npm - digitaltwin-core - Versions diffs - 0.14.3 → 1.0.0 - Mend

digitaltwin-core 0.14.3 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (123) hide show

package/README.md +135 -0
package/dist/auth/apisix_parser.d.ts +46 -51
package/dist/auth/apisix_parser.d.ts.map +1 -1
package/dist/auth/apisix_parser.js +62 -86
package/dist/auth/apisix_parser.js.map +1 -1
package/dist/auth/auth_provider.d.ts +118 -0
package/dist/auth/auth_provider.d.ts.map +1 -0
package/dist/auth/auth_provider.js +8 -0
package/dist/auth/auth_provider.js.map +1 -0
package/dist/auth/auth_provider_factory.d.ts +91 -0
package/dist/auth/auth_provider_factory.d.ts.map +1 -0
package/dist/auth/auth_provider_factory.js +146 -0
package/dist/auth/auth_provider_factory.js.map +1 -0
package/dist/auth/index.d.ts +3 -0
package/dist/auth/index.d.ts.map +1 -1
package/dist/auth/index.js +3 -0
package/dist/auth/index.js.map +1 -1
package/dist/auth/providers/gateway_auth_provider.d.ts +78 -0
package/dist/auth/providers/gateway_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/gateway_auth_provider.js +109 -0
package/dist/auth/providers/gateway_auth_provider.js.map +1 -0
package/dist/auth/providers/index.d.ts +4 -0
package/dist/auth/providers/index.d.ts.map +1 -0
package/dist/auth/providers/index.js +4 -0
package/dist/auth/providers/index.js.map +1 -0
package/dist/auth/providers/jwt_auth_provider.d.ts +91 -0
package/dist/auth/providers/jwt_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/jwt_auth_provider.js +204 -0
package/dist/auth/providers/jwt_auth_provider.js.map +1 -0
package/dist/auth/providers/no_auth_provider.d.ts +61 -0
package/dist/auth/providers/no_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/no_auth_provider.js +76 -0
package/dist/auth/providers/no_auth_provider.js.map +1 -0
package/dist/components/assets_manager.d.ts +1 -1
package/dist/components/assets_manager.d.ts.map +1 -1
package/dist/components/assets_manager.js +52 -44
package/dist/components/assets_manager.js.map +1 -1
package/dist/components/collector.d.ts.map +1 -1
package/dist/components/collector.js +30 -18
package/dist/components/collector.js.map +1 -1
package/dist/components/custom_table_manager.d.ts.map +1 -1
package/dist/components/custom_table_manager.js +36 -65
package/dist/components/custom_table_manager.js.map +1 -1
package/dist/components/harvester.d.ts.map +1 -1
package/dist/components/harvester.js +46 -33
package/dist/components/harvester.js.map +1 -1
package/dist/components/tileset_manager.d.ts.map +1 -1
package/dist/components/tileset_manager.js +20 -15
package/dist/components/tileset_manager.js.map +1 -1
package/dist/database/adapters/knex_database_adapter.d.ts +5 -0
package/dist/database/adapters/knex_database_adapter.d.ts.map +1 -1
package/dist/database/adapters/knex_database_adapter.js +116 -34
package/dist/database/adapters/knex_database_adapter.js.map +1 -1
package/dist/database/database_adapter.d.ts +11 -0
package/dist/database/database_adapter.d.ts.map +1 -1
package/dist/database/database_adapter.js.map +1 -1
package/dist/engine/digital_twin_engine.d.ts +48 -6
