /*#__PURE__*/React.createElement(Typography, {
+    use: "body1",
+    className: styles.bodyStyle
+  }, "Please contact your administrator to request access."), /*#__PURE__*/React.createElement(Link, {
+    to: "/",
+    className: styles.linkStyle
+  }, "Take me back."));
+};

package/components/NotAuthorizedError/SecureRouteError.svg

@@ -0,0 +1 @@
+<svg id="ffa0e257-4b46-4632-a8d6-93195cbf254d" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="895.68" height="517.48" viewBox="0 0 895.68 517.48"><defs><linearGradient id="74471b12-b6be-488b-b2aa-2815e91483d9" x1="790.94" y1="640.76" x2="790.94" y2="264.76" gradientTransform="translate(1229.99 -336.2) rotate(90)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="gray" stop-opacity="0.25"/><stop offset="0.54" stop-color="gray" stop-opacity="0.12"/><stop offset="1" stop-color="gray" stop-opacity="0.1"/></linearGradient><linearGradient id="f5c756da-9879-448e-9194-9478f83d355f" x1="785.97" y1="446.14" x2="785.97" y2="321.91" gradientTransform="translate(1166.67 -399.94) rotate(90)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="5c9be04e-db0f-4829-87c1-2cfa193e30b8" x1="660.92" y1="518.19" x2="660.92" y2="494.17" gradientTransform="translate(1146.84 -172.9) rotate(90)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="b92f3a53-b4d2-4abd-916c-aeb632188996" x1="433.66" y1="605.23" x2="433.66" y2="235.23" gradientTransform="translate(13.58 8.51)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="44577794-7f8e-40ae-89fc-019e5bfac17e" x1="428.36" y1="413.71" x2="428.36" y2="291.46" gradientTransform="translate(-1.05 11.3)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="666bb7d3-84d0-4835-ad07-c313c2384f21" x1="295.22" y1="484.61" x2="295.22" y2="460.98" gradientTransform="translate(28.38 37.45)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="59939605-05af-4a9a-9980-f700897f3f8b" x1="455.07" y1="464.48" x2="455.07" y2="10.48" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="6c0ba2ee-2d81-48f4-b4cf-f21b525fcc13" x1="449.07" y1="229.48" x2="449.07" y2="79.48" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="45b0c09d-2995-447e-8cb2-7f6b59b5e20c" x1="298.07" y1="316.48" x2="298.07" y2="287.48" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="e5b0a96a-81f6-4370-afe3-5a7d6a35b55e" x1="457.07" y1="517.48" x2="457.07" y2="364.48" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="a1850e5a-cf77-4889-926a-0125112ab273" x1="611.23" y1="564.74" x2="611.23" y2="464.74" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/><linearGradient id="66998849-614e-4d8a-b9ff-f14bbc588ed8" x1="611.23" y1="660.74" x2="611.23" y2="602.74" gradientTransform="matrix(1, 0, 0, 1, 0, 0)" xlink:href="#74471b12-b6be-488b-b2aa-2815e91483d9"/></defs><title>safe</title><rect x="792.23" y="49.92" width="19.88" height="470.41" transform="translate(247.6 844.09) rotate(-81.36)" fill="#f5f5f5"/><rect x="589.23" y="209.59" width="376" height="490.29" transform="translate(58.72 963.57) rotate(-81.36)" fill="url(#74471b12-b6be-488b-b2aa-2815e91483d9)"/><rect x="603.48" y="229.23" width="342.87" height="470.41" transform="translate(47.16 969.52) rotate(-81.36)" fill="#f5f5f5"/><circle cx="580.99" cy="251.51" r="4.86" transform="translate(92.88 596.86) rotate(-81.36)" fill="#ff5252"/><circle cx="594.2" cy="253.52" r="4.86" transform="translate(102.12 611.62) rotate(-81.36)" fill="#ff0"/><circle cx="607.41" cy="255.53" r="4.86" transform="translate(111.36 626.39) rotate(-81.36)" fill="#69f0ae"/><rect x="720.53" y="174.84" width="124.23" height="422.38" transform="translate(131.25 910.54) rotate(-81.36)" fill="url(#f5c756da-9879-448e-9194-9478f83d355f)"/><rect x="576.36" y="328.95" width="413.27" height="115.12" transform="translate(-85.2 -304.51) rotate(8.64)" fill="#fa5a28"/><rect x="628.65" y="473.94" width="24.02" height="28.16" transform="translate(-90.24 856.82) rotate(-81.36)" fill="url(#5c9be04e-db0f-4829-87c1-2cfa193e30b8)"/><rect x="627.88" y="477.73" width="26.5" height="19.88" transform="translate(-71.61 -282.05) rotate(8.64)" fill="#fa5a28"/><rect x="622.77" y="511.3" width="26.5" height="19.88" transform="translate(-66.63 -280.9) rotate(8.64)" fill="#ff5252"/><rect x="617.67" y="544.87" width="26.5" height="19.88" transform="translate(-61.64 -279.75) rotate(8.64)" fill="#ff9800"/><rect x="696.41" y="506.51" width="213.67" height="11.59" transform="translate(-66.07 -306.13) rotate(8.64)" fill="#fa5a28" opacity="0.4"/><rect