@webiny/app-security 0.0.0-ee-vpcs.549378cf03

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) Webiny
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,115 @@
+# @webiny/app-security
+[![](https://img.shields.io/npm/dw/@webiny/app-security.svg)](https://www.npmjs.com/package/@webiny/app-security) 
+[![](https://img.shields.io/npm/v/@webiny/app-security.svg)](https://www.npmjs.com/package/@webiny/app-security)
+[![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat-square)](https://github.com/prettier/prettier)
+[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com)
+
+Exposes a simple `SecurityProvider` React provider component and enables you to quickly retrieve the currently signed-in user via the `useSecurity` React hook.
+
+## Install
+```
+npm install --save @webiny/app-security
+```
+
+Or if you prefer yarn: 
+```
+yarn add @webiny/app-security
+```
+
+## Quick Example
+
+First, make sure you mount the `SecurityProvider` React provider component in your application's entrypoint component, for example the `App` component: 
+
+```tsx
+import React from "react";
+import { Routes } from "@webiny/app/components/Routes";
+import { BrowserRouter } from "@webiny/react-router";
+import { SecurityProvider } from "@webiny/app-security";
+import Authenticator from "./components/Authenticator";
+
+export const App = () => (
+    <>
+        {/*
+        <SecurityProvider> is a generic provider of identity information. 3rd party identity providers (like Cognito,
+        Okta, Auth0) will handle the authentication, and set the information about the user into this provider,
+        so other parts of the system have a centralized place to fetch user information from.
+    */}
+        <SecurityProvider>
+            {/* This is the component that might trigger the initial authentication
+        process and set the retrieved user data into the Security provider.*/}
+            <Authenticator>
+                <BrowserRouter basename={process.env.PUBLIC_URL}>
+                    <Routes />
+                </BrowserRouter>
+            </Authenticator>
+        </SecurityProvider>
+    </>
+);
+```
+
+A simple `Authenticator` React component (uses Amazon Cognito and AWS Amplify's [`Auth`](https://github.com/aws-amplify/amplify-js/blob/main/packages/auth/src/Auth.ts#L100) class):
+
+```tsx
+import React, { useEffect } from "react";
+import Auth from "@aws-amplify/auth";
+import { useSecurity, SecurityIdentity } from "@webiny/app-security";
+
+// Apart from the React component, we also configure the Auth class here.
+Auth.configure({
+    region: process.env.REACT_APP_USER_POOL_REGION,
+    userPoolId: process.env.REACT_APP_USER_POOL_ID,
+    userPoolWebClientId: process.env.REACT_APP_USER_POOL_WEB_CLIENT_ID,
+    oauth: {
+        domain: process.env.REACT_APP_USER_POOL_DOMAIN,
+        redirectSignIn: `${location.origin}?signIn`,
+        redirectSignOut: `${location.origin}?signOut`,
+        responseType: "token"
+    }
+});
+
+// The `Authenticator` component.
+const Authenticator: React.FC = props => {
+    const { setIdentity } = useSecurity();
+
+    useEffect(() => {
+        // Get the currently signed-in user.
+        Auth.currentSession().then(response => {
+            const user = response.getIdToken().payload;
+            setIdentity(
+                new SecurityIdentity({
+                    login: user.email,
+                    firstName: user.given_name,
+                    lastName: user.family_name,
+                    logout: () => {
+                        Auth.signOut();
+                        setIdentity(null);
+                    }
+                })
+            );
+        }).catch(() => { /* Do nothing. */ });
+    }, []);
+
+    return <>{props.children}</>;
+};
+
+export default Authenticator;
+```
+
+Finally, use the `useSecurity` React hook in any of your components:
+
+```tsx
+import React from "react";
+import { useSecurity } from "@webiny/app-security";
+
+const MyComponent: React.FC = () => {
+  const { identity } = useSecurity();
+
+  if (identity) {
+    return <>Logged in.</>;
+  }
+
+  return <>Not logged in.</>;
+};
+
+export default MyComponent;
+```

package/Security.d.ts

@@ -0,0 +1,2 @@
+import React from "react";
+export declare const Security: React.FC;

package/Security.js

@@ -0,0 +1,32 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Security = void 0;
+
+var _react = _interopRequireDefault(require("react"));
+
+var _app = require("@webiny/app");
+
+var _Security = require("./contexts/Security");
+
+// Importing from `app-core` and NOT from `app-admin`, to avoid circular dependency.
+// This can be resolved in a different way, by changing the location of `AppInstaller` component (currently in `app-admin`).
+// But this is a faster solution, as I'm really short on time :)
+var SecurityProviderHOC = function SecurityProviderHOC(Component) {
+  return function SecurityProvider(_ref) {
+    var children = _ref.children;
+    return /*#__PURE__*/_react.default.createElement(_Security.SecurityProvider, null, /*#__PURE__*/_react.default.createElement(Component, null, children));
+  };
+};
+
+var Security = function Security() {
+  return /*#__PURE__*/_react.default.createElement(_app.Provider, {
+    hoc: SecurityProviderHOC
+  });
+};
+
+exports.Security = Security;

