npm - @zssz-soft/firebase-functions-shared - Versions diffs - 1.1.0 - Mend

@zssz-soft/firebase-functions-shared 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

package/README.md +391 -0
package/lib/config/app.config.d.ts +106 -0
package/lib/config/app.config.d.ts.map +1 -0
package/lib/config/app.config.js +55 -0
package/lib/config/app.config.js.map +1 -0
package/lib/config/index.d.ts +2 -0
package/lib/config/index.d.ts.map +1 -0
package/lib/config/index.js +18 -0
package/lib/config/index.js.map +1 -0
package/lib/index.d.ts +13 -0
package/lib/index.d.ts.map +1 -0
package/lib/index.js +29 -0
package/lib/index.js.map +1 -0
package/lib/modules/bootstrap/bootstrap.d.ts +4 -0
package/lib/modules/bootstrap/bootstrap.d.ts.map +1 -0
package/lib/modules/bootstrap/bootstrap.js +162 -0
package/lib/modules/bootstrap/bootstrap.js.map +1 -0
package/lib/modules/bootstrap/bootstrap.models.d.ts +20 -0
package/lib/modules/bootstrap/bootstrap.models.d.ts.map +1 -0
package/lib/modules/bootstrap/bootstrap.models.js +3 -0
package/lib/modules/bootstrap/bootstrap.models.js.map +1 -0
package/lib/modules/bootstrap/index.d.ts +3 -0
package/lib/modules/bootstrap/index.d.ts.map +1 -0
package/lib/modules/bootstrap/index.js +19 -0
package/lib/modules/bootstrap/index.js.map +1 -0
package/lib/modules/email/email.d.ts +5 -0
package/lib/modules/email/email.d.ts.map +1 -0
package/lib/modules/email/email.js +105 -0
package/lib/modules/email/email.js.map +1 -0
package/lib/modules/email/email.models.d.ts +25 -0
package/lib/modules/email/email.models.d.ts.map +1 -0
package/lib/modules/email/email.models.js +3 -0
package/lib/modules/email/email.models.js.map +1 -0
package/lib/modules/email/email.service.d.ts +11 -0
package/lib/modules/email/email.service.d.ts.map +1 -0
package/lib/modules/email/email.service.js +227 -0
package/lib/modules/email/email.service.js.map +1 -0
package/lib/modules/email/email.validator.d.ts +2 -0
package/lib/modules/email/email.validator.d.ts.map +1 -0
package/lib/modules/email/email.validator.js +9 -0
package/lib/modules/email/email.validator.js.map +1 -0
package/lib/modules/email/index.d.ts +5 -0
package/lib/modules/email/index.d.ts.map +1 -0
package/lib/modules/email/index.js +21 -0
package/lib/modules/email/index.js.map +1 -0
package/lib/modules/security/effective-permissions.d.ts +28 -0
package/lib/modules/security/effective-permissions.d.ts.map +1 -0
package/lib/modules/security/effective-permissions.js +133 -0
package/lib/modules/security/effective-permissions.js.map +1 -0
package/lib/modules/security/effective-permissions.models.d.ts +96 -0
package/lib/modules/security/effective-permissions.models.d.ts.map +1 -0
package/lib/modules/security/effective-permissions.models.js +24 -0
package/lib/modules/security/effective-permissions.models.js.map +1 -0
package/lib/modules/security/effective-permissions.triggers.d.ts +83 -0
package/lib/modules/security/effective-permissions.triggers.d.ts.map +1 -0
package/lib/modules/security/effective-permissions.triggers.js +307 -0
package/lib/modules/security/effective-permissions.triggers.js.map +1 -0
package/lib/modules/security/index.d.ts +10 -0
package/lib/modules/security/index.d.ts.map +1 -0
package/lib/modules/security/index.js +28 -0
package/lib/modules/security/index.js.map +1 -0
package/lib/modules/storage/index.d.ts +2 -0
package/lib/modules/storage/index.d.ts.map +1 -0
package/lib/modules/storage/index.js +18 -0
package/lib/modules/storage/index.js.map +1 -0
package/lib/modules/storage/thumbnail-functions.d.ts +10 -0
package/lib/modules/storage/thumbnail-functions.d.ts.map +1 -0
package/lib/modules/storage/thumbnail-functions.js +482 -0
package/lib/modules/storage/thumbnail-functions.js.map +1 -0
package/lib/modules/user/index.d.ts +4 -0
package/lib/modules/user/index.d.ts.map +1 -0
package/lib/modules/user/index.js +20 -0
package/lib/modules/user/index.js.map +1 -0
package/lib/modules/user/user-management.d.ts +29 -0
package/lib/modules/user/user-management.d.ts.map +1 -0
package/lib/modules/user/user-management.js +134 -0
package/lib/modules/user/user-management.js.map +1 -0
package/lib/modules/user/user.d.ts +2 -0
package/lib/modules/user/user.d.ts.map +1 -0
package/lib/modules/user/user.js +15 -0
package/lib/modules/user/user.js.map +1 -0
package/lib/modules/user/user.models.d.ts +15 -0
package/lib/modules/user/user.models.d.ts.map +1 -0
package/lib/modules/user/user.models.js +6 -0
package/lib/modules/user/user.models.js.map +1 -0
package/package.json +72 -0