x="691.31" y="540.08" width="213.67" height="11.59" transform="translate(-61.09 -304.98) rotate(8.64)" fill="#fa5a28" opacity="0.4"/><rect x="686.21" y="573.65" width="213.67" height="11.59" transform="translate(-56.1 -303.83) rotate(8.64)" fill="#fa5a28" opacity="0.4"/><rect x="159.15" y="254.51" width="500.84" height="19.56" transform="translate(-199.95 -95.55) rotate(-12.6)" fill="#f5f5f5"/><rect x="186.23" y="243.74" width="522" height="370" transform="translate(-234.92 -83.38) rotate(-12.6)" fill="url(#b92f3a53-b4d2-4abd-916c-aeb632188996)"/><rect x="198.08" y="269.78" width="500.84" height="337.4" transform="translate(-237.01 -82.86) rotate(-12.6)" fill="#f5f5f5"/><ellipse cx="177.11" cy="316.25" rx="5.17" ry="4.78" transform="translate(-216.88 -145.01) rotate(-12.6)" fill="#ff5252"/><ellipse cx="191" cy="313.15" rx="5.17" ry="4.78" transform="translate(-215.87 -142.05) rotate(-12.6)" fill="#ff0"/><ellipse cx="204.88" cy="310.05" rx="5.17" ry="4.78" transform="translate(-214.86 -139.1) rotate(-12.6)" fill="#69f0ae"/><rect x="202.46" y="302.76" width="449.7" height="122.25" transform="translate(-221.25 -89.28) rotate(-12.6)" fill="url(#44577794-7f8e-40ae-89fc-019e5bfac17e)"/><rect x="207.83" y="307.54" width="440" height="113.28" transform="translate(-221.3 -89.16) rotate(-12.6)" fill="#fa5a28"/><rect x="308.61" y="498.42" width="29.98" height="23.63" transform="translate(-255.67 -108.38) rotate(-12.6)" fill="url(#666bb7d3-84d0-4835-ad07-c313c2384f21)"/><rect x="309.83" y="499.96" width="28.22" height="19.56" transform="matrix(0.98, -0.22, 0.22, 0.98, -255.56, -108.32)" fill="#fa5a28"/><rect x="317.12" y="532.57" width="28.22" height="19.56" transform="translate(-262.49 -105.94) rotate(-12.6)" fill="#ff5252"/><rect x="324.41" y="565.18" width="28.22" height="19.56" transform="matrix(0.98, -0.22, 0.22, 0.98, -269.43, -103.57)" fill="#ff9800"/><rect x="380.57" y="465.95" width="227.49" height="11.41" transform="translate(-243.14 -72.07) rotate(-12.6)" fill="#fa5a28" opacity="0.4"/><rect x="387.86" y="498.56" width="227.49" height="11.41" transform="translate(-250.08 -69.69) rotate(-12.6)" fill="#fa5a28" opacity="0.4"/><rect x="395.15" y="531.17" width="227.49" height="11.41" transform="translate(-257.02 -67.32) rotate(-12.6)" fill="#fa5a28" opacity="0.4"/><rect x="170.07" y="18.48" width="568" height="24" fill="#f5f5f5"/><rect x="159.07" y="10.48" width="592" height="454" fill="url(#59939605-05af-4a9a-9980-f700897f3f8b)"/><rect x="170.07" y="42.48" width="568" height="414" fill="#fff"/><circle cx="183.94" cy="30.48" r="5.87" fill="#ff5252"/><circle cx="200.07" cy="30.48" r="5.87" fill="#ff0"/><circle cx="216.2" cy="30.48" r="5.87" fill="#69f0ae"/><rect x="194.07" y="79.48" width="510" height="150" fill="url(#6c0ba2ee-2d81-48f4-b4cf-f21b525fcc13)"/><rect x="200.07" y="85.48" width="499" height="139" fill="#fa5a28"/><rect x="281.07" y="287.48" width="34" height="29" fill="url(#45b0c09d-2995-447e-8cb2-7f6b59b5e20c)"/><rect x="282.57" y="289.48" width="32" height="24" fill="#fa5a28"/><rect x="282.57" y="330.48" width="32" height="24" fill="#ff5252"/><rect x="282.57" y="371.48" width="32" height="24" fill="#ff9800"/><rect x="367.57" y="294.48" width="258" height="14" fill="#fa5a28" opacity="0.4"/><rect x="367.57" y="335.48" width="258" height="14" fill="#fa5a28" opacity="0.4"/><rect x="367.57" y="376.48" width="258" height="14" fill="#fa5a28" opacity="0.4"/><rect x="364.07" y="364.48" width="186" height="153" fill="url(#e5b0a96a-81f6-4370-afe3-5a7d6a35b55e)"/><path d="M559.15,531.41a52.08,52.08,0,0,1,104.17,0v33.33H677.9V531.41a66.67,66.67,0,1,0-133.33,0v33.33h14.58Z" transform="translate(-152.16 -191.26)" fill="url(#a1850e5a-cf77-4889-926a-0125112ab273)"/><path d="M561.23,530.74a50,50,0,0,1,100,0v32h14v-32a64,64,0,0,0-128,0v32h14Z" transform="translate(-152.16 -191.26)" fill="#fff"/><rect x="372.07" y="369.48" width="174" height="142" fill="#fa5a28"/><rect x="372.07" y="369.48" width="174" height="142" fill="#fff"/><rect x="372.07" y="397.48" width="174" height="86" fill="#fa5a28"/><path d="M624,615.5a12.76,12.76,0,1,0-22,8.74v27.22a9.28,9.28,0,0,0,18.56,0V624.24A12.7,12.7,0,0,0,624,615.5Z" transform="translate(-152.16 -191.26)" fill="url(#66998849-614e-4d8a-b9ff-f14bbc588ed8)"/><path d="M622.23,617.74a11,11,0,1,0-19,7.53v23.47a8,8,0,1,0,16,0V625.27A11,11,0,0,0,622.23,617.74Z" transform="translate(-152.16 -191.26)" opacity="0.2"/></svg>