package/dist/engine/digital_twin_engine.d.ts.map +1 -1
package/dist/engine/digital_twin_engine.js +175 -48
package/dist/engine/digital_twin_engine.js.map +1 -1
package/dist/engine/endpoints.d.ts.map +1 -1
package/dist/engine/endpoints.js +35 -3
package/dist/engine/endpoints.js.map +1 -1
package/dist/engine/error_handler.d.ts +20 -0
package/dist/engine/error_handler.d.ts.map +1 -0
package/dist/engine/error_handler.js +69 -0
package/dist/engine/error_handler.js.map +1 -0
package/dist/engine/health.d.ts +112 -0
package/dist/engine/health.d.ts.map +1 -0
package/dist/engine/health.js +190 -0
package/dist/engine/health.js.map +1 -0
package/dist/engine/scheduler.d.ts.map +1 -1
package/dist/engine/scheduler.js +9 -1
package/dist/engine/scheduler.js.map +1 -1
package/dist/engine/upload_processor.d.ts.map +1 -1
package/dist/engine/upload_processor.js +24 -12
package/dist/engine/upload_processor.js.map +1 -1
package/dist/errors/index.d.ts +94 -0
package/dist/errors/index.d.ts.map +1 -0
package/dist/errors/index.js +149 -0
package/dist/errors/index.js.map +1 -0
package/dist/index.d.ts +6 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +8 -0
package/dist/index.js.map +1 -1
package/dist/storage/adapters/local_storage_service.d.ts +6 -0
package/dist/storage/adapters/local_storage_service.d.ts.map +1 -1
package/dist/storage/adapters/local_storage_service.js +26 -4
package/dist/storage/adapters/local_storage_service.js.map +1 -1
package/dist/storage/adapters/ovh_storage_service.d.ts.map +1 -1
package/dist/storage/adapters/ovh_storage_service.js +5 -6
package/dist/storage/adapters/ovh_storage_service.js.map +1 -1
package/dist/storage/storage_factory.d.ts.map +1 -1
package/dist/storage/storage_factory.js +4 -1
package/dist/storage/storage_factory.js.map +1 -1
package/dist/storage/storage_service.d.ts.map +1 -1
package/dist/storage/storage_service.js +6 -2
package/dist/storage/storage_service.js.map +1 -1
package/dist/utils/graceful_shutdown.d.ts +44 -0
package/dist/utils/graceful_shutdown.d.ts.map +1 -0
package/dist/utils/graceful_shutdown.js +79 -0
package/dist/utils/graceful_shutdown.js.map +1 -0
package/dist/utils/http_responses.d.ts +20 -0
package/dist/utils/http_responses.d.ts.map +1 -1
package/dist/utils/http_responses.js +28 -2
package/dist/utils/http_responses.js.map +1 -1
package/dist/utils/safe_async.d.ts +50 -0
package/dist/utils/safe_async.d.ts.map +1 -0
package/dist/utils/safe_async.js +90 -0
package/dist/utils/safe_async.js.map +1 -0
package/dist/validation/index.d.ts +3 -0
package/dist/validation/index.d.ts.map +1 -0
package/dist/validation/index.js +7 -0
package/dist/validation/index.js.map +1 -0
package/dist/validation/schemas.d.ts +273 -0
package/dist/validation/schemas.d.ts.map +1 -0
package/dist/validation/schemas.js +82 -0
package/dist/validation/schemas.js.map +1 -0
package/dist/validation/validate.d.ts +49 -0
package/dist/validation/validate.d.ts.map +1 -0
package/dist/validation/validate.js +110 -0
package/dist/validation/validate.js.map +1 -0
package/package.json +9 -1