package/lib/modules/email/email.validator.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare const validateEmail: (email: string) => boolean;
2	+ //# sourceMappingURL=email.validator.d.ts.map

package/lib/modules/email/email.validator.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"email.validator.d.ts","sourceRoot":"","sources":["../../../src/modules/email/email.validator.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,aAAa,GAAI,OAAO,MAAM,KAAG,OAE7C,CAAC"}

package/lib/modules/email/email.validator.js ADDED Viewed

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateEmail = void 0;
+const emailRegex = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/;
+const validateEmail = (email) => {
+    return emailRegex.test(email);
+};
+exports.validateEmail = validateEmail;
+//# sourceMappingURL=email.validator.js.map

package/lib/modules/email/email.validator.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"email.validator.js","sourceRoot":"","sources":["../../../src/modules/email/email.validator.ts"],"names":[],"mappings":";;;AAAA,MAAM,UAAU,GACd,sIAAsI,CAAC;AAElI,MAAM,aAAa,GAAG,CAAC,KAAa,EAAW,EAAE;IACtD,OAAO,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAChC,CAAC,CAAC;AAFW,QAAA,aAAa,iBAExB"}

package/lib/modules/email/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from './email';
+export * from './email.models';
+export * from './email.service';
+export * from './email.validator';
+//# sourceMappingURL=index.d.ts.map

package/lib/modules/email/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/modules/email/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC;AACxB,cAAc,gBAAgB,CAAC;AAC/B,cAAc,iBAAiB,CAAC;AAChC,cAAc,mBAAmB,CAAC"}

package/lib/modules/email/index.js ADDED Viewed

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./email"), exports);
+__exportStar(require("./email.models"), exports);
+__exportStar(require("./email.service"), exports);
+__exportStar(require("./email.validator"), exports);
+//# sourceMappingURL=index.js.map

package/lib/modules/email/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modules/email/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0CAAwB;AACxB,iDAA+B;AAC/B,kDAAgC;AAChC,oDAAkC"}

package/lib/modules/security/effective-permissions.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Effective Permissions Core Logic
+ *
+ * Provides functions to calculate and cache effective permissions for users.
+ */
+import { EffectivePermissionsConfig } from './effective-permissions.models';
+/**
+ * Calculate and cache effective permissions for a user
+ *
+ * @param userId - The user ID to calculate permissions for
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+export declare function calculateEffectivePermissions(userId: string, config?: Partial<EffectivePermissionsConfig>): Promise<void>;
+/**
+ * Delete effective permissions cache for a user
+ *
+ * @param userId - The user ID to delete permissions for
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+export declare function deleteEffectivePermissions(userId: string, config?: Partial<EffectivePermissionsConfig>): Promise<void>;
+/**
+ * Batch update effective permissions for multiple users
+ *
+ * @param userIds - Array of user IDs to update
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+export declare function batchUpdateEffectivePermissions(userIds: string[], config?: Partial<EffectivePermissionsConfig>): Promise<void>;
+//# sourceMappingURL=effective-permissions.d.ts.map

package/lib/modules/security/effective-permissions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"effective-permissions.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,0BAA0B,EAG3B,MAAM,gCAAgC,CAAC;AAExC;;;;;GAKG;AACH,wBAAsB,6BAA6B,CACjD,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAyDf;AAED;;;;;GAKG;AACH,wBAAsB,0BAA0B,CAC9C,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAYf;AAED;;;;;GAKG;AACH,wBAAsB,+BAA+B,CACnD,OAAO,EAAE,MAAM,EAAE,EACjB,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,GAC/C,OAAO,CAAC,IAAI,CAAC,CAiBf"}

