@zenstackhq/runtime 1.0.0-alpha.99 → 1.0.0-beta.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/browser/index.d.mts +13 -0
- package/browser/index.d.ts +13 -0
- package/browser/index.js +69 -0
- package/browser/index.js.map +1 -0
- package/browser/index.mjs +31 -0
- package/browser/index.mjs.map +1 -0
- package/constants.d.ts +31 -0
- package/constants.js +34 -1
- package/constants.js.map +1 -1
- package/enhancements/index.d.ts +5 -0
- package/enhancements/index.js +5 -0
- package/enhancements/index.js.map +1 -1
- package/enhancements/model-meta.d.ts +4 -0
- package/enhancements/model-meta.js +26 -5
- package/enhancements/model-meta.js.map +1 -1
- package/enhancements/nested-write-vistor.d.ts +17 -16
- package/enhancements/nested-write-vistor.js +86 -59
- package/enhancements/nested-write-vistor.js.map +1 -1
- package/enhancements/omit.d.ts +10 -1
- package/enhancements/omit.js +4 -3
- package/enhancements/omit.js.map +1 -1
- package/enhancements/password.d.ts +10 -1
- package/enhancements/password.js +3 -2
- package/enhancements/password.js.map +1 -1
- package/enhancements/policy/handler.d.ts +6 -3
- package/enhancements/policy/handler.js +99 -39
- package/enhancements/policy/handler.js.map +1 -1
- package/enhancements/policy/index.d.ts +23 -2
- package/enhancements/policy/index.js +39 -6
- package/enhancements/policy/index.js.map +1 -1
- package/enhancements/policy/logger.d.ts +9 -1
- package/enhancements/policy/logger.js +14 -3
- package/enhancements/policy/logger.js.map +1 -1
- package/enhancements/policy/policy-utils.d.ts +13 -9
- package/enhancements/policy/policy-utils.js +250 -138
- package/enhancements/policy/policy-utils.js.map +1 -1
- package/enhancements/preset.d.ts +9 -7
- package/enhancements/preset.js +3 -6
- package/enhancements/preset.js.map +1 -1
- package/enhancements/proxy.js +62 -1
- package/enhancements/proxy.js.map +1 -1
- package/enhancements/types.d.ts +10 -1
- package/enhancements/utils.d.ts +12 -4
- package/enhancements/utils.js +97 -11
- package/enhancements/utils.js.map +1 -1
- package/enhancements/where-visitor.d.ts +33 -0
- package/enhancements/where-visitor.js +87 -0
- package/enhancements/where-visitor.js.map +1 -0
- package/index.d.ts +2 -2
- package/index.js +2 -2
- package/index.js.map +1 -1
- package/package.json +33 -12
- package/version.js +1 -0
- package/version.js.map +1 -1
- package/zod/index.d.ts +2 -0
- package/zod/index.js +4 -0
- package/zod/input.d.ts +1 -0
- package/zod/input.js +8 -0
- package/zod/models.d.ts +1 -0
- package/zod/models.js +8 -0
- package/serialization-utils.d.ts +0 -1
- package/serialization-utils.js +0 -22
- package/serialization-utils.js.map +0 -1
- package/zod.d.ts +0 -10
- package/zod.js +0 -17
- package/zod.js.map +0 -1
package/enhancements/omit.d.ts
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
import { ModelMeta } from './types';
|
|
2
|
+
/**
|
|
3
|
+
* Options for @see withOmit
|
|
4
|
+
*/
|
|
5
|
+
export type WithOmitOptions = {
|
|
6
|
+
/**
|
|
7
|
+
* Model metatadata
|
|
8
|
+
*/
|
|
9
|
+
modelMeta?: ModelMeta;
|
|
10
|
+
};
|
|
2
11
|
/**
|
|
3
12
|
* Gets an enhanced Prisma client that supports @omit attribute.
|
|
4
13
|
*/
|
|
5
|
-
export declare function withOmit<DbClient extends object>(prisma: DbClient,
|
|
14
|
+
export declare function withOmit<DbClient extends object>(prisma: DbClient, options?: WithOmitOptions): DbClient;
|
package/enhancements/omit.js
CHANGED
|
@@ -18,8 +18,9 @@ const utils_1 = require("./utils");
|
|
|
18
18
|
/**
|
|
19
19
|
* Gets an enhanced Prisma client that supports @omit attribute.
|
|
20
20
|
*/
|
|
21
|
-
function withOmit(prisma,
|
|
22
|
-
|
|
21
|
+
function withOmit(prisma, options) {
|
|
22
|
+
var _a;
|
|
23
|
+
const _modelMeta = (_a = options === null || options === void 0 ? void 0 : options.modelMeta) !== null && _a !== void 0 ? _a : (0, model_meta_1.getDefaultModelMeta)();
|
|
23
24
|
return (0, proxy_1.makeProxy)(prisma, _modelMeta, (_prisma, model) => new OmitHandler(_prisma, model, _modelMeta), 'omit');
|
|
24
25
|
}
|
|
25
26
|
exports.withOmit = withOmit;
|
|
@@ -32,7 +33,7 @@ class OmitHandler extends proxy_1.DefaultPrismaProxyHandler {
|
|
|
32
33
|
processResultEntity(data) {
|
|
33
34
|
return __awaiter(this, void 0, void 0, function* () {
|
|
34
35
|
if (data) {
|
|
35
|
-
for (const value of (0, utils_1.
|
|
36
|
+
for (const value of (0, utils_1.enumerate)(data)) {
|
|
36
37
|
yield this.doPostProcess(value, this.model);
|
|
37
38
|
}
|
|
38
39
|
}
|
package/enhancements/omit.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"omit.js","sourceRoot":"","sources":["../../src/enhancements/omit.ts"],"names":[],"mappings":";AAAA,sDAAsD;AACtD,uDAAuD;;;;;;;;;;;;AAGvD,6CAAiE;AACjE,mCAA+D;AAE/D,
|
|
1
|
+
{"version":3,"file":"omit.js","sourceRoot":"","sources":["../../src/enhancements/omit.ts"],"names":[],"mappings":";AAAA,sDAAsD;AACtD,uDAAuD;;;;;;;;;;;;AAGvD,6CAAiE;AACjE,mCAA+D;AAE/D,mCAAoD;AAYpD;;GAEG;AACH,SAAgB,QAAQ,CAA0B,MAAgB,EAAE,OAAyB;;IACzF,MAAM,UAAU,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,IAAA,gCAAmB,GAAE,CAAC;IAC/D,OAAO,IAAA,iBAAS,EACZ,MAAM,EACN,UAAU,EACV,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,WAAW,CAAC,OAA2B,EAAE,KAAK,EAAE,UAAU,CAAC,EACnF,MAAM,CACT,CAAC;AACN,CAAC;AARD,4BAQC;AAED,MAAM,WAAY,SAAQ,iCAAyB;IAC/C,YAAY,MAAwB,EAAE,KAAa,EAAmB,SAAoB;QACtF,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAD6C,cAAS,GAAT,SAAS,CAAW;IAE1F,CAAC;IAED,gBAAgB;IACA,mBAAmB,CAAI,IAAO;;YAC1C,IAAI,IAAI,EAAE;gBACN,KAAK,MAAM,KAAK,IAAI,IAAA,iBAAS,EAAC,IAAI,CAAC,EAAE;oBACjC,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;iBAC/C;aACJ;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAEa,aAAa,CAAC,UAAe,EAAE,KAAa;;YACtD,KAAK,MAAM,KAAK,IAAI,IAAA,sBAAc,EAAC,UAAU,CAAC,EAAE;gBAC5C,MAAM,SAAS,GAAG,MAAM,IAAA,yBAAY,EAAC,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;gBACnE,IAAI,CAAC,SAAS,EAAE;oBACZ,SAAS;iBACZ;gBAED,IAAI,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,EAAE;oBAC5D,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;iBAC5B;qBAAM,IAAI,SAAS,CAAC,WAAW,EAAE;oBAC9B,UAAU;oBACV,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;iBAC/D;aACJ;QACL,CAAC;KAAA;CACJ"}
|
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
import { ModelMeta } from './types';
|
|
2
|
+
/**
|
|
3
|
+
* Options for @see withPassword
|
|
4
|
+
*/
|
|
5
|
+
export type WithPasswordOptions = {
|
|
6
|
+
/**
|
|
7
|
+
* Model metatadata
|
|
8
|
+
*/
|
|
9
|
+
modelMeta?: ModelMeta;
|
|
10
|
+
};
|
|
2
11
|
/**
|
|
3
12
|
* Gets an enhanced Prisma client that supports @password attribute.