package/components/NotAuthorizedError/index.d.ts

@@ -0,0 +1 @@
+export { NotAuthorizedError } from "./NotAuthorizedError";

package/components/NotAuthorizedError/index.js

@@ -0,0 +1 @@
+export { NotAuthorizedError } from "./NotAuthorizedError";

package/index.d.ts

@@ -0,0 +1,2 @@
+declare const _default: () => import("@webiny/plugins/types").PluginCollection;
+export default _default;

package/index.js

@@ -0,0 +1,4 @@
+import plugins from "./plugins";
+export default (function () {
+  return plugins();
+});

package/package.json

@@ -0,0 +1,70 @@
+{
+	"name": "@webiny/app-security-access-management",
+	"version": "0.0.0-mt-1",
+	"main": "index.js",
+	"repository": {
+		"type": "git",
+		"url": "https://github.com/webiny/webiny-js.git"
+	},
+	"contributors": [
+		"Pavel Denisjuk <pavel@webiny.com>",
+		"Sven Al Hamad <sven@webiny.com>",
+		"Adrian Smijulj <adrian@webiny.com>"
+	],
+	"license": "MIT",
+	"dependencies": {
+		"@apollo/react-hooks": "3.1.5",
+		"@emotion/styled": "10.0.27",
+		"@webiny/app": "0.0.0-mt-1",
+		"@webiny/app-admin": "0.0.0-mt-1",
+		"@webiny/app-security": "0.0.0-mt-1",
+		"@webiny/form": "0.0.0-mt-1",
+		"@webiny/plugins": "0.0.0-mt-1",
+		"@webiny/react-router": "0.0.0-mt-1",
+		"@webiny/ui": "0.0.0-mt-1",
+		"@webiny/validation": "0.0.0-mt-1",
+		"emotion": "10.0.27",
+		"graphql-tag": "2.12.5",
+		"lodash": "4.17.21",
+		"react": "16.14.0",
+		"react-dom": "16.14.0",
+		"react-helmet": "5.2.1"
+	},
+	"devDependencies": {
+		"@babel/cli": "^7.5.5",
+		"@babel/core": "^7.5.5",
+		"@babel/plugin-proposal-class-properties": "^7.5.5",
+		"@babel/preset-env": "^7.5.5",
+		"@babel/preset-react": "^7.0.0",
+		"@babel/preset-typescript": "^7.8.3",
+		"@webiny/cli": "^0.0.0-mt-1",
+		"@webiny/project-utils": "^0.0.0-mt-1",
+		"babel-plugin-emotion": "^9.2.8",
+		"babel-plugin-lodash": "^3.3.4",
+		"babel-plugin-named-asset-import": "^1.0.0-next.3e165448",
+		"rimraf": "^3.0.2",
+		"ttypescript": "^1.5.12",
+		"typescript": "^4.1.3"
+	},
+	"publishConfig": {
+		"access": "public",
+		"directory": "dist"
+	},
+	"scripts": {
+		"build": "yarn webiny run build",
+		"watch": "yarn webiny run watch"
+	},
+	"svgo": {
+		"plugins": {
+			"removeViewBox": false
+		}
+	},
+	"adio": {
+		"ignore": {
+			"peerDependencies": [
+				"react-dom"
+			]
+		}
+	},
+	"gitHead": "37736d8456a6ecb342a6c3645060bd9a3f2d4bb0"
+}