package/Security.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["SecurityProviderHOC","Component","SecurityProvider","children","Security"],"sources":["Security.tsx"],"sourcesContent":["// Importing from `app-core` and NOT from `app-admin`, to avoid circular dependency.\n// This can be resolved in a different way, by changing the location of `AppInstaller` component (currently in `app-admin`).\n// But this is a faster solution, as I'm really short on time :)\nimport React from \"react\";\nimport { Provider } from \"@webiny/app\";\nimport { SecurityProvider as ContextProvider } from \"./contexts/Security\";\n\nconst SecurityProviderHOC = (Component: React.FC<any>): React.FC<any> => {\n    return function SecurityProvider({ children }) {\n        return (\n            <ContextProvider>\n                <Component>{children}</Component>\n            </ContextProvider>\n        );\n    };\n};\n\nexport const Security: React.FC = () => {\n    return <Provider hoc={SecurityProviderHOC} />;\n};\n"],"mappings":";;;;;;;;;AAGA;;AACA;;AACA;;AALA;AACA;AACA;AAKA,IAAMA,mBAAmB,GAAG,SAAtBA,mBAAsB,CAACC,SAAD,EAA6C;EACrE,OAAO,SAASC,gBAAT,OAAwC;IAAA,IAAZC,QAAY,QAAZA,QAAY;IAC3C,oBACI,6BAAC,0BAAD,qBACI,6BAAC,SAAD,QAAYA,QAAZ,CADJ,CADJ;EAKH,CAND;AAOH,CARD;;AAUO,IAAMC,QAAkB,GAAG,SAArBA,QAAqB,GAAM;EACpC,oBAAO,6BAAC,aAAD;IAAU,GAAG,EAAEJ;EAAf,EAAP;AACH,CAFM"}

package/components/HasPermission.d.ts

@@ -0,0 +1,9 @@
+import React from "react";
+interface HasPermissionProps {
+    any?: string[];
+    all?: string[];
+    name?: string;
+    children: React.ReactNode;
+}
+export declare const HasPermission: ({ children, ...props }: HasPermissionProps) => JSX.Element | null;
+export {};

package/components/HasPermission.js

@@ -0,0 +1,48 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
+
+var _interopRequireWildcard = require("@babel/runtime/helpers/interopRequireWildcard").default;
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.HasPermission = void 0;
+
+var _toConsumableArray2 = _interopRequireDefault(require("@babel/runtime/helpers/toConsumableArray"));
+
+var _objectWithoutProperties2 = _interopRequireDefault(require("@babel/runtime/helpers/objectWithoutProperties"));
+
+var _react = _interopRequireWildcard(require("react"));
+
+var _useSecurity2 = require("../hooks/useSecurity");
+
+var _excluded = ["children"];
+
+var HasPermission = function HasPermission(_ref) {
+  var children = _ref.children,
+      props = (0, _objectWithoutProperties2.default)(_ref, _excluded);
+
+  var _useSecurity = (0, _useSecurity2.useSecurity)(),
+      getPermission = _useSecurity.getPermission;
+
+  if (props.any && props.all) {
+    throw new Error("You can use either \"any\" or \"all\", but not both at the same time.");
+  }
+
+  if (props.name) {
+    return getPermission(props.name) ? /*#__PURE__*/_react.default.createElement(_react.Fragment, null, children) : null;
+  }
+
+  var permissions = [].concat((0, _toConsumableArray2.default)(props.any || []), (0, _toConsumableArray2.default)(props.all || [])).map(function (name) {
+    return getPermission(name);
+  });
+  var hasPermission = props.any ? permissions.some(function (p) {
+    return Boolean(p);
+  }) : permissions.every(function (p) {
+    return Boolean(p);
+  });
+  return hasPermission ? /*#__PURE__*/_react.default.createElement(_react.Fragment, null, children) : null;
+};
+
+exports.HasPermission = HasPermission;