|
|
4
13
|
*/
|
|
5
|
-
export declare function withPassword<DbClient extends object = any>(prisma: DbClient,
|
|
14
|
+
export declare function withPassword<DbClient extends object = any>(prisma: DbClient, options?: WithPasswordOptions): DbClient;
|
package/enhancements/password.js
CHANGED
|
@@ -20,8 +20,9 @@ const proxy_1 = require("./proxy");
|
|
|
20
20
|
/**
|
|
21
21
|
* Gets an enhanced Prisma client that supports @password attribute.
|
|
22
22
|
*/
|
|
23
|
-
function withPassword(prisma,
|
|
24
|
-
|
|
23
|
+
function withPassword(prisma, options) {
|
|
24
|
+
var _a;
|
|
25
|
+
const _modelMeta = (_a = options === null || options === void 0 ? void 0 : options.modelMeta) !== null && _a !== void 0 ? _a : (0, model_meta_1.getDefaultModelMeta)();
|
|
25
26
|
return (0, proxy_1.makeProxy)(prisma, _modelMeta, (_prisma, model) => new PasswordHandler(_prisma, model, _modelMeta), 'password');
|
|
26
27
|
}
|
|
27
28
|
exports.withPassword = withPassword;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"password.js","sourceRoot":"","sources":["../../src/enhancements/password.ts"],"names":[],"mappings":";AAAA,uDAAuD;AACvD,sDAAsD;;;;;;;;;;;;AAEtD,uCAAgC;AAChC,4CAA4D;AAE5D,6CAAmD;AACnD,+DAA2D;AAC3D,mCAAmF;
|
|
1
|
+
{"version":3,"file":"password.js","sourceRoot":"","sources":["../../src/enhancements/password.ts"],"names":[],"mappings":";AAAA,uDAAuD;AACvD,sDAAsD;;;;;;;;;;;;AAEtD,uCAAgC;AAChC,4CAA4D;AAE5D,6CAAmD;AACnD,+DAA2D;AAC3D,mCAAmF;AAanF;;GAEG;AACH,SAAgB,YAAY,CAAgC,MAAgB,EAAE,OAA6B;;IACvG,MAAM,UAAU,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,IAAA,gCAAmB,GAAE,CAAC;IAC/D,OAAO,IAAA,iBAAS,EACZ,MAAM,EACN,UAAU,EACV,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,eAAe,CAAC,OAA2B,EAAE,KAAK,EAAE,UAAU,CAAC,EACvF,UAAU,CACb,CAAC;AACN,CAAC;AARD,oCAQC;AAED,MAAM,eAAgB,SAAQ,iCAAyB;IACnD,YAAY,MAAwB,EAAE,KAAa,EAAW,SAAoB;QAC9E,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QADqC,cAAS,GAAT,SAAS,CAAW;IAElF,CAAC;IAED,gBAAgB;IACA,cAAc,CAAC,MAA0B,EAAE,IAAS;;YAChE,MAAM,iBAAiB,GAAyB,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;YAC3G,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,IAAI,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;gBACzD,MAAM,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,KAAK,EAAE,MAA+B,EAAE,IAAI,CAAC,CAAC;aACxF;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;KAAA;IAEa,sBAAsB,CAAC,KAAa,EAAE,MAA6B,EAAE,IAAS;;YACxF,MAAM,OAAO,GAAG,IAAI,wCAAkB,CAAC,IAAI,CAAC,SAAS,EAAE;gBACnD,KAAK,EAAE,CAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE;;oBAC3C,MAAM,OAAO,GAAG,MAAA,KAAK,CAAC,UAAU,0CAAE,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC;oBAC5E,IAAI,OAAO,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE;wBACpC,sBAAsB;wBACtB,IAAI,IAAI,GAAgC,MAAA,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,MAAM,CAAC,0CACjF,KAAe,CAAC;wBACtB,IAAI,CAAC,IAAI,EAAE;4BACP,IAAI,GAAG,MAAA,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,CAAC,0CAAE,KAAe,CAAC;yBACjF;wBACD,IAAI,CAAC,IAAI,EAAE;4BACP,IAAI,GAAG,wCAA4B,CAAC;yBACvC;wBACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,IAAA,eAAI,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;qBACvD;gBACL,CAAC,CAAA;aACJ,CAAC,CAAC;YAEH,MAAM,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;QAC7C,CAAC;KAAA;CACJ"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AuthUser, DbClientContract, PolicyOperationKind } from '../../types';
|
|
2
2
|
import { BatchResult, PrismaProxyHandler } from '../proxy';
|
|
3
|
-
import { ModelMeta, PolicyDef } from '../types';
|
|
3
|
+
import type { ModelMeta, PolicyDef, ZodSchemas } from '../types';
|
|
4
4
|
/**
|
|
5
5
|
* Prisma proxy handler for injecting access policy check.