package/dist/auth/providers/jwt_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,91 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import type { AuthProvider, AuthRequest, AuthProviderConfig } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export declare class JwtAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config: AuthProviderConfig);
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req: AuthRequest): boolean;
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req: AuthRequest): boolean;
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req: AuthRequest): string | null;
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req: AuthRequest): string[];
+}
+//# sourceMappingURL=jwt_auth_provider.d.ts.map

package/dist/auth/providers/jwt_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAA;AACxF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAgB,YAAW,YAAY;;IAShD;;;;;OAKG;gBACS,MAAM,EAAE,kBAAkB;IAwBtC;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAuBxD;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAIvC;;;;;OAKG;IACH,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAKlC;;;;;OAKG;IACH,SAAS,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAK1C;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,EAAE;CAkE3C"}

package/dist/auth/providers/jwt_auth_provider.js ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import jwt from 'jsonwebtoken';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export class JwtAuthProvider {
+    #secret;
+    #algorithm;
+    #issuer;
+    #audience;
+    #userIdClaim;
+    #rolesClaim;
+    #adminRoleName;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config) {
+        if (!config.jwt) {
+            throw new Error('JWT configuration required for JWT auth mode');
+        }
+        const { jwt: jwtConfig } = config;
+        // Secret or public key
+        if (jwtConfig.publicKey) {
+            this.#secret = jwtConfig.publicKey;
+        }
+        else if (jwtConfig.secret) {
+            this.#secret = jwtConfig.secret;
+        }
+        else {
+            throw new Error('JWT secret or publicKey required');
+        }
+        this.#algorithm = jwtConfig.algorithm || 'HS256';
+        this.#issuer = jwtConfig.issuer;
+        this.#audience = jwtConfig.audience;
+        this.#userIdClaim = jwtConfig.userIdClaim || 'sub';
+        this.#rolesClaim = jwtConfig.rolesClaim || 'roles';
+        this.#adminRoleName = config.adminRoleName || 'admin';
+    }
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req) {
+        const token = this.#extractToken(req);
+        if (!token)
+            return null;
+        try {
+            const decoded = jwt.verify(token, this.#secret, {
+                algorithms: [this.#algorithm],
+                issuer: this.#issuer,
+                audience: this.#audience
+            });
+            const userId = this.#extractClaim(decoded, this.#userIdClaim);
+            if (!userId || typeof userId !== 'string')
+                return null;
+            const roles = this.#extractRoles(decoded);
+            return { id: userId, roles };
+        }
+        catch {
+            // Token invalid or expired
+            return null;
+        }
+    }
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req) {
+        return !!this.#extractToken(req);
+    }
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req) {
+        const user = this.parseRequest(req);
+        return user?.roles.includes(this.#adminRoleName) ?? false;
+    }
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req) {
+        const user = this.parseRequest(req);
+        return user?.id ?? null;
+    }
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req) {
+        const user = this.parseRequest(req);
+        return user?.roles ?? [];
+    }
+    /**
+     * Extract the Bearer token from the Authorization header.
+     */
+    #extractToken(req) {
+        const authHeader = this.#getHeader(req.headers, 'authorization');
+        if (!authHeader)
+            return null;
+        // Format: "Bearer <token>"
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2 || parts[0].toLowerCase() !== 'bearer') {
+            return null;
+        }
+        return parts[1];
+    }
+    /**
+     * Extract a claim value from the token payload.
+     * Supports nested paths like "realm_access.roles".
+     */
+    #extractClaim(payload, path) {
+        const parts = path.split('.');
+        let current = payload;
+        for (const part of parts) {
+            if (current === null || current === undefined)
+                return undefined;
+            if (typeof current !== 'object')
+                return undefined;
+            current = current[part];
+        }
+        return current;
+    }
+    /**
+     * Extract roles from the token payload.
+     * Supports standard array format and Keycloak's realm_access.roles.
+     */
+    #extractRoles(payload) {
+        // Try configured roles claim first
+        const roles = this.#extractClaim(payload, this.#rolesClaim);
+        if (Array.isArray(roles)) {
+            return roles.filter((r) => typeof r === 'string');
+        }
+        // Fallback to Keycloak format
+        const realmAccess = payload.realm_access;
+        if (realmAccess?.roles && Array.isArray(realmAccess.roles)) {
+            return realmAccess.roles;
+        }
+        return [];
+    }
+    /**
+     * Get a header value as a string.
+     */
+    #getHeader(headers, name) {
+        const value = headers[name];
+        if (!value)
+            return null;
+        return Array.isArray(value) ? value[0] : value;
+    }
+}
+//# sourceMappingURL=jwt_auth_provider.js.map