package/components/HasPermission.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["HasPermission","children","props","useSecurity","getPermission","any","all","Error","name","permissions","map","hasPermission","some","p","Boolean","every"],"sources":["HasPermission.tsx"],"sourcesContent":["import React, { Fragment } from \"react\";\nimport { useSecurity } from \"~/hooks/useSecurity\";\n\ninterface HasPermissionProps {\n    any?: string[];\n    all?: string[];\n    name?: string;\n    children: React.ReactNode;\n}\n\nexport const HasPermission = ({ children, ...props }: HasPermissionProps) => {\n    const { getPermission } = useSecurity();\n\n    if (props.any && props.all) {\n        throw new Error(`You can use either \"any\" or \"all\", but not both at the same time.`);\n    }\n\n    if (props.name) {\n        return getPermission(props.name) ? <Fragment>{children}</Fragment> : null;\n    }\n\n    const permissions = [...(props.any || []), ...(props.all || [])].map(name =>\n        getPermission(name)\n    );\n\n    const hasPermission = props.any\n        ? permissions.some(p => Boolean(p))\n        : permissions.every(p => Boolean(p));\n\n    return hasPermission ? <Fragment>{children}</Fragment> : null;\n};\n"],"mappings":";;;;;;;;;;;;;;;AAAA;;AACA;;;;AASO,IAAMA,aAAa,GAAG,SAAhBA,aAAgB,OAAgD;EAAA,IAA7CC,QAA6C,QAA7CA,QAA6C;EAAA,IAAhCC,KAAgC;;EACzE,mBAA0B,IAAAC,yBAAA,GAA1B;EAAA,IAAQC,aAAR,gBAAQA,aAAR;;EAEA,IAAIF,KAAK,CAACG,GAAN,IAAaH,KAAK,CAACI,GAAvB,EAA4B;IACxB,MAAM,IAAIC,KAAJ,yEAAN;EACH;;EAED,IAAIL,KAAK,CAACM,IAAV,EAAgB;IACZ,OAAOJ,aAAa,CAACF,KAAK,CAACM,IAAP,CAAb,gBAA4B,6BAAC,eAAD,QAAWP,QAAX,CAA5B,GAA8D,IAArE;EACH;;EAED,IAAMQ,WAAW,GAAG,2CAAKP,KAAK,CAACG,GAAN,IAAa,EAAlB,oCAA2BH,KAAK,CAACI,GAAN,IAAa,EAAxC,GAA6CI,GAA7C,CAAiD,UAAAF,IAAI;IAAA,OACrEJ,aAAa,CAACI,IAAD,CADwD;EAAA,CAArD,CAApB;EAIA,IAAMG,aAAa,GAAGT,KAAK,CAACG,GAAN,GAChBI,WAAW,CAACG,IAAZ,CAAiB,UAAAC,CAAC;IAAA,OAAIC,OAAO,CAACD,CAAD,CAAX;EAAA,CAAlB,CADgB,GAEhBJ,WAAW,CAACM,KAAZ,CAAkB,UAAAF,CAAC;IAAA,OAAIC,OAAO,CAACD,CAAD,CAAX;EAAA,CAAnB,CAFN;EAIA,OAAOF,aAAa,gBAAG,6BAAC,eAAD,QAAWV,QAAX,CAAH,GAAqC,IAAzD;AACH,CApBM"}

package/components/SecureRoute.d.ts

@@ -0,0 +1,7 @@
+import React from "react";
+interface SecureRouteProps {
+    children: React.ReactNode;
+    permission?: string;
+}
+declare const _default: ({ children, permission }: SecureRouteProps) => React.ReactElement | null;
+export default _default;

package/components/SecureRoute.js

@@ -0,0 +1,47 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+
+var _useSecurity = require("../hooks/useSecurity");
+
+var _plugins = require("@webiny/plugins");
+
+var _default = function _default(_ref) {
+  var children = _ref.children,
+      permission = _ref.permission;
+  var security = (0, _useSecurity.useSecurity)();
+
+  if (!security) {
+    return null;
+  }
+
+  var identity = security.identity,
+      getPermission = security.getPermission;
+
+  if (!identity) {
+    return null;
+  }
+
+  var hasPermission = false;
+
+  if (identity) {
+    hasPermission = permission ? Boolean(getPermission(permission)) : true;
+  }
+
+  if (hasPermission) {
+    return children;
+  }
+
+  var plugin = _plugins.plugins.byName("secure-route-error");
+
+  if (!plugin) {
+    return null;
+  }
+
+  return plugin.render();
+};
+
+exports.default = _default;