|
|
6
6
|
*/
|
|
@@ -8,11 +8,13 @@ export declare class PolicyProxyHandler<DbClient extends DbClientContract> imple
|
|
|
8
8
|
private readonly prisma;
|
|
9
9
|
private readonly policy;
|
|
10
10
|
private readonly modelMeta;
|
|
11
|
+
private readonly zodSchemas;
|
|
11
12
|
private readonly model;
|
|
12
13
|
private readonly user?;
|
|
14
|
+
private readonly logPrismaQuery?;
|
|
13
15
|
private readonly logger;
|
|
14
16
|
private readonly utils;
|
|
15
|
-
constructor(prisma: DbClient, policy: PolicyDef, modelMeta: ModelMeta, model: string, user?: AuthUser | undefined);
|
|
17
|
+
constructor(prisma: DbClient, policy: PolicyDef, modelMeta: ModelMeta, zodSchemas: ZodSchemas | undefined, model: string, user?: AuthUser | undefined, logPrismaQuery?: boolean | undefined);
|
|
16
18
|
private get modelClient();
|
|
17
19
|
findUnique(args: any): Promise<{} | null>;
|
|
18
20
|
findUniqueOrThrow(args: any): Promise<{}>;
|
|
@@ -31,6 +33,7 @@ export declare class PolicyProxyHandler<DbClient extends DbClientContract> imple
|
|
|
31
33
|
aggregate(args: any): Promise<unknown>;
|
|
32
34
|
groupBy(args: any): Promise<unknown>;
|
|
33
35
|
count(args: any): Promise<unknown>;
|
|
34
|
-
tryReject(operation: PolicyOperationKind):
|
|
36
|
+
tryReject(operation: PolicyOperationKind): void;
|
|
35
37
|
private checkReadback;
|
|
38
|
+
private get shouldLogQuery();
|
|
36
39
|
}
|
|
@@ -11,8 +11,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
11
11
|
};
|
|
12
12
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
13
|
exports.PolicyProxyHandler = void 0;
|
|
14
|
-
const
|
|
15
|
-
const sdk_1 = require("@zenstackhq/sdk");
|
|
14
|
+
const constants_1 = require("../../constants");
|
|
16
15
|
const utils_1 = require("../utils");
|
|
17
16
|
const logger_1 = require("./logger");
|
|
18
17
|
const policy_utils_1 = require("./policy-utils");
|
|
@@ -20,14 +19,16 @@ const policy_utils_1 = require("./policy-utils");
|
|
|
20
19
|
* Prisma proxy handler for injecting access policy check.
|
|
21
20
|
*/
|
|
22
21
|
class PolicyProxyHandler {
|
|
23
|
-
constructor(prisma, policy, modelMeta, model, user) {
|
|
22
|
+
constructor(prisma, policy, modelMeta, zodSchemas, model, user, logPrismaQuery) {
|
|
24
23
|
this.prisma = prisma;
|
|
25
24
|
this.policy = policy;
|
|
26
25
|
this.modelMeta = modelMeta;
|
|
26
|
+
this.zodSchemas = zodSchemas;
|
|
27
27
|
this.model = model;
|
|
28
28
|
this.user = user;
|
|
29
|
+
this.logPrismaQuery = logPrismaQuery;
|
|
29
30
|
this.logger = new logger_1.Logger(prisma);
|
|
30
|
-
this.utils = new policy_utils_1.PolicyUtil(this.prisma, this.modelMeta, this.policy, this.user);
|
|
31
|
+
this.utils = new policy_utils_1.PolicyUtil(this.prisma, this.modelMeta, this.policy, this.zodSchemas, this.user, this.logPrismaQuery);
|
|
31
32
|
}
|
|
32
33
|
get modelClient() {
|
|
33
34
|
return this.prisma[this.model];
|
|
@@ -36,10 +37,14 @@ class PolicyProxyHandler {
|
|
|
36
37
|
var _a;
|
|
37
38
|
return __awaiter(this, void 0, void 0, function* () {
|
|
38
39
|
if (!args) {
|
|
39
|
-
throw
|
|
40
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
40
41
|
}
|
|
41
42
|
if (!args.where) {
|
|
42
|
-
throw
|
|
43
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'where field is required in query argument');
|
|
44
|
+
}
|
|
45
|
+
const guard = this.utils.getAuthGuard(this.model, 'read');
|
|
46
|
+
if (guard === false) {
|
|
47
|
+
return null;
|
|
43
48
|
}
|
|
44
49
|
const entities = yield this.utils.readWithCheck(this.model, args);
|
|
45
50
|
return (_a = entities[0]) !== null && _a !== void 0 ? _a : null;
|
|
@@ -47,6 +52,10 @@ class PolicyProxyHandler {
|
|
|
47
52
|
}
|
|
48
53
|
findUniqueOrThrow(args) {
|
|
49
54
|
return __awaiter(this, void 0, void 0, function* () {
|
|
55
|
+
const guard = this.utils.getAuthGuard(this.model, 'read');
|
|
56
|
+
if (guard === false) {
|
|
57
|
+
throw this.utils.notFound(this.model);
|
|
58
|
+
}
|
|
50
59
|
const entity = yield this.findUnique(args);
|
|
51
60
|
if (!entity) {
|
|
52
61
|
throw this.utils.notFound(this.model);
|
|
@@ -57,12 +66,20 @@ class PolicyProxyHandler {
|
|
|
57
66
|
findFirst(args) {
|
|
58
67
|
var _a;
|
|
59
68
|
return __awaiter(this, void 0, void 0, function* () {
|
|
69
|
+
const guard = this.utils.getAuthGuard(this.model, 'read');
|
|
70
|
+
if (guard === false) {
|
|
71
|
+
return null;
|
|
72
|
+
}
|
|
60
73
|
const entities = yield this.utils.readWithCheck(this.model, args);
|
|
61
74
|
return (_a = entities[0]) !== null && _a !== void 0 ? _a : null;
|
|
62
75
|
});
|
|
63
76
|
}
|
|
64
77
|
findFirstOrThrow(args) {
|
|
65
78
|
return __awaiter(this, void 0, void 0, function* () {
|
|
79
|
+
const guard = this.utils.getAuthGuard(this.model, 'read');
|
|
80
|
+
if (guard === false) {
|
|
81
|
+
throw this.utils.notFound(this.model);
|
|
82
|
+
}
|
|
66
83
|
const entity = yield this.findFirst(args);
|
|
67
84
|
if (!entity) {
|
|
68
85
|
throw this.utils.notFound(this.model);
|
|
@@ -72,23 +89,32 @@ class PolicyProxyHandler {
|
|
|
72
89
|
}
|
|
73
90
|
findMany(args) {
|
|
74
91
|
return __awaiter(this, void 0, void 0, function* () {
|
|
92
|
+
const guard = this.utils.getAuthGuard(this.model, 'read');
|
|
93
|
+
if (guard === false) {
|
|
94
|
+
return [];
|
|
95
|
+
}
|
|
75
96
|
return this.utils.readWithCheck(this.model, args);
|
|
76
97
|
});
|
|
77
98
|
}
|
|
78
99
|
create(args) {
|
|
79
100
|
return __awaiter(this, void 0, void 0, function* () {
|
|
80
101
|
if (!args) {
|
|
81
|
-
throw
|
|
102
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
82
103
|
}
|
|
83
104
|
if (!args.data) {
|
|
84
|
-
throw
|
|
105
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'data field is required in query argument');
|
|
85
106
|
}
|
|
86
107
|
yield this.tryReject('create');
|
|
87
108
|
const origArgs = args;
|
|
88
109
|
args = this.utils.clone(args);
|
|
89
110
|
// use a transaction to wrap the write so it can be reverted if the created
|
|
90
111
|
// entity fails access policies
|
|
91
|
-
const result = yield this.utils.processWrite(this.model, 'create', args, (dbOps, writeArgs) =>
|
|
112
|
+
const result = yield this.utils.processWrite(this.model, 'create', args, (dbOps, writeArgs) => {
|
|
113
|
+
if (this.shouldLogQuery) {
|
|
114
|
+
this.logger.info(`[withPolicy] \`create\`: ${(0, utils_1.formatObject)(writeArgs)}`);
|
|
115
|
+
}
|
|
116
|
+
return dbOps.create(writeArgs);
|
|
117
|
+
});
|
|
92
118
|