package/lib/modules/security/effective-permissions.js ADDED Viewed

@@ -0,0 +1,133 @@
+"use strict";
+/**
+ * Effective Permissions Core Logic
+ *
+ * Provides functions to calculate and cache effective permissions for users.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.calculateEffectivePermissions = calculateEffectivePermissions;
+exports.deleteEffectivePermissions = deleteEffectivePermissions;
+exports.batchUpdateEffectivePermissions = batchUpdateEffectivePermissions;
+const admin = __importStar(require("firebase-admin"));
+const effective_permissions_models_1 = require("./effective-permissions.models");
+/**
+ * Calculate and cache effective permissions for a user
+ *
+ * @param userId - The user ID to calculate permissions for
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+async function calculateEffectivePermissions(userId, config = {}) {
+    const cfg = Object.assign(Object.assign({}, effective_permissions_models_1.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG), config);
+    const db = admin.firestore();
+    // Fetch user document
+    const userDoc = await db.collection(cfg.userCollection).doc(userId).get();
+    if (!userDoc.exists) {
+        console.warn(`User ${userId} does not exist, skipping permission calculation`);
+        return;
+    }
+    const userData = userDoc.data();
+    const roleIds = userData[cfg.userRoleIdsField] || [];
+    // Fetch all roles for this user
+    const rolePromises = roleIds.map((roleId) => db.collection(cfg.roleCollection).doc(roleId).get());
+    const roleDocs = await Promise.all(rolePromises);
+    // Aggregate permissions and role names
+    const allPermissions = new Set();
+    const roleNames = [];
+    for (const roleDoc of roleDocs) {
+        if (roleDoc.exists) {
+            const roleData = roleDoc.data();
+            const roleName = roleData[cfg.roleNameField];
+            const permissions = roleData[cfg.rolePermissionsField] || [];
+            if (roleName) {
+                roleNames.push(roleName);
+            }
+            if (Array.isArray(permissions)) {
+                permissions.forEach((p) => allPermissions.add(p));
+            }
+        }
+    }
+    // Create effective permissions document
+    const effectivePermissions = {
+        permissions: Array.from(allPermissions).sort(),
+        roles: roleNames.sort(),
+        lastUpdated: admin.firestore.FieldValue.serverTimestamp(),
+    };
+    // Write to cache location: security/users/{userId}/effective_permissions
+    await db
+        .collection(cfg.securityCollection)
+        .doc('users')
+        .collection(userId)
+        .doc('effective_permissions')
+        .set(effectivePermissions, { merge: false });
+    console.log(`Updated effective permissions for user ${userId}: ${effectivePermissions.permissions.length} permissions, ${effectivePermissions.roles.length} roles`);
+}
+/**
+ * Delete effective permissions cache for a user
+ *
+ * @param userId - The user ID to delete permissions for
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+async function deleteEffectivePermissions(userId, config = {}) {
+    const cfg = Object.assign(Object.assign({}, effective_permissions_models_1.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG), config);
+    const db = admin.firestore();
+    await db
+        .collection(cfg.securityCollection)
+        .doc('users')
+        .collection(userId)
+        .doc('effective_permissions')
+        .delete();
+    console.log(`Deleted effective permissions for user ${userId}`);
+}
+/**
+ * Batch update effective permissions for multiple users
+ *
+ * @param userIds - Array of user IDs to update
+ * @param config - Configuration options (uses defaults if not provided)
+ */
+async function batchUpdateEffectivePermissions(userIds, config = {}) {
+    const cfg = Object.assign(Object.assign({}, effective_permissions_models_1.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG), config);
+    const BATCH_SIZE = cfg.batchSize;
+    console.log(`Batch updating ${userIds.length} users (batch size: ${BATCH_SIZE})`);
+    for (let i = 0; i < userIds.length; i += BATCH_SIZE) {
+        const batch = userIds.slice(i, i + BATCH_SIZE);
+        const batchNumber = Math.floor(i / BATCH_SIZE) + 1;
+        const totalBatches = Math.ceil(userIds.length / BATCH_SIZE);
+        console.log(`Processing batch ${batchNumber}/${totalBatches} (${batch.length} users)`);
+        await Promise.all(batch.map((userId) => calculateEffectivePermissions(userId, config)));
+    }
+    console.log(`Completed batch update for ${userIds.length} users`);
+}
+//# sourceMappingURL=effective-permissions.js.map