package/components/SecureRoute.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["children","permission","security","useSecurity","identity","getPermission","hasPermission","Boolean","plugin","plugins","byName","render"],"sources":["SecureRoute.tsx"],"sourcesContent":["import React from \"react\";\nimport { useSecurity } from \"~/hooks/useSecurity\";\nimport { SecureRouteErrorPlugin } from \"~/types\";\nimport { plugins } from \"@webiny/plugins\";\n\ninterface SecureRouteProps {\n    children: React.ReactNode;\n    permission?: string;\n}\nexport default ({ children, permission }: SecureRouteProps): React.ReactElement | null => {\n    const security = useSecurity();\n\n    if (!security) {\n        return null;\n    }\n\n    const { identity, getPermission } = security;\n\n    if (!identity) {\n        return null;\n    }\n\n    let hasPermission = false;\n    if (identity) {\n        hasPermission = permission ? Boolean(getPermission(permission)) : true;\n    }\n\n    if (hasPermission) {\n        return children as unknown as React.ReactElement;\n    }\n\n    const plugin = plugins.byName<SecureRouteErrorPlugin>(\"secure-route-error\");\n    if (!plugin) {\n        return null;\n    }\n\n    return plugin.render();\n};\n"],"mappings":";;;;;;;AACA;;AAEA;;eAMe,wBAA2E;EAAA,IAAxEA,QAAwE,QAAxEA,QAAwE;EAAA,IAA9DC,UAA8D,QAA9DA,UAA8D;EACtF,IAAMC,QAAQ,GAAG,IAAAC,wBAAA,GAAjB;;EAEA,IAAI,CAACD,QAAL,EAAe;IACX,OAAO,IAAP;EACH;;EAED,IAAQE,QAAR,GAAoCF,QAApC,CAAQE,QAAR;EAAA,IAAkBC,aAAlB,GAAoCH,QAApC,CAAkBG,aAAlB;;EAEA,IAAI,CAACD,QAAL,EAAe;IACX,OAAO,IAAP;EACH;;EAED,IAAIE,aAAa,GAAG,KAApB;;EACA,IAAIF,QAAJ,EAAc;IACVE,aAAa,GAAGL,UAAU,GAAGM,OAAO,CAACF,aAAa,CAACJ,UAAD,CAAd,CAAV,GAAwC,IAAlE;EACH;;EAED,IAAIK,aAAJ,EAAmB;IACf,OAAON,QAAP;EACH;;EAED,IAAMQ,MAAM,GAAGC,gBAAA,CAAQC,MAAR,CAAuC,oBAAvC,CAAf;;EACA,IAAI,CAACF,MAAL,EAAa;IACT,OAAO,IAAP;EACH;;EAED,OAAOA,MAAM,CAACG,MAAP,EAAP;AACH,C"}

package/components/SecureView.d.ts

@@ -0,0 +1,12 @@
+import * as React from "react";
+import { SecurityPermission } from "../types";
+interface ChildrenRenderFunctionArgs<T extends SecurityPermission> {
+    hasPermission: boolean;
+    permission: T | null;
+}
+interface Props<T extends SecurityPermission> {
+    children: ((args: ChildrenRenderFunctionArgs<T>) => React.ReactElement) | React.ReactElement;
+    permission?: string;
+}
+declare function SecureView<T extends SecurityPermission>({ children, permission }: Props<T>): React.ReactElement | null;
+export default SecureView;

package/components/SecureView.js

@@ -0,0 +1,36 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.default = void 0;
+
+var _useSecurity2 = require("../hooks/useSecurity");
+
+function SecureView(_ref) {
+  var children = _ref.children,
+      permission = _ref.permission;
+
+  var _useSecurity = (0, _useSecurity2.useSecurity)(),
+      getPermission = _useSecurity.getPermission;
+
+  var hasPermission = false;
+  var matchedPermission = null;
+
+  if (permission) {
+    matchedPermission = getPermission(permission);
+    hasPermission = Boolean(matchedPermission);
+  }
+
+  if (typeof children === "function") {
+    return children({
+      hasPermission: hasPermission,
+      permission: matchedPermission
+    });
+  }
+
+  return hasPermission ? children : null;
+}
+
+var _default = SecureView;
+exports.default = _default;