package/dist/auth/providers/jwt_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAA;AAI9B;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,OAAO,eAAe;IACf,OAAO,CAAiB;IACxB,UAAU,CAAe;IACzB,OAAO,CAAS;IAChB,SAAS,CAAS;IAClB,YAAY,CAAQ;IACpB,WAAW,CAAQ;IACnB,cAAc,CAAQ;IAE/B;;;;;OAKG;IACH,YAAY,MAA0B;QAClC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;QACnE,CAAC;QAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;QAEjC,uBAAuB;QACvB,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,SAAS,CAAA;QACtC,CAAC;aAAM,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QACnC,CAAC;aAAM,CAAC;YACJ,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,CAAC,UAAU,GAAI,SAAS,CAAC,SAA2B,IAAI,OAAO,CAAA;QACnE,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAA;QACnC,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,WAAW,IAAI,KAAK,CAAA;QAClD,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC,UAAU,IAAI,OAAO,CAAA;QAClD,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,IAAI,OAAO,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE;gBAC5C,UAAU,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;gBAC7B,MAAM,EAAE,IAAI,CAAC,OAAO;gBACpB,QAAQ,EAAE,IAAI,CAAC,SAAS;aAC3B,CAA4B,CAAA;YAE7B,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC7D,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAA;YAEtD,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAEzC,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;QAChC,CAAC;QAAC,MAAM,CAAC;YACL,2BAA2B;YAC3B,OAAO,IAAI,CAAA;QACf,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACH,OAAO,CAAC,GAAgB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,KAAK,CAAA;IAC7D,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,GAAgB;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,EAAE,IAAI,IAAI,CAAA;IAC3B,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;IAC5B,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,GAAgB;QAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAA;QAChE,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAA;QAE5B,2BAA2B;QAC3B,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC,EAAE,IAAY;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,OAAO,GAAY,OAAO,CAAA;QAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,KAAK,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC/D,IAAI,OAAO,OAAO,KAAK,QAAQ;gBAAE,OAAO,SAAS,CAAA;YACjD,OAAO,GAAI,OAAmC,CAAC,IAAI,CAAC,CAAA;QACxD,CAAC;QAED,OAAO,OAAO,CAAA;IAClB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC;QAC1C,mCAAmC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;QAC3D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAA;QAClE,CAAC;QAED,8BAA8B;QAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,YAAgD,CAAA;QAC5E,IAAI,WAAW,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACzD,OAAO,WAAW,CAAC,KAAK,CAAA;QAC5B,CAAC;QAED,OAAO,EAAE,CAAA;IACb,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,OAAsD,EAAE,IAAY;QAC3E,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QACvB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAClD,CAAC;CACJ"}

package/dist/auth/providers/no_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+import type { AuthProvider, AuthRequest } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export declare class NoAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId?: string, anonymousRoles?: string[]);
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req: AuthRequest): boolean;
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req: AuthRequest): boolean;
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req: AuthRequest): string | null;
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req: AuthRequest): string[];
+}
+//# sourceMappingURL=no_auth_provider.d.ts.map

package/dist/auth/providers/no_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,cAAe,YAAW,YAAY;;IAI/C;;;;;OAKG;gBACS,eAAe,SAAc,EAAE,cAAc,GAAE,MAAM,EAAkB;IAKnF;;;;OAIG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAOzD;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAIxC;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAInC;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAI3C;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,EAAE;CAG5C"}

package/dist/auth/providers/no_auth_provider.js ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export class NoAuthProvider {
+    #anonymousUserId;
+    #anonymousRoles;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId = 'anonymous', anonymousRoles = ['anonymous']) {
+        this.#anonymousUserId = anonymousUserId;
+        this.#anonymousRoles = anonymousRoles;
+    }
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req) {
+        return {
+            id: this.#anonymousUserId,
+            roles: this.#anonymousRoles
+        };
+    }
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req) {
+        return true;
+    }
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req) {
+        return false;
+    }
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req) {
+        return this.#anonymousUserId;
+    }
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req) {
+        return this.#anonymousRoles;
+    }
+}
+//# sourceMappingURL=no_auth_provider.js.map

package/dist/auth/providers/no_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,cAAc;IACd,gBAAgB,CAAQ;IACxB,eAAe,CAAU;IAElC;;;;;OAKG;IACH,YAAY,eAAe,GAAG,WAAW,EAAE,iBAA2B,CAAC,WAAW,CAAC;QAC/E,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACvC,IAAI,CAAC,eAAe,GAAG,cAAc,CAAA;IACzC,CAAC;IAED;;;;OAIG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO;YACH,EAAE,EAAE,IAAI,CAAC,gBAAgB;YACzB,KAAK,EAAE,IAAI,CAAC,eAAe;SAC9B,CAAA;IACL,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAA;IACf,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAiB;QACrB,OAAO,KAAK,CAAA;IAChB,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,IAAiB;QACvB,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAChC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAC,eAAe,CAAA;IAC/B,CAAC;CACJ"}