const ids = this.utils.getEntityIds(this.model, result);
|
|
93
119
|
if (Object.keys(ids).length === 0) {
|
|
94
120
|
throw this.utils.unknownError(`unexpected error: create didn't return an id`);
|
|
@@ -99,36 +125,46 @@ class PolicyProxyHandler {
|
|
|
99
125
|
createMany(args, skipDuplicates) {
|
|
100
126
|
return __awaiter(this, void 0, void 0, function* () {
|
|
101
127
|
if (!args) {
|
|
102
|
-
throw
|
|
128
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
103
129
|
}
|
|
104
130
|
if (!args.data) {
|
|
105
|
-
throw
|
|
131
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'data field is required and must be an array');
|
|
106
132
|
}
|
|
107
133
|
yield this.tryReject('create');
|
|
108
134
|
args = this.utils.clone(args);
|
|
109
135
|
// use a transaction to wrap the write so it can be reverted if any created
|
|
110
136
|
// entity fails access policies
|
|
111
|
-
const result = yield this.utils.processWrite(this.model, 'create', args, (dbOps, writeArgs) =>
|
|
137
|
+
const result = yield this.utils.processWrite(this.model, 'create', args, (dbOps, writeArgs) => {
|
|
138
|
+
if (this.shouldLogQuery) {
|
|
139
|
+
this.logger.info(`[withPolicy] \`createMany\`: ${(0, utils_1.formatObject)(writeArgs)}`);
|
|
140
|
+
}
|
|
141
|
+
return dbOps.createMany(writeArgs, skipDuplicates);
|
|
142
|
+
});
|
|
112
143
|
return result;
|
|
113
144
|
});
|
|
114
145
|
}
|
|
115
146
|
update(args) {
|
|
116
147
|
return __awaiter(this, void 0, void 0, function* () {
|
|
117
148
|
if (!args) {
|
|
118
|
-
throw
|
|
149
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
119
150
|
}
|
|
120
151
|
if (!args.where) {
|
|
121
|
-
throw
|
|
152
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'where field is required in query argument');
|
|
122
153
|
}
|
|
123
154
|
if (!args.data) {
|
|
124
|
-
throw
|
|
155
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'data field is required in query argument');
|
|
125
156
|
}
|
|
126
157
|
yield this.tryReject('update');
|
|
127
158
|
const origArgs = args;
|
|
128
159
|
args = this.utils.clone(args);
|
|
129
160
|
// use a transaction to wrap the write so it can be reverted if any nested
|
|
130
161
|
// create fails access policies
|
|
131
|
-
const result = yield this.utils.processWrite(this.model, 'update', args, (dbOps, writeArgs) =>
|
|
162
|
+
const result = yield this.utils.processWrite(this.model, 'update', args, (dbOps, writeArgs) => {
|
|
163
|
+
if (this.shouldLogQuery) {
|
|
164
|
+
this.logger.info(`[withPolicy] \`update\`: ${(0, utils_1.formatObject)(writeArgs)}`);
|
|
165
|
+
}
|
|
166
|
+
return dbOps.update(writeArgs);
|
|
167
|
+
});
|
|
132
168
|
const ids = this.utils.getEntityIds(this.model, result);
|
|
133
169
|
if (Object.keys(ids).length === 0) {
|
|
134
170
|
throw this.utils.unknownError(`unexpected error: update didn't return an id`);
|
|
@@ -139,32 +175,37 @@ class PolicyProxyHandler {
|
|
|
139
175
|
updateMany(args) {
|
|
140
176
|
return __awaiter(this, void 0, void 0, function* () {
|
|
141
177
|
if (!args) {
|
|
142
|
-
throw
|
|
178
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
143
179
|
}
|
|
144
180
|
if (!args.data) {
|
|
145
|
-
throw
|
|
181
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'data field is required in query argument');
|
|
146
182
|
}
|
|
147
183
|
yield this.tryReject('update');
|
|
148
184
|
args = this.utils.clone(args);
|
|
149
185
|
// use a transaction to wrap the write so it can be reverted if any nested
|
|
150
186
|
// create fails access policies
|
|
151
|
-
const result = yield this.utils.processWrite(this.model, 'updateMany', args, (dbOps, writeArgs) =>
|
|
187
|
+
const result = yield this.utils.processWrite(this.model, 'updateMany', args, (dbOps, writeArgs) => {
|
|
188
|
+
if (this.shouldLogQuery) {
|
|
189
|
+
this.logger.info(`[withPolicy] \`updateMany\`: ${(0, utils_1.formatObject)(writeArgs)}`);
|
|
190
|
+
}
|
|
191
|
+
return dbOps.updateMany(writeArgs);
|
|
192
|
+
});
|
|
152
193
|
return result;
|
|
153
194
|
});
|
|
154
195
|
}
|
|
155
196
|
upsert(args) {
|
|
156
197
|
return __awaiter(this, void 0, void 0, function* () {
|
|
157
198
|
if (!args) {
|
|
158
|
-
throw
|
|
199
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
159
200
|
}
|
|
160
201
|
if (!args.where) {
|
|
161
|
-
throw
|
|
202
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'where field is required in query argument');
|
|
162
203
|
}
|
|
163
204
|
if (!args.create) {
|
|
164
|
-
throw
|
|
205
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'create field is required in query argument');
|
|
165
206
|
}
|
|
166
207
|
if (!args.update) {
|
|
167
|
-
throw
|
|
208
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'update field is required in query argument');
|
|
168
209
|
}
|
|
169
210
|
const origArgs = args;
|
|
170
211
|
args = this.utils.clone(args);
|
|
@@ -172,7 +213,12 @@ class PolicyProxyHandler {
|
|
|
172
213
|
yield this.tryReject('update');
|
|
173
214
|
// use a transaction to wrap the write so it can be reverted if any nested
|
|
174
215
|
// create fails access policies
|
|
175
|
-
const result = yield this.utils.processWrite(this.model, 'upsert', args, (dbOps, writeArgs) =>
|
|
216
|
+
const result = yield this.utils.processWrite(this.model, 'upsert', args, (dbOps, writeArgs) => {
|
|
217
|
+
if (this.shouldLogQuery) {
|
|
218
|
+
this.logger.info(`[withPolicy] \`upsert\`: ${(0, utils_1.formatObject)(writeArgs)}`);
|
|
219
|
+
}
|
|
220
|
+
return dbOps.upsert(writeArgs);
|
|
221
|
+
});
|
|
176
222
|
const ids = this.utils.getEntityIds(this.model, result);
|
|
177
223
|
if (Object.keys(ids).length === 0) {
|
|
178
224
|
throw this.utils.unknownError(`unexpected error: upsert didn't return an id`);
|
|
@@ -183,10 +229,10 @@ class PolicyProxyHandler {
|
|
|
183
229
|
delete(args) {
|
|
184
230
|
return __awaiter(this, void 0, void 0, function* () {
|
|
185
231
|
if (!args) {
|
|
186
|
-
throw
|
|
232
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
187
233
|
}
|
|
188
234
|
if (!args.where) {
|
|
189
|
-
throw
|
|
235
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'where field is required in query argument');
|
|
190
236
|
}
|
|
191
237
|
yield this.tryReject('delete');
|
|
192
238
|
// ensures the item under deletion passes policy check
|
|
@@ -202,10 +248,12 @@ class PolicyProxyHandler {
|
|
|
202
248
|
readResult = undefined;
|
|
203
249
|
}
|
|
204
250
|
// conduct the deletion
|
|
205
|
-
this.