package/components/SecureView.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["SecureView","children","permission","useSecurity","getPermission","hasPermission","matchedPermission","Boolean"],"sources":["SecureView.tsx"],"sourcesContent":["import * as React from \"react\";\nimport { useSecurity } from \"~/hooks/useSecurity\";\nimport { SecurityPermission } from \"~/types\";\n\ninterface ChildrenRenderFunctionArgs<T extends SecurityPermission> {\n    hasPermission: boolean;\n    permission: T | null;\n}\n\ninterface Props<T extends SecurityPermission> {\n    children: ((args: ChildrenRenderFunctionArgs<T>) => React.ReactElement) | React.ReactElement;\n    permission?: string;\n}\n\nfunction SecureView<T extends SecurityPermission>({\n    children,\n    permission\n}: Props<T>): React.ReactElement | null {\n    const { getPermission } = useSecurity();\n\n    let hasPermission = false;\n    let matchedPermission: T | null = null;\n    if (permission) {\n        matchedPermission = getPermission<T>(permission);\n        hasPermission = Boolean(matchedPermission);\n    }\n\n    if (typeof children === \"function\") {\n        return children({\n            hasPermission,\n            permission: matchedPermission\n        });\n    }\n\n    return hasPermission ? children : null;\n}\n\nexport default SecureView;\n"],"mappings":";;;;;;;AACA;;AAaA,SAASA,UAAT,OAGwC;EAAA,IAFpCC,QAEoC,QAFpCA,QAEoC;EAAA,IADpCC,UACoC,QADpCA,UACoC;;EACpC,mBAA0B,IAAAC,yBAAA,GAA1B;EAAA,IAAQC,aAAR,gBAAQA,aAAR;;EAEA,IAAIC,aAAa,GAAG,KAApB;EACA,IAAIC,iBAA2B,GAAG,IAAlC;;EACA,IAAIJ,UAAJ,EAAgB;IACZI,iBAAiB,GAAGF,aAAa,CAAIF,UAAJ,CAAjC;IACAG,aAAa,GAAGE,OAAO,CAACD,iBAAD,CAAvB;EACH;;EAED,IAAI,OAAOL,QAAP,KAAoB,UAAxB,EAAoC;IAChC,OAAOA,QAAQ,CAAC;MACZI,aAAa,EAAbA,aADY;MAEZH,UAAU,EAAEI;IAFA,CAAD,CAAf;EAIH;;EAED,OAAOD,aAAa,GAAGJ,QAAH,GAAc,IAAlC;AACH;;eAEcD,U"}

package/components/index.d.ts

@@ -0,0 +1,3 @@
+export { default as SecureView } from "./SecureView";
+export { default as SecureRoute } from "./SecureRoute";
+export { HasPermission } from "./HasPermission";

package/components/index.js

@@ -0,0 +1,31 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+Object.defineProperty(exports, "HasPermission", {
+  enumerable: true,
+  get: function get() {
+    return _HasPermission.HasPermission;
+  }
+});
+Object.defineProperty(exports, "SecureRoute", {
+  enumerable: true,
+  get: function get() {
+    return _SecureRoute.default;
+  }
+});
+Object.defineProperty(exports, "SecureView", {
+  enumerable: true,
+  get: function get() {
+    return _SecureView.default;
+  }
+});
+
+var _SecureView = _interopRequireDefault(require("./SecureView"));
+
+var _SecureRoute = _interopRequireDefault(require("./SecureRoute"));
+
+var _HasPermission = require("./HasPermission");

package/components/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sources":["index.ts"],"sourcesContent":["export { default as SecureView } from \"./SecureView\";\nexport { default as SecureRoute } from \"./SecureRoute\";\nexport { HasPermission } from \"./HasPermission\";\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;AACA;;AACA"}

package/contexts/Security.d.ts

@@ -0,0 +1,9 @@
+import React, { Dispatch, SetStateAction } from "react";
+import { SecurityIdentity, SecurityPermission } from "../types";
+export interface SecurityContext {
+    identity: SecurityIdentity | null;
+    setIdentity: Dispatch<SetStateAction<SecurityIdentity | null>>;
+    getPermission<T extends SecurityPermission = SecurityPermission>(name: string): T | null;
+}
+export declare const SecurityContext: React.Context<SecurityContext>;
+export declare const SecurityProvider: React.FC;

package/contexts/Security.js

@@ -0,0 +1,72 @@
+"use strict";
+
+var _interopRequireWildcard = require("@babel/runtime/helpers/interopRequireWildcard").default;
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.SecurityProvider = exports.SecurityContext = void 0;
+
+var _objectSpread2 = _interopRequireDefault(require("@babel/runtime/helpers/objectSpread2"));
+
+var _slicedToArray2 = _interopRequireDefault(require("@babel/runtime/helpers/slicedToArray"));
+
+var _minimatch = _interopRequireDefault(require("minimatch"));
+
+var _react = _interopRequireWildcard(require("react"));
+
+var SecurityContext = /*#__PURE__*/_react.default.createContext({
+  identity: null,
+  setIdentity: function setIdentity() {
+    return void 0;
+  },
+  getPermission: function getPermission() {
+    return null;
+  }
+});
+
+exports.SecurityContext = SecurityContext;
+
+var SecurityProvider = function SecurityProvider(props) {
+  var _useState = (0, _react.useState)(null),
+      _useState2 = (0, _slicedToArray2.default)(_useState, 2),
+      identity = _useState2[0],
+      setIdentity = _useState2[1];
+
+  var getPermission = (0, _react.useCallback)(function (name) {
+    if (!identity) {
+      return null;
+    }
+
+    var perms = identity.permissions || [];
+    var exactMatch = perms.find(function (p) {
+      return p.name === name;
+    });
+
+    if (exactMatch) {
+      return exactMatch;
+    } // Try matching using patterns
+
+
+    return perms.find(function (p) {
+      return (0, _minimatch.default)(name, p.name);
+    });
+  }, [identity]);
+  var value = (0, _react.useMemo)(function () {
+    return {
+      identity: identity ? (0, _objectSpread2.default)((0, _objectSpread2.default)({}, identity), {}, {
+        // For backwards compatibility, expose the `getPermission` method on the `identity` object.
+        getPermission: getPermission
+      }) : null,
+      setIdentity: setIdentity,
+      getPermission: getPermission
+    };
+  }, [identity]);
+  return /*#__PURE__*/_react.default.createElement(SecurityContext.Provider, {
+    value: value
+  }, props.children);
+};
+
+exports.SecurityProvider = SecurityProvider;