package/plugins/constants.d.ts

@@ -0,0 +1,4 @@
+export declare enum Permission {
+    Groups = "security.group",
+    ApiKeys = "security.apiKey"
+}

package/plugins/constants.js

@@ -0,0 +1,6 @@
+export var Permission;
+
+(function (Permission) {
+  Permission["Groups"] = "security.group";
+  Permission["ApiKeys"] = "security.apiKey";
+})(Permission || (Permission = {}));

package/plugins/index.d.ts

@@ -0,0 +1,3 @@
+import { PluginCollection } from "@webiny/plugins/types";
+declare const _default: () => PluginCollection;
+export default _default;

package/plugins/index.js

@@ -0,0 +1,8 @@
+import routes from "./routes";
+import menus from "./menus";
+import installation from "./installation";
+import permissionRenderer from "./permissionRenderer";
+import secureRouteError from "./secureRouteError";
+export default (function () {
+  return [routes, menus, installation, permissionRenderer, secureRouteError];
+});

package/plugins/installation.d.ts

@@ -0,0 +1,3 @@
+import { AdminInstallationPlugin } from "@webiny/app-admin/types";
+declare const plugin: AdminInstallationPlugin;
+export default plugin;

package/plugins/installation.js

@@ -0,0 +1,99 @@
+import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
+import _slicedToArray from "@babel/runtime/helpers/slicedToArray";
+import _taggedTemplateLiteral from "@babel/runtime/helpers/taggedTemplateLiteral";
+
+var _templateObject, _templateObject2;
+
+import _regeneratorRuntime from "@babel/runtime/regenerator";
+import React, { useState, useEffect } from "react";
+import gql from "graphql-tag";
+import { useApolloClient } from "@apollo/react-hooks";
+import { Alert } from "@webiny/ui/Alert";
+import { CircularProgress } from "@webiny/ui/Progress";
+import { SimpleForm, SimpleFormContent } from "@webiny/app-admin/components/SimpleForm";
+import styled from "@emotion/styled";
+var SimpleFormPlaceholder = /*#__PURE__*/styled("div", {
+  target: "evolwsn0",
+  label: "SimpleFormPlaceholder"
+})({
+  minHeight: 300,
+  minWidth: 400
+});
+var IS_INSTALLED = gql(_templateObject || (_templateObject = _taggedTemplateLiteral(["\n    query IsSecurityInstalled {\n        security {\n            version\n        }\n    }\n"])));
+var INSTALL = gql(_templateObject2 || (_templateObject2 = _taggedTemplateLiteral(["\n    mutation InstallSecurity {\n        security {\n            install {\n                data\n                error {\n                    code\n                    message\n                }\n            }\n        }\n    }\n"])));
+
+var SecurityInstaller = function SecurityInstaller(_ref) {
+  var onInstalled = _ref.onInstalled;
+  var client = useApolloClient();
+
+  var _useState = useState(null),
+      _useState2 = _slicedToArray(_useState, 2),
+      error = _useState2[0],
+      setError = _useState2[1];
+
+  useEffect(function () {
+    client.mutate({
+      mutation: INSTALL
+    }).then(function (_ref2) {
+      var data = _ref2.data;
+      var error = data.security.install.error;
+
+      if (error) {
+        setError(error.message);
+        return;
+      } // Just so the user sees the actual message.
+
+
+      setTimeout(onInstalled, 3000);
+    });
+  }, []);
+  var label = error ? /*#__PURE__*/React.createElement(Alert, {
+    title: "Something went wrong",
+    type: "danger"
+  }, error) : "Installing Security...";
+  return /*#__PURE__*/React.createElement(SimpleForm, null, /*#__PURE__*/React.createElement(CircularProgress, {
+    label: label
+  }), /*#__PURE__*/React.createElement(SimpleFormContent, null, /*#__PURE__*/React.createElement(SimpleFormPlaceholder, null)));
+};
+
+var plugin = {
+  name: "admin-installation-security",
+  type: "admin-installation",
+  title: "Security",
+  dependencies: ["admin-installation-tenancy"],
+  secure: false,
+  getInstalledVersion: function getInstalledVersion(_ref3) {
+    return _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime.mark(function _callee() {
+      var client, _yield$client$query, data;
+
+      return _regeneratorRuntime.wrap(function _callee$(_context) {
+        while (1) {
+          switch (_context.prev = _context.next) {
+            case 0:
+              client = _ref3.client;
+              _context.next = 3;
+              return client.query({
+                query: IS_INSTALLED
+              });
+
+            case 3:
+              _yield$client$query = _context.sent;
+              data = _yield$client$query.data;
+              return _context.abrupt("return", data.security.version);
+
+            case 6:
+            case "end":
+              return _context.stop();
+          }
+        }
+      }, _callee);
+    }))();
+  },
+  render: function render(_ref4) {
+    var onInstalled = _ref4.onInstalled;
+    return /*#__PURE__*/React.createElement(SecurityInstaller, {
+      onInstalled: onInstalled
+    });
+  }
+};
+export default plugin;