package/dist/components/assets_manager.d.ts CHANGED Viewed

@@ -299,7 +299,7 @@ export declare abstract class AssetsManager implements Component, Servable, Open
     private readTempFile;
     /**
      * Cleans up temporary file after processing.
-     * Silently ignores cleanup errors.
+     * Logs cleanup errors but doesn't throw.
      *
      * @param filePath - Path to temporary file
      */

package/dist/components/assets_manager.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"assets_manager.d.ts","sourceRoot":"","sources":["../../src/components/assets_manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAC1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAC1E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAA;AACnE,OAAO,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,iCAAiC,CAAA;AACnF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAEzD,OAAO,KAAK,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAEpF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;~~AAmDrD~~;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACjD,8CAA8C;IAC9C,WAAW,EAAE,MAAM,CAAA;IACnB,kFAAkF;IAClF,MAAM,EAAE,MAAM,CAAA;IACd,8DAA8D;IAC9D,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAA;IAChB,yEAAyE;IACzE,SAAS,EAAE,OAAO,CAAA;CACrB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,kBAAkB;IAC/B,8CAA8C;IAC9C,WAAW,EAAE,MAAM,CAAA;IACnB,+DAA+D;IAC/D,MAAM,EAAE,MAAM,CAAA;IACd,qDAAqD;IACrD,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAA;IAChB,6BAA6B;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,+DAA+D;IAC/D,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,kBAAkB;IAC/B,qCAAqC;IACrC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,2DAA2D;IAC3D,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,oCAAoC;IACpC,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;AACH,8BAAsB,aAAc,YAAW,SAAS,EAAE,QAAQ,EAAE,mBAAmB;IACnF,SAAS,CAAC,EAAE,EAAG,eAAe,CAAA;IAC9B,SAAS,CAAC,OAAO,EAAG,cAAc,CAAA;IAClC,SAAS,CAAC,WAAW,EAAG,WAAW,CAAA;IAEnC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,eAAe,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI;IAM9F;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,QAAQ,CAAC,gBAAgB,IAAI,0BAA0B;IAEvD;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,iBAAiB;IASzB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,qBAAqB;IAe7B;;;;;;;;;;;;;;;;;OAiBG;IACH,OAAO,CAAC,cAAc;IAoCtB;;;;;;;;;;;;;;;;;;;OAmBG;YACW,mBAAmB;IA4BjC;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAWzB;;;;;OAKG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;;OAMG;YACW,YAAY;IAI1B;;;;;OAKG;YACW,eAAe;~~IAM7B~~;;;;;;;;;;OAUG;IACH,OAAO,CAAC,iBAAiB;IAoBzB;;;;;;OAMG;YACW,uBAAuB;IA6BrC;;;;;;;;;;;OAWG;YACW,yBAAyB;~~IA6BvC~~;;;;;;;;;;;;;;;;;;;;OAoBG;IACG,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAgC7D;;;;;;;;;;;;OAYG;IACG,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;~~IAwBhD~~;;;;;OAKG;YACW,sBAAsB;IAcpC;;;;;OAKG;IACH,OAAO,CAAC,uBAAuB;IAkB/B;;;;;;;;;;;;;OAaG;IACG,YAAY,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;IAW3C;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;IAI/D;;;;;;;;;;;;;;;;;;OAkBG;IACG,mBAAmB,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;~~IAoCjF~~;;;;;;;;;;;;OAYG;IACG,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBhD;;;;;;;;;;;OAWG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IASxC;;;;;;;;;;;;;OAaG;IACG,iBAAiB,CAAC,QAAQ,EAAE,kBAAkB,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA2CtE;;;;;OAKG;IACG,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IASrD;;OAEG;IACH;;;;;;;;;;;;;;;;;OAiBG;IACH,YAAY,IAAI,KAAK,CAAC;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,IAAI,EAAE,MAAM,CAAA;QACZ,OAAO,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG,CAAA;QAChC,YAAY,CAAC,EAAE,MAAM,CAAA;KACxB,CAAC;IAsDF;;;;;;;OAOG;IACH,cAAc,IAAI,oBAAoB;IA+StC;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAqEnD;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;~~IAuDnD~~;;;;;;;;;;;;;;;;;;;OAmBG;IACG,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAcrD;;;;;;;;;;;;;;;;;;;OAmBG;IACG,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAerD;;;;;;;;;;;;OAYG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;~~IAoCnD~