package/contexts/Security.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["SecurityContext","React","createContext","identity","setIdentity","getPermission","SecurityProvider","props","useState","useCallback","name","perms","permissions","exactMatch","find","p","minimatch","value","useMemo","children"],"sources":["Security.tsx"],"sourcesContent":["import minimatch from \"minimatch\";\nimport React, { useState, useMemo, Dispatch, SetStateAction, useCallback } from \"react\";\nimport { SecurityIdentity, SecurityPermission } from \"~/types\";\n\nexport interface SecurityContext {\n    identity: SecurityIdentity | null;\n    setIdentity: Dispatch<SetStateAction<SecurityIdentity | null>>;\n    getPermission<T extends SecurityPermission = SecurityPermission>(name: string): T | null;\n}\n\nexport const SecurityContext = React.createContext<SecurityContext>({\n    identity: null,\n    setIdentity: () => {\n        return void 0;\n    },\n    getPermission: () => {\n        return null;\n    }\n});\n\nexport const SecurityProvider: React.FC = props => {\n    const [identity, setIdentity] = useState<SecurityIdentity | null>(null);\n\n    const getPermission = useCallback(\n        <T extends SecurityPermission = SecurityPermission>(name: string): T | null => {\n            if (!identity) {\n                return null;\n            }\n\n            const perms = identity.permissions || [];\n            const exactMatch = perms.find(p => p.name === name);\n            if (exactMatch) {\n                return exactMatch as T;\n            }\n\n            // Try matching using patterns\n            return perms.find(p => minimatch(name, p.name)) as any;\n        },\n        [identity]\n    );\n\n    const value = useMemo(() => {\n        return {\n            identity: identity\n                ? {\n                      ...identity,\n                      // For backwards compatibility, expose the `getPermission` method on the `identity` object.\n                      getPermission\n                  }\n                : null,\n            setIdentity,\n            getPermission\n        };\n    }, [identity]);\n\n    return <SecurityContext.Provider value={value}>{props.children}</SecurityContext.Provider>;\n};\n"],"mappings":";;;;;;;;;;;;;;;AAAA;;AACA;;AASO,IAAMA,eAAe,gBAAGC,cAAA,CAAMC,aAAN,CAAqC;EAChEC,QAAQ,EAAE,IADsD;EAEhEC,WAAW,EAAE,uBAAM;IACf,OAAO,KAAK,CAAZ;EACH,CAJ+D;EAKhEC,aAAa,EAAE,yBAAM;IACjB,OAAO,IAAP;EACH;AAP+D,CAArC,CAAxB;;;;AAUA,IAAMC,gBAA0B,GAAG,SAA7BA,gBAA6B,CAAAC,KAAK,EAAI;EAC/C,gBAAgC,IAAAC,eAAA,EAAkC,IAAlC,CAAhC;EAAA;EAAA,IAAOL,QAAP;EAAA,IAAiBC,WAAjB;;EAEA,IAAMC,aAAa,GAAG,IAAAI,kBAAA,EAClB,UAAoDC,IAApD,EAA+E;IAC3E,IAAI,CAACP,QAAL,EAAe;MACX,OAAO,IAAP;IACH;;IAED,IAAMQ,KAAK,GAAGR,QAAQ,CAACS,WAAT,IAAwB,EAAtC;IACA,IAAMC,UAAU,GAAGF,KAAK,CAACG,IAAN,CAAW,UAAAC,CAAC;MAAA,OAAIA,CAAC,CAACL,IAAF,KAAWA,IAAf;IAAA,CAAZ,CAAnB;;IACA,IAAIG,UAAJ,EAAgB;MACZ,OAAOA,UAAP;IACH,CAT0E,CAW3E;;;IACA,OAAOF,KAAK,CAACG,IAAN,CAAW,UAAAC,CAAC;MAAA,OAAI,IAAAC,kBAAA,EAAUN,IAAV,EAAgBK,CAAC,CAACL,IAAlB,CAAJ;IAAA,CAAZ,CAAP;EACH,CAdiB,EAelB,CAACP,QAAD,CAfkB,CAAtB;EAkBA,IAAMc,KAAK,GAAG,IAAAC,cAAA,EAAQ,YAAM;IACxB,OAAO;MACHf,QAAQ,EAAEA,QAAQ,+DAELA,QAFK;QAGR;QACAE,aAAa,EAAbA;MAJQ,KAMZ,IAPH;MAQHD,WAAW,EAAXA,WARG;MASHC,aAAa,EAAbA;IATG,CAAP;EAWH,CAZa,EAYX,CAACF,QAAD,CAZW,CAAd;EAcA,oBAAO,6BAAC,eAAD,CAAiB,QAAjB;IAA0B,KAAK,EAAEc;EAAjC,GAAyCV,KAAK,CAACY,QAA/C,CAAP;AACH,CApCM"}