|
|
251
|
+
if (this.shouldLogQuery) {
|
|
252
|
+
this.logger.info(`[withPolicy] \`delete\`:\n${(0, utils_1.formatObject)(args)}`);
|
|
253
|
+
}
|
|
206
254
|
yield this.modelClient.delete(args);
|
|
207
255
|
if (!readResult) {
|
|
208
|
-
throw this.utils.deniedByPolicy(this.model, 'delete', 'result is not allowed to be read back',
|
|
256
|
+
throw this.utils.deniedByPolicy(this.model, 'delete', 'result is not allowed to be read back', constants_1.CrudFailureReason.RESULT_NOT_READABLE);
|
|
209
257
|
}
|
|
210
258
|
else {
|
|
211
259
|
return readResult;
|
|
@@ -219,29 +267,37 @@ class PolicyProxyHandler {
|
|
|
219
267
|
args = args !== null && args !== void 0 ? args : {};
|
|
220
268
|
yield this.utils.injectAuthGuard(args, this.model, 'delete');
|
|
221
269
|
// conduct the deletion
|
|
222
|
-
this.
|
|
270
|
+
if (this.shouldLogQuery) {
|
|
271
|
+
this.logger.info(`[withPolicy] \`deleteMany\`:\n${(0, utils_1.formatObject)(args)}`);
|
|
272
|
+
}
|
|
223
273
|
return this.modelClient.deleteMany(args);
|
|
224
274
|
});
|
|
225
275
|
}
|
|
226
276
|
aggregate(args) {
|
|
227
277
|
return __awaiter(this, void 0, void 0, function* () {
|
|
228
278
|
if (!args) {
|
|
229
|
-
throw
|
|
279
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
230
280
|
}
|
|
231
281
|
yield this.tryReject('read');
|
|
232
282
|
// inject policy conditions
|
|
233
283
|
yield this.utils.injectAuthGuard(args, this.model, 'read');
|
|
284
|
+
if (this.shouldLogQuery) {
|
|
285
|
+
this.logger.info(`[withPolicy] \`aggregate\`:\n${(0, utils_1.formatObject)(args)}`);
|
|
286
|
+
}
|
|
234
287
|
return this.modelClient.aggregate(args);
|
|
235
288
|
});
|
|
236
289
|
}
|
|
237
290
|
groupBy(args) {
|
|
238
291
|
return __awaiter(this, void 0, void 0, function* () {
|
|
239
292
|
if (!args) {
|
|
240
|
-
throw
|
|
293
|
+
throw (0, utils_1.prismaClientValidationError)(this.prisma, 'query argument is required');
|
|
241
294
|
}
|
|
242
295
|
yield this.tryReject('read');
|
|
243
296
|
// inject policy conditions
|
|
244
297
|
yield this.utils.injectAuthGuard(args, this.model, 'read');
|
|
298
|
+
if (this.shouldLogQuery) {
|
|
299
|
+
this.logger.info(`[withPolicy] \`groupBy\`:\n${(0, utils_1.formatObject)(args)}`);
|
|
300
|
+
}
|
|
245
301
|
return this.modelClient.groupBy(args);
|
|
246
302
|
});
|
|
247
303
|
}
|
|
@@ -251,24 +307,25 @@ class PolicyProxyHandler {
|
|
|
251
307
|
// inject policy conditions
|
|
252
308
|
args = args !== null && args !== void 0 ? args : {};
|
|
253
309
|
yield this.utils.injectAuthGuard(args, this.model, 'read');
|
|
310
|
+
if (this.shouldLogQuery) {
|
|
311
|
+
this.logger.info(`[withPolicy] \`count\`:\n${(0, utils_1.formatObject)(args)}`);
|
|
312
|
+
}
|
|
254
313
|
return this.modelClient.count(args);
|
|
255
314
|
});
|
|
256
315
|
}
|
|
257
316
|
tryReject(operation) {
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
}
|
|
263
|
-
});
|
|
317
|
+
const guard = this.utils.getAuthGuard(this.model, operation);
|
|
318
|
+
if (guard === false) {
|
|
319
|
+
throw this.utils.deniedByPolicy(this.model, operation);
|
|
320
|
+
}
|
|
264
321
|
}
|
|
265
322
|
checkReadback(origArgs, ids, action, operation) {
|
|
266
323
|
return __awaiter(this, void 0, void 0, function* () {
|
|
267
324
|
const readArgs = { select: origArgs.select, include: origArgs.include, where: ids };
|
|
268
325
|
const result = yield this.utils.readWithCheck(this.model, readArgs);
|
|
269
326
|
if (result.length === 0) {
|
|
270
|
-
this.logger.