package/lib/modules/security/effective-permissions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"effective-permissions.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAeH,sEA4DC;AAQD,gEAeC;AAQD,0EAoBC;AA5HD,sDAAwC;AACxC,iFAIwC;AAExC;;;;;GAKG;AACI,KAAK,UAAU,6BAA6B,CACjD,MAAc,EACd,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;IAE7B,sBAAsB;IACtB,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC;IAE1E,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC,QAAQ,MAAM,kDAAkD,CAAC,CAAC;QAC/E,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAG,CAAC;IACjC,MAAM,OAAO,GAAa,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;IAE/D,gCAAgC;IAChC,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAClG,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAEjD,uCAAuC;IACvC,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IACzC,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,EAAS,CAAC;YACvC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAC7C,MAAM,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,EAAE,CAAC;YAE7D,IAAI,QAAQ,EAAE,CAAC;gBACb,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3B,CAAC;YAED,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,MAAM,oBAAoB,GAAyB;QACjD,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,EAAE;QAC9C,KAAK,EAAE,SAAS,CAAC,IAAI,EAAE;QACvB,WAAW,EAAE,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,eAAe,EAAE;KAC1D,CAAC;IAEF,yEAAyE;IACzE,MAAM,EAAE;SACL,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC;SAClC,GAAG,CAAC,OAAO,CAAC;SACZ,UAAU,CAAC,MAAM,CAAC;SAClB,GAAG,CAAC,uBAAuB,CAAC;SAC5B,GAAG,CAAC,oBAAoB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAE/C,OAAO,CAAC,GAAG,CACT,0CAA0C,MAAM,KAAK,oBAAoB,CAAC,WAAW,CAAC,MAAM,iBAAiB,oBAAoB,CAAC,KAAK,CAAC,MAAM,QAAQ,CACvJ,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,0BAA0B,CAC9C,MAAc,EACd,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;IAE7B,MAAM,EAAE;SACL,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC;SAClC,GAAG,CAAC,OAAO,CAAC;SACZ,UAAU,CAAC,MAAM,CAAC;SAClB,GAAG,CAAC,uBAAuB,CAAC;SAC5B,MAAM,EAAE,CAAC;IAEZ,OAAO,CAAC,GAAG,CAAC,0CAA0C,MAAM,EAAE,CAAC,CAAC;AAClE,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,+BAA+B,CACnD,OAAiB,EACjB,SAA8C,EAAE;IAEhD,MAAM,GAAG,mCAAQ,mEAAoC,GAAK,MAAM,CAAE,CAAC;IACnE,MAAM,UAAU,GAAG,GAAG,CAAC,SAAS,CAAC;IAEjC,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,CAAC,MAAM,uBAAuB,UAAU,GAAG,CAAC,CAAC;IAElF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC;QACpD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;QAE5D,OAAO,CAAC,GAAG,CAAC,oBAAoB,WAAW,IAAI,YAAY,KAAK,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC;QAEvF,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,6BAA6B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,8BAA8B,OAAO,CAAC,MAAM,QAAQ,CAAC,CAAC;AACpE,CAAC"}