package/hooks/usePermission.d.ts

@@ -0,0 +1,2 @@
+import { SecurityPermission } from "../types";
+export declare function usePermission<T extends SecurityPermission = SecurityPermission>(name: string): T | null;

package/hooks/usePermission.js

@@ -0,0 +1,15 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.usePermission = usePermission;
+
+var _useSecurity2 = require("./useSecurity");
+
+function usePermission(name) {
+  var _useSecurity = (0, _useSecurity2.useSecurity)(),
+      getPermission = _useSecurity.getPermission;
+
+  return getPermission(name);
+}

package/hooks/usePermission.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["usePermission","name","useSecurity","getPermission"],"sources":["usePermission.ts"],"sourcesContent":["import { useSecurity } from \"~/hooks/useSecurity\";\nimport { SecurityPermission } from \"~/types\";\n\nexport function usePermission<T extends SecurityPermission = SecurityPermission>(name: string) {\n    const { getPermission } = useSecurity();\n    return getPermission<T>(name);\n}\n"],"mappings":";;;;;;;AAAA;;AAGO,SAASA,aAAT,CAA0EC,IAA1E,EAAwF;EAC3F,mBAA0B,IAAAC,yBAAA,GAA1B;EAAA,IAAQC,aAAR,gBAAQA,aAAR;;EACA,OAAOA,aAAa,CAAIF,IAAJ,CAApB;AACH"}

package/hooks/useSecurity.d.ts

@@ -0,0 +1,2 @@
+import { SecurityContext } from "../contexts/Security";
+export declare function useSecurity(): SecurityContext;

package/hooks/useSecurity.js

@@ -0,0 +1,14 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.useSecurity = useSecurity;
+
+var _react = require("react");
+
+var _Security = require("../contexts/Security");
+
+function useSecurity() {
+  return (0, _react.useContext)(_Security.SecurityContext);
+}

package/hooks/useSecurity.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["useSecurity","useContext","SecurityContext"],"sources":["useSecurity.ts"],"sourcesContent":["import { useContext } from \"react\";\nimport { SecurityContext } from \"~/contexts/Security\";\n\nexport function useSecurity() {\n    return useContext(SecurityContext);\n}\n"],"mappings":";;;;;;;AAAA;;AACA;;AAEO,SAASA,WAAT,GAAuB;EAC1B,OAAO,IAAAC,iBAAA,EAAWC,yBAAX,CAAP;AACH"}

package/index.d.ts

@@ -0,0 +1,6 @@
+export * from "./components";
+export * from "./contexts/Security";
+export { SecurityContext } from "./contexts/Security";
+export * from "./hooks/useSecurity";
+export * from "./hooks/usePermission";
+export * from "./Security";

package/index.js

@@ -0,0 +1,84 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var _exportNames = {
+  SecurityContext: true
+};
+Object.defineProperty(exports, "SecurityContext", {
+  enumerable: true,
+  get: function get() {
+    return _Security.SecurityContext;
+  }
+});
+
+var _components = require("./components");
+
+Object.keys(_components).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _components[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _components[key];
+    }
+  });
+});
+
+var _Security = require("./contexts/Security");
+
+Object.keys(_Security).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _Security[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _Security[key];
+    }
+  });
+});
+
+var _useSecurity = require("./hooks/useSecurity");
+
+Object.keys(_useSecurity).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _useSecurity[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _useSecurity[key];
+    }
+  });
+});
+
+var _usePermission = require("./hooks/usePermission");
+
+Object.keys(_usePermission).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _usePermission[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _usePermission[key];
+    }
+  });
+});
+
+var _Security2 = require("./Security");
+
+Object.keys(_Security2).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _Security2[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function get() {
+      return _Security2[key];
+    }
+  });
+});