|
|
271
|
-
throw this.utils.deniedByPolicy(this.model, operation, 'result is not allowed to be read back',
|
|
327
|
+
this.logger.info(`${action} result cannot be read back`);
|
|
328
|
+
throw this.utils.deniedByPolicy(this.model, operation, 'result is not allowed to be read back', constants_1.CrudFailureReason.RESULT_NOT_READABLE);
|
|
272
329
|
}
|
|
273
330
|
else if (result.length > 1) {
|
|
274
331
|
throw this.utils.unknownError('write unexpected resulted in multiple readback entities');
|
|
@@ -276,6 +333,9 @@ class PolicyProxyHandler {
|
|
|
276
333
|
return result[0];
|
|
277
334
|
});
|
|
278
335
|
}
|
|
336
|
+
get shouldLogQuery() {
|
|
337
|
+
return this.logPrismaQuery && this.logger.enabled('info');
|
|
338
|
+
}
|
|
279
339
|
}
|
|
280
340
|
exports.PolicyProxyHandler = PolicyProxyHandler;
|
|
281
341
|
//# sourceMappingURL=handler.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"handler.js","sourceRoot":"","sources":["../../../src/enhancements/policy/handler.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;;;;;;;;;;AAEvD,oDAAqE;AACrE,yCAAoD;AAIpD,oCAAwC;AACxC,qCAAkC;AAClC,iDAA4C;AAE5C;;GAEG;AACH,MAAa,kBAAkB;IAI3B,YACqB,MAAgB,EAChB,MAAiB,EACjB,SAAoB,EACpB,KAAa,EACb,IAAe;QAJf,WAAM,GAAN,MAAM,CAAU;QAChB,WAAM,GAAN,MAAM,CAAW;QACjB,cAAS,GAAT,SAAS,CAAW;QACpB,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAAW;QAEhC,IAAI,CAAC,MAAM,GAAG,IAAI,eAAM,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,yBAAU,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACrF,CAAC;IAED,IAAY,WAAW;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAEK,UAAU,CAAC,IAAS;;;YACtB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAI,qCAA2B,CAAC,2CAA2C,CAAC,CAAC;aACtF;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAClE,OAAO,MAAA,QAAQ,CAAC,CAAC,CAAC,mCAAI,IAAI,CAAC;;KAC9B;IAEK,iBAAiB,CAAC,IAAS;;YAC7B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,EAAE;gBACT,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;KAAA;IAEK,SAAS,CAAC,IAAS;;;YACrB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAClE,OAAO,MAAA,QAAQ,CAAC,CAAC,CAAC,mCAAI,IAAI,CAAC;;KAC9B;IAEK,gBAAgB,CAAC,IAAS;;YAC5B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM,EAAE;gBACT,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;KAAA;IAEK,QAAQ,CAAC,IAAS;;YACpB,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACtD,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAI,qCAA2B,CAAC,0CAA0C,CAAC,CAAC;aACrF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,2EAA2E;YAC3E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC/F,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAC1B,CAAC;YAEF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS,EAAE,cAAwB;;YAChD,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAI,qCAA2B,CAAC,6CAA6C,CAAC,CAAC;aACxF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,2EAA2E;YAC3E,+BAA+B;YAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC1F,KAAK,CAAC,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAC9C,CAAC;YAEF,OAAO,MAAqB,CAAC;QACjC,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAI,qCAA2B,CAAC,2CAA2C,CAAC,CAAC;aACtF;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAI,qCAA2B,CAAC,0CAA0C,CAAC,CAAC;aACrF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC/F,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAC1B,CAAC;YAEF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YACD,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS;;YACtB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAI,qCAA2B,CAAC,0CAA0C,CAAC,CAAC;aACrF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC9F,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAC9B,CAAC;YAEF,OAAO,MAAqB,CAAC;QACjC,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAI,qCAA2B,CAAC,2CAA2C,CAAC,CAAC;aACtF;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBACd,MAAM,IAAI,qCAA2B,CAAC,4CAA4C,CAAC,CAAC;aACvF;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBACd,MAAM,IAAI,qCAA2B,CAAC,4CAA4C,CAAC,CAAC;aACvF;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC/B,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CAC/F,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAC1B,CAAC;YAEF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAI,qCAA2B,CAAC,2CAA2C,CAAC,CAAC;aACtF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,sDAAsD;YACtD,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;YAErF,+DAA+D;YAC/D,IAAI,UAAe,CAAC;YACpB,IAAI;gBACA,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC/D,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;aACzB;YAAC,OAAO,GAAG,EAAE;gBACV,eAAe;gBACf,UAAU,GAAG,SAAS,CAAC;aAC1B;YAED,uBAAuB;YACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,KAAK,MAAM,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC5E,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAEpC,IAAI,CAAC,UAAU,EAAE;gBACb,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAC3B,IAAI,CAAC,KAAK,EACV,QAAQ,EACR,uCAAuC,EACvC,uBAAiB,CAAC,mBAAmB,CACxC,CAAC;aACL;iBAAM;gBACH,OAAO,UAAU,CAAC;aACrB;QACL,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS;;YACtB,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,IAAI,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAE7D,uBAAuB;YACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,IAAI,CAAC,KAAK,MAAM,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChF,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;KAAA;IAEK,SAAS,CAAC,IAAS;;YACrB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEK,OAAO,CAAC,IAAS;;YACnB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAI,qCAA2B,CAAC,4BAA4B,CAAC,CAAC;aACvE;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAE3D,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;KAAA;IAEK,KAAK,CAAC,IAAS;;YACjB,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,IAAI,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,CAAC;KAAA;IAEK,SAAS,CAAC,SAA8B;;YAC1C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YACnE,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;aAC1D;QACL,CAAC;KAAA;IAEa,aAAa,CACvB,QAAa,EACb,GAA4B,EAC5B,MAAc,EACd,SAA8B;;YAE9B,MAAM,QAAQ,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;YACpF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACpE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,6BAA6B,CAAC,CAAC;gBACzD,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAC3B,IAAI,CAAC,KAAK,EACV,SAAS,EACT,uCAAuC,EACvC,uBAAiB,CAAC,mBAAmB,CACxC,CAAC;aACL;iBAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC1B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,yDAAyD,CAAC,CAAC;aAC5F;YACD,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC;KAAA;CACJ;AA7SD,gDA6SC"}
|
|
1
|
+