package/lib/modules/security/effective-permissions.models.d.ts ADDED Viewed

@@ -0,0 +1,96 @@
+/**
+ * Effective Permissions Models and Configuration
+ *
+ * Provides configurable permission caching system for Firebase security rules.
+ * Maintains denormalized permission cache based on user roles.
+ */
+import { FieldValue } from 'firebase-admin/firestore';
+import { Role } from '../user/user.models';
+export { Role };
+/**
+ * Configuration for the effective permissions system
+ */
+export interface EffectivePermissionsConfig {
+    /**
+     * Collection name where users are stored
+     * @default 'user'
+     */
+    userCollection: string;
+    /**
+     * Collection name where roles are stored
+     * @default 'role'
+     */
+    roleCollection: string;
+    /**
+     * Collection name for security data
+     * @default 'security'
+     */
+    securityCollection: string;
+    /**
+     * Field name in user documents that contains role IDs array
+     * @default 'roleIds'
+     */
+    userRoleIdsField: string;
+    /**
+     * Field name in role documents that contains permissions array
+     * @default 'permissions'
+     */
+    rolePermissionsField: string;
+    /**
+     * Field name in role documents that contains role name
+     * @default 'name'
+     */
+    roleNameField: string;
+    /**
+     * Batch size for processing multiple users at once
+     * Used when a role's permissions change and many users need updates
+     * @default 50
+     */
+    batchSize: number;
+    /**
+     * Region for deployed functions
+     * @default 'us-central1'
+     */
+    region: string;
+    /**
+     * Max instances for each function
+     * @default 10
+     */
+    maxInstances: number;
+    /**
+     * Firestore database ID (optional, uses default if not specified)
+     */
+    databaseId?: string;
+}
+/**
+ * Default configuration values
+ */
+export declare const DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG: EffectivePermissionsConfig;
+/**
+ * Effective permissions cache document structure
+ * Stored at: {securityCollection}/users/{userId}/effective_permissions
+ */
+export interface EffectivePermissions {
+    /**
+     * Flattened array of all permissions from all user's roles
+     * Sorted alphabetically for consistency
+     */
+    permissions: string[];
+    /**
+     * Array of role names (not IDs) for easier debugging
+     * Sorted alphabetically for consistency
+     */
+    roles: string[];
+    /**
+     * Timestamp when this cache was last updated
+     */
+    lastUpdated: FieldValue;
+}
+/**
+ * User document structure (partial - only fields we care about)
+ * Note: Actual field names are configurable via EffectivePermissionsConfig
+ */
+export interface UserDocument {
+    [key: string]: any;
+}
+//# sourceMappingURL=effective-permissions.models.d.ts.map

package/lib/modules/security/effective-permissions.models.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"effective-permissions.models.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.models.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAG3C,OAAO,EAAE,IAAI,EAAE,CAAC;AAEhB;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC;;;OAGG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,cAAc,EAAE,MAAM,CAAC;IAEvB;;;OAGG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAE3B;;;OAGG;IACH,gBAAgB,EAAE,MAAM,CAAC;IAEzB;;;OAGG;IACH,oBAAoB,EAAE,MAAM,CAAC;IAE7B;;;OAGG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;;;OAIG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,eAAO,MAAM,oCAAoC,EAAE,0BAUlD,CAAC;AAEF;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,WAAW,EAAE,MAAM,EAAE,CAAC;IAEtB;;;OAGG;IACH,KAAK,EAAE,MAAM,EAAE,CAAC;IAEhB;;OAEG;IACH,WAAW,EAAE,UAAU,CAAC;CACzB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC;CACpB"}

package/lib/modules/security/effective-permissions.models.js ADDED Viewed

@@ -0,0 +1,24 @@
+"use strict";
+/**
+ * Effective Permissions Models and Configuration
+ *
+ * Provides configurable permission caching system for Firebase security rules.
+ * Maintains denormalized permission cache based on user roles.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG = void 0;
+/**
+ * Default configuration values
+ */
+exports.DEFAULT_EFFECTIVE_PERMISSIONS_CONFIG = {
+    userCollection: 'user',
+    roleCollection: 'role',
+    securityCollection: 'security',
+    userRoleIdsField: 'roleIds',
+    rolePermissionsField: 'permissions',
+    roleNameField: 'name',
+    batchSize: 50,
+    region: 'us-central1',
+    maxInstances: 10,
+};
+//# sourceMappingURL=effective-permissions.models.js.map

package/lib/modules/security/effective-permissions.models.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"effective-permissions.models.js","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.models.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAyEH;;GAEG;AACU,QAAA,oCAAoC,GAA+B;IAC9E,cAAc,EAAE,MAAM;IACtB,cAAc,EAAE,MAAM;IACtB,kBAAkB,EAAE,UAAU;IAC9B,gBAAgB,EAAE,SAAS;IAC3B,oBAAoB,EAAE,aAAa;IACnC,aAAa,EAAE,MAAM;IACrB,SAAS,EAAE,EAAE;IACb,MAAM,EAAE,aAAa;IACrB,YAAY,EAAE,EAAE;CACjB,CAAC"}