package/plugins/menus.d.ts

@@ -0,0 +1,4 @@
+import { UIViewPlugin } from "@webiny/app-admin/ui/UIView";
+import { NavigationView } from "@webiny/app-admin/ui/views/NavigationView";
+declare const _default: UIViewPlugin<NavigationView>;
+export default _default;

package/plugins/menus.js

@@ -0,0 +1,61 @@
+import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
+import _regeneratorRuntime from "@babel/runtime/regenerator";
+import { NavigationMenuElement, TAGS } from "@webiny/app-admin/ui/elements/NavigationMenuElement";
+import { Permission } from "./constants";
+import { UIViewPlugin } from "@webiny/app-admin/ui/UIView";
+import { NavigationView } from "@webiny/app-admin/ui/views/NavigationView";
+export default new UIViewPlugin(NavigationView, /*#__PURE__*/function () {
+  var _ref = _asyncToGenerator( /*#__PURE__*/_regeneratorRuntime.mark(function _callee(view) {
+    var _view$getSecurityHook, identity, groups, apiKeys, mainMenu;
+
+    return _regeneratorRuntime.wrap(function _callee$(_context) {
+      while (1) {
+        switch (_context.prev = _context.next) {
+          case 0:
+            _context.next = 2;
+            return view.isRendered();
+
+          case 2:
+            _view$getSecurityHook = view.getSecurityHook(), identity = _view$getSecurityHook.identity;
+            groups = identity.getPermission(Permission.Groups);
+            apiKeys = identity.getPermission(Permission.ApiKeys);
+
+            if (!(!groups && !apiKeys)) {
+              _context.next = 7;
+              break;
+            }
+
+            return _context.abrupt("return");
+
+          case 7:
+            mainMenu = view.getSettingsMenuElement().addElement(new NavigationMenuElement("accessManagement", {
+              label: "Access Management",
+              tags: [TAGS.UTILS]
+            }));
+
+            if (groups) {
+              mainMenu.addElement(new NavigationMenuElement("groups", {
+                label: "Groups",
+                path: "/access-management/groups"
+              }));
+            }
+
+            if (apiKeys) {
+              mainMenu.addElement(new NavigationMenuElement("apiKeys", {
+                label: "API Keys",
+                path: "/access-management/api-keys"
+              }));
+            }
+
+          case 10:
+          case "end":
+            return _context.stop();
+        }
+      }
+    }, _callee);
+  }));
+
+  return function (_x) {
+    return _ref.apply(this, arguments);
+  };
+}());

package/plugins/permissionRenderer/SecurityPermissions.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="react" />
+export declare const SecurityPermissions: ({ value, onChange }: {
+    value: any;
+    onChange: any;
+}) => JSX.Element;