{"version":3,"file":"handler.js","sourceRoot":"","sources":["../../../src/enhancements/policy/handler.ts"],"names":[],"mappings":";AAAA,uDAAuD;;;;;;;;;;;;AAEvD,+CAAoD;AAIpD,oCAAqE;AACrE,qCAAkC;AAClC,iDAA4C;AAE5C;;GAEG;AACH,MAAa,kBAAkB;IAI3B,YACqB,MAAgB,EAChB,MAAiB,EACjB,SAAoB,EACpB,UAAkC,EAClC,KAAa,EACb,IAAe,EACf,cAAwB;QANxB,WAAM,GAAN,MAAM,CAAU;QAChB,WAAM,GAAN,MAAM,CAAW;QACjB,cAAS,GAAT,SAAS,CAAW;QACpB,eAAU,GAAV,UAAU,CAAwB;QAClC,UAAK,GAAL,KAAK,CAAQ;QACb,SAAI,GAAJ,IAAI,CAAW;QACf,mBAAc,GAAd,cAAc,CAAU;QAEzC,IAAI,CAAC,MAAM,GAAG,IAAI,eAAM,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,yBAAU,CACvB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,cAAc,CACtB,CAAC;IACN,CAAC;IAED,IAAY,WAAW;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnC,CAAC;IAEK,UAAU,CAAC,IAAS;;;YACtB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,2CAA2C,CAAC,CAAC;aAC/F;YAED,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,OAAO,IAAI,CAAC;aACf;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAClE,OAAO,MAAA,QAAQ,CAAC,CAAC,CAAC,mCAAI,IAAI,CAAC;;KAC9B;IAEK,iBAAiB,CAAC,IAAS;;YAC7B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,MAAM,EAAE;gBACT,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;KAAA;IAEK,SAAS,CAAC,IAAS;;;YACrB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,OAAO,IAAI,CAAC;aACf;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YAClE,OAAO,MAAA,QAAQ,CAAC,CAAC,CAAC,mCAAI,IAAI,CAAC;;KAC9B;IAEK,gBAAgB,CAAC,IAAS;;YAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM,EAAE;gBACT,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACzC;YACD,OAAO,MAAM,CAAC;QAClB,CAAC;KAAA;IAEK,QAAQ,CAAC,IAAS;;YACpB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,KAAK,KAAK,KAAK,EAAE;gBACjB,OAAO,EAAE,CAAC;aACb;YAED,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACtD,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,0CAA0C,CAAC,CAAC;aAC9F;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,2EAA2E;YAC3E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;gBAC/F,IAAI,IAAI,CAAC,cAAc,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,IAAA,oBAAY,EAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC3E;gBACD,OAAO,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS,EAAE,cAAwB;;YAChD,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,6CAA6C,CAAC,CAAC;aACjG;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,2EAA2E;YAC3E,+BAA+B;YAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;gBAC1F,IAAI,IAAI,CAAC,cAAc,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,IAAA,oBAAY,EAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC/E;gBACD,OAAO,KAAK,CAAC,UAAU,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;YACvD,CAAC,CAAC,CAAC;YAEH,OAAO,MAAqB,CAAC;QACjC,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,2CAA2C,CAAC,CAAC;aAC/F;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,0CAA0C,CAAC,CAAC;aAC9F;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;gBAC/F,IAAI,IAAI,CAAC,cAAc,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,IAAA,oBAAY,EAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC3E;gBACD,OAAO,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YACD,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS;;YACtB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBACZ,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,0CAA0C,CAAC,CAAC;aAC9F;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;gBAC9F,IAAI,IAAI,CAAC,cAAc,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,IAAA,oBAAY,EAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC/E;gBACD,OAAO,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;YACvC,CAAC,CAAC,CAAC;YAEH,OAAO,MAAqB,CAAC;QACjC,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,2CAA2C,CAAC,CAAC;aAC/F;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBACd,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4CAA4C,CAAC,CAAC;aAChG;YACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBACd,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4CAA4C,CAAC,CAAC;aAChG;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC;YACtB,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC/B,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,0EAA0E;YAC1E,+BAA+B;YAC/B,MAAM,MAAM,GAAQ,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;gBAC/F,IAAI,IAAI,CAAC,cAAc,EAAE;oBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,IAAA,oBAAY,EAAC,SAAS,CAAC,EAAE,CAAC,CAAC;iBAC3E;gBACD,OAAO,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACnC,CAAC,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;aACjF;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;KAAA;IAEK,MAAM,CAAC,IAAS;;YAClB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YACD,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;gBACb,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,2CAA2C,CAAC,CAAC;aAC/F;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,sDAAsD;YACtD,MAAM,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;YAErF,+DAA+D;YAC/D,IAAI,UAAe,CAAC;YACpB,IAAI;gBACA,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC/D,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;aACzB;YAAC,OAAO,GAAG,EAAE;gBACV,eAAe;gBACf,UAAU,GAAG,SAAS,CAAC;aAC1B;YAED,uBAAuB;YACvB,IAAI,IAAI,CAAC,cAAc,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aACvE;YACD,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAEpC,IAAI,CAAC,UAAU,EAAE;gBACb,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAC3B,IAAI,CAAC,KAAK,EACV,QAAQ,EACR,uCAAuC,EACvC,6BAAiB,CAAC,mBAAmB,CACxC,CAAC;aACL;iBAAM;gBACH,OAAO,UAAU,CAAC;aACrB;QACL,CAAC;KAAA;IAEK,UAAU,CAAC,IAAS;;YACtB,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAE/B,2BAA2B;YAC3B,IAAI,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAE7D,uBAAuB;YACvB,IAAI,IAAI,CAAC,cAAc,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aAC3E;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC;KAAA;IAEK,SAAS,CAAC,IAAS;;YACrB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAE3D,IAAI,IAAI,CAAC,cAAc,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aAC1E;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEK,OAAO,CAAC,IAAS;;YACnB,IAAI,CAAC,IAAI,EAAE;gBACP,MAAM,IAAA,mCAA2B,EAAC,IAAI,CAAC,MAAM,EAAE,4BAA4B,CAAC,CAAC;aAChF;YAED,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAE3D,IAAI,IAAI,CAAC,cAAc,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aACxE;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;KAAA;IAEK,KAAK,CAAC,IAAS;;YACjB,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAE7B,2BAA2B;YAC3B,IAAI,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAE3D,IAAI,IAAI,CAAC,cAAc,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,IAAA,oBAAY,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;aACtE;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,CAAC;KAAA;IAED,SAAS,CAAC,SAA8B;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QAC7D,IAAI,KAAK,KAAK,KAAK,EAAE;YACjB,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;SAC1D;IACL,CAAC;IAEa,aAAa,CACvB,QAAa,EACb,GAA4B,EAC5B,MAAc,EACd,SAA8B;;YAE9B,MAAM,QAAQ,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;YACpF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YACpE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,6BAA6B,CAAC,CAAC;gBACzD,MAAM,IAAI,CAAC,KAAK,CAAC,cAAc,CAC3B,IAAI,CAAC,KAAK,EACV,SAAS,EACT,uCAAuC,EACvC,6BAAiB,CAAC,mBAAmB,CACxC,CAAC;aACL;iBAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;gBAC1B,MAAM,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,yDAAyD,CAAC,CAAC;aAC5F;YACD,OAAO,MAAM,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC;KAAA;IAED,IAAY,cAAc;QACtB,OAAO,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC9D,CAAC;CACJ;AAjXD,gDAiXC"}
|
|
@@ -1,11 +1,32 @@
|
|
|
1
1
|
import { AuthUser } from '../../types';
|
|
2
|
-
import { ModelMeta, PolicyDef } from '../types';
|
|
2
|
+
import type { ModelMeta, PolicyDef, ZodSchemas } from '../types';
|
|
3
3
|
/**
|
|
4
4
|
* Context for evaluating access policies
|
|
5
5
|
*/
|
|
6
6
|
export type WithPolicyContext = {
|
|
7
7
|
user?: AuthUser;
|
|
8
8
|
};
|
|
9
|
+
/**
|
|
10
|
+
* Options for @see withPolicy
|
|
11
|
+
*/
|
|
12
|
+
export type WithPolicyOptions = {
|
|
13
|
+
/**
|
|
14
|
+
* Policy definition
|
|
15
|
+
*/
|
|
16
|
+
policy?: PolicyDef;
|
|
17
|
+
/**
|
|
18
|
+
* Model metatadata
|
|
19
|
+
*/
|
|
20
|
+
modelMeta?: ModelMeta;
|
|
21
|
+
/**
|
|
22
|
+
* Zod schemas for validation
|
|
23
|
+
*/
|
|
24
|
+
zodSchemas?: ZodSchemas;
|
|
25
|
+
/**
|
|
26
|
+
* Whether to log Prisma query
|
|
27
|
+
*/
|
|
28
|
+
logPrismaQuery?: boolean;
|
|
29
|
+
};
|
|
9
30
|
/**
|
|
10
31
|
* Gets an enhanced Prisma client with access policy check.