package/lib/modules/security/effective-permissions.triggers.d.ts ADDED Viewed

@@ -0,0 +1,83 @@
+/**
+ * Effective Permissions Trigger Factories
+ *
+ * Factory functions that create Firebase Cloud Functions v2 triggers
+ * for automatically maintaining the effective permissions cache.
+ */
+import { EffectivePermissionsConfig } from './effective-permissions.models';
+/**
+ * Create user lifecycle triggers
+ * Automatically maintains permission cache when users are created, updated, or deleted
+ *
+ * @param config - Configuration for the permission system
+ * @returns Object containing the three trigger functions
+ */
+export declare function createUserPermissionTriggers(config?: Partial<EffectivePermissionsConfig>): {
+    /**
+     * Trigger when a new user is created
+     * Calculates initial effective permissions
+     */
+    onUserCreate: import("firebase-functions/core").CloudFunction<import("firebase-functions/v2/firestore").FirestoreEvent<import("firebase-functions/v2/firestore").QueryDocumentSnapshot | undefined, {
+        userId: string;
+    }>>;
+    /**
+     * Trigger when a user document is updated
+     * Recalculates effective permissions if roles changed
+     */
+    onUserRoleChange: import("firebase-functions/core").CloudFunction<import("firebase-functions/v2/firestore").FirestoreEvent<import("firebase-functions/v2/firestore").Change<import("firebase-functions/v2/firestore").QueryDocumentSnapshot> | undefined, {
+        userId: string;
+    }>>;
+    /**
+     * Trigger when a user is deleted
+     * Cleans up the permission cache
+     */
+    onUserDelete: import("firebase-functions/core").CloudFunction<import("firebase-functions/v2/firestore").FirestoreEvent<import("firebase-functions/v2/firestore").QueryDocumentSnapshot | undefined, {
+        userId: string;
+    }>>;
+};
+/**
+ * Create role permission change triggers
+ * Automatically updates all affected users when role permissions change
+ *
+ * @param config - Configuration for the permission system
+ * @returns Object containing the two trigger functions
+ */
+export declare function createRolePermissionTriggers(config?: Partial<EffectivePermissionsConfig>): {
+    /**
+     * Trigger when a role's permissions are updated
+     * Updates all users who have this role
+     */
+    onRolePermissionsChange: import("firebase-functions/core").CloudFunction<import("firebase-functions/v2/firestore").FirestoreEvent<import("firebase-functions/v2/firestore").Change<import("firebase-functions/v2/firestore").QueryDocumentSnapshot> | undefined, {
+        roleId: string;
+    }>>;
+    /**
+     * Trigger when a role is deleted
+     * Updates all users who had this role
+     */
+    onRoleDelete: import("firebase-functions/core").CloudFunction<import("firebase-functions/v2/firestore").FirestoreEvent<import("firebase-functions/v2/firestore").QueryDocumentSnapshot | undefined, {
+        roleId: string;
+    }>>;
+};
+/**
+ * Create admin HTTP endpoints for manual permission management
+ *
+ * @param config - Configuration for the permission system
+ * @param adminSecretKey - Key in functions config where admin secret is stored (e.g., 'admin.secret')
+ * @returns Object containing bootstrap and recalculate endpoints
+ */
+export declare function createAdminPermissionEndpoints(config?: Partial<EffectivePermissionsConfig>, adminSecretKey?: string): {
+    /**
+     * Bootstrap endpoint - initialize permissions for all existing users
+     * POST /bootstrapEffectivePermissions
+     * Requires Authorization: Bearer <admin-secret>
+     */
+    bootstrapEffectivePermissions: import("firebase-functions/v2/https").HttpsFunction;
+    /**
+     * Recalculate endpoint - manually recalculate permissions for a single user
+     * POST /recalculateUserPermissions
+     * Body: { userId: string }
+     * Requires Authorization: Bearer <admin-secret>
+     */
+    recalculateUserPermissions: import("firebase-functions/v2/https").HttpsFunction;
+};
+//# sourceMappingURL=effective-permissions.triggers.d.ts.map

package/lib/modules/security/effective-permissions.triggers.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"effective-permissions.triggers.d.ts","sourceRoot":"","sources":["../../../src/modules/security/effective-permissions.triggers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAcH,OAAO,EACL,0BAA0B,EAE3B,MAAM,gCAAgC,CAAC;AAExC;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM;IAIzF;;;OAGG;;;;IAcH;;;OAGG;;;;IA8BH;;;OAGG;;;;EAcN;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM;IAIzF;;;OAGG;;;;IA6CH;;;OAGG;;;;EA2BN;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAC5C,MAAM,GAAE,OAAO,CAAC,0BAA0B,CAAM,EAChD,cAAc,GAAE,MAAuB;IAoBrC;;;;OAIG;;IA6DH;;;;;OAKG;;EAiDN"}