package/index.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sources":["index.ts"],"sourcesContent":["export * from \"./components\";\nexport * from \"./contexts/Security\";\nexport { SecurityContext } from \"./contexts/Security\";\nexport * from \"./hooks/useSecurity\";\nexport * from \"./hooks/usePermission\";\nexport * from \"./Security\";\n"],"mappings":";;;;;;;;;;;;;;;AAAA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AAEA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA;;AACA;;AAAA;EAAA;EAAA;EAAA;EAAA;IAAA;IAAA;MAAA;IAAA;EAAA;AAAA"}

package/package.json

@@ -0,0 +1,53 @@
+{
+	"name": "@webiny/app-security",
+	"version": "0.0.0-ee-vpcs.549378cf03",
+	"main": "index.js",
+	"repository": {
+		"type": "git",
+		"url": "https://github.com/webiny/webiny-js.git"
+	},
+	"contributors": [
+		"Pavel Denisjuk <pavel@webiny.com>",
+		"Sven Al Hamad <sven@webiny.com>",
+		"Adrian Smijulj <adrian@webiny.com>"
+	],
+	"license": "MIT",
+	"dependencies": {
+		"@webiny/app": "0.0.0-ee-vpcs.549378cf03",
+		"@webiny/plugins": "0.0.0-ee-vpcs.549378cf03",
+		"minimatch": "3.1.2",
+		"react": "17.0.2",
+		"react-dom": "17.0.2"
+	},
+	"devDependencies": {
+		"@babel/cli": "^7.19.3",
+		"@babel/core": "^7.19.3",
+		"@babel/plugin-proposal-class-properties": "^7.16.0",
+		"@babel/preset-env": "^7.19.4",
+		"@babel/preset-react": "^7.16.0",
+		"@babel/preset-typescript": "^7.18.6",
+		"@webiny/cli": "^0.0.0-ee-vpcs.549378cf03",
+		"@webiny/project-utils": "^0.0.0-ee-vpcs.549378cf03",
+		"babel-plugin-emotion": "^9.2.8",
+		"babel-plugin-lodash": "^3.3.4",
+		"rimraf": "^3.0.2",
+		"ttypescript": "^1.5.12",
+		"typescript": "4.7.4"
+	},
+	"publishConfig": {
+		"access": "public",
+		"directory": "dist"
+	},
+	"scripts": {
+		"build": "yarn webiny run build",
+		"watch": "yarn webiny run watch"
+	},
+	"adio": {
+		"ignore": {
+			"peerDependencies": [
+				"react-dom"
+			]
+		}
+	},
+	"gitHead": "549378cf03fcd27845fc3fa23d1dc6b32896f630"
+}

package/types.d.ts

@@ -0,0 +1,39 @@
+/// <reference types="react" />
+import { Plugin } from "@webiny/app/types";
+export declare type SecureRouteErrorPlugin = Plugin & {
+    render(): React.ReactElement;
+};
+export interface FullAccessPermission {
+    name: "*";
+}
+export interface SecurityPermission {
+    name: string;
+    [key: string]: any;
+}
+export interface SecurityIdentity {
+    id: string;
+    type: string;
+    displayName: string;
+    permissions?: SecurityPermission[];
+    /**
+     * TODO @ts-refactor @pavel
+     * Verify that login can be present in here.
+     */
+    login?: string;
+    /**
+     * TODO @ts-refactor @pavel
+     * Verify that profile can be present in here.
+     */
+    profile?: {
+        email?: string;
+        firstName?: string;
+        lastName?: string;
+        avatar?: {
+            src?: string;
+        };
+        gravatar?: string;
+    };
+    logout(): void;
+    getPermission?<T extends SecurityPermission = SecurityPermission>(name: string): T | null;
+    [key: string]: any;
+}

package/types.js

@@ -0,0 +1,5 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});

package/types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":[],"sources":["types.ts"],"sourcesContent":["import { Plugin } from \"@webiny/app/types\";\n\nexport type SecureRouteErrorPlugin = Plugin & {\n    render(): React.ReactElement;\n};\n\nexport interface FullAccessPermission {\n    name: \"*\";\n}\n\nexport interface SecurityPermission {\n    name: string;\n    [key: string]: any;\n}\n\nexport interface SecurityIdentity {\n    id: string;\n    type: string;\n    displayName: string;\n    permissions?: SecurityPermission[];\n    /**\n     * TODO @ts-refactor @pavel\n     * Verify that login can be present in here.\n     */\n    login?: string;\n    /**\n     * TODO @ts-refactor @pavel\n     * Verify that profile can be present in here.\n     */\n    profile?: {\n        email?: string;\n        firstName?: string;\n        lastName?: string;\n        avatar?: {\n            src?: string;\n        };\n        gravatar?: string;\n    };\n    logout(): void;\n    // For backwards compatibility, expose the `getPermission` method on the `identity` object.\n    getPermission?<T extends SecurityPermission = SecurityPermission>(name: string): T | null;\n    [key: string]: any;\n}\n"],"mappings":""}