|
|
11
32
|
*
|
|
@@ -14,4 +35,4 @@ export type WithPolicyContext = {
|
|
|
14
35
|
* @param policy The policy definition, will be loaded from default location if not provided
|
|
15
36
|
* @param modelMeta The model metadata, will be loaded from default location if not provided
|
|
16
37
|
*/
|
|
17
|
-
export declare function withPolicy<DbClient extends object>(prisma: DbClient, context?: WithPolicyContext,
|
|
38
|
+
export declare function withPolicy<DbClient extends object>(prisma: DbClient, context?: WithPolicyContext, options?: WithPolicyOptions): DbClient;
|
|
@@ -1,7 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
/* eslint-disable @typescript-eslint/no-var-requires */
|
|
2
3
|
/* eslint-disable @typescript-eslint/no-explicit-any */
|
|
4
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
5
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
6
|
+
};
|
|
3
7
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
4
8
|
exports.withPolicy = void 0;
|
|
9
|
+
const path_1 = __importDefault(require("path"));
|
|
5
10
|
const model_meta_1 = require("../model-meta");
|
|
6
11
|
const proxy_1 = require("../proxy");
|
|
7
12
|
const handler_1 = require("./handler");
|
|
@@ -13,19 +18,47 @@ const handler_1 = require("./handler");
|
|
|
13
18
|
* @param policy The policy definition, will be loaded from default location if not provided
|
|
14
19
|
* @param modelMeta The model metadata, will be loaded from default location if not provided
|
|
15
20
|
*/
|
|
16
|
-
function withPolicy(prisma, context,
|
|
17
|
-
|
|
18
|
-
const
|
|
19
|
-
|
|
21
|
+
function withPolicy(prisma, context, options) {
|
|
22
|
+
var _a, _b, _c;
|
|
23
|
+
const _policy = (_a = options === null || options === void 0 ? void 0 : options.policy) !== null && _a !== void 0 ? _a : getDefaultPolicy();
|
|
24
|
+
const _modelMeta = (_b = options === null || options === void 0 ? void 0 : options.modelMeta) !== null && _b !== void 0 ? _b : (0, model_meta_1.getDefaultModelMeta)();
|
|
25
|
+
const _zodSchemas = (_c = options === null || options === void 0 ? void 0 : options.zodSchemas) !== null && _c !== void 0 ? _c : getDefaultZodSchemas();
|
|
26
|
+
return (0, proxy_1.makeProxy)(prisma, _modelMeta, (_prisma, model) => new handler_1.PolicyProxyHandler(_prisma, _policy, _modelMeta, _zodSchemas, model, context === null || context === void 0 ? void 0 : context.user, options === null || options === void 0 ? void 0 : options.logPrismaQuery), 'policy');
|
|
20
27
|
}
|
|
21
28
|
exports.withPolicy = withPolicy;
|
|
22
29
|
function getDefaultPolicy() {
|
|
23
30
|
try {
|
|
24
|
-
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
|
25
31
|
return require('.zenstack/policy').default;
|
|
26
32
|
}
|
|
27
33
|
catch (_a) {
|
|
28
|
-
|
|
34
|
+
if (process.env.ZENSTACK_TEST === '1') {
|
|
35
|
+
try {
|
|
36
|
+
// special handling for running as tests, try resolving relative to CWD
|
|
37
|
+
return require(path_1.default.join(process.cwd(), 'node_modules', '.zenstack', 'policy')).default;
|
|
38
|
+
}
|
|
39
|
+
catch (_b) {
|
|
40
|
+
throw new Error('Policy definition cannot be loaded from default location. Please make sure "zenstack generate" has been run.');
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
throw new Error('Policy definition cannot be loaded from default location. Please make sure "zenstack generate" has been run.');
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
function getDefaultZodSchemas() {
|
|
47
|
+
try {
|
|
48
|
+
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
|
49
|
+
return require('.zenstack/zod');
|
|
50
|
+
}
|
|
51
|
+
catch (_a) {
|
|
52
|
+
if (process.env.ZENSTACK_TEST === '1') {
|
|
53
|
+
try {
|
|
54
|
+
// special handling for running as tests, try resolving relative to CWD
|
|
55
|
+
return require(path_1.default.join(process.cwd(), 'node_modules', '.zenstack', 'zod'));
|
|
56
|
+
}
|
|
57
|
+
catch (_b) {
|
|
58
|
+
return undefined;
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
return undefined;
|
|
29
62
|
}
|
|
30
63
|
}
|
|
31
64
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/enhancements/policy/index.ts"],"names":[],"mappings":";AAAA,uDAAuD
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/enhancements/policy/index.ts"],"names":[],"mappings":";AAAA,uDAAuD;AACvD,uDAAuD;;;;;;AAEvD,gDAAwB;AAExB,8CAAoD;AACpD,oCAAqC;AAErC,uCAA+C;AAkC/C;;;;;;;GAOG;AACH,SAAgB,UAAU,CACtB,MAAgB,EAChB,OAA2B,EAC3B,OAA2B;;IAE3B,MAAM,OAAO,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM,mCAAI,gBAAgB,EAAE,CAAC;IACtD,MAAM,UAAU,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,mCAAI,IAAA,gCAAmB,GAAE,CAAC;IAC/D,MAAM,WAAW,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,UAAU,mCAAI,oBAAoB,EAAE,CAAC;IAElE,OAAO,IAAA,iBAAS,EACZ,MAAM,EACN,UAAU,EACV,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CACf,IAAI,4BAAkB,CAClB,OAA2B,EAC3B,OAAO,EACP,UAAU,EACV,WAAW,EACX,KAAK,EACL,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EACb,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,CAC1B,EACL,QAAQ,CACX,CAAC;AACN,CAAC;AAxBD,gCAwBC;AAED,SAAS,gBAAgB;IACrB,IAAI;QACA,OAAO,OAAO,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC;KAC9C;IAAC,WAAM;QACJ,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE;YACnC,IAAI;gBACA,uEAAuE;gBACvE,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC;aAC3F;YAAC,WAAM;gBACJ,MAAM,IAAI,KAAK,CACX,8GAA8G,CACjH,CAAC;aACL;SACJ;QACD,MAAM,IAAI,KAAK,CACX,8GAA8G,CACjH,CAAC;KACL;AACL,CAAC;AAED,SAAS,oBAAoB;IACzB,IAAI;QACA,8DAA8D;QAC9D,OAAO,OAAO,CAAC,eAAe,CAAC,CAAC;KACnC;IAAC,WAAM;QACJ,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,GAAG,EAAE;YACnC,IAAI;gBACA,uEAAuE;gBACvE,OAAO,OAAO,CAAC,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;aAChF;YAAC,WAAM;gBACJ,OAAO,SAAS,CAAC;aACpB;SACJ;QACD,OAAO,SAAS,CAAC;KACpB;AACL,CAAC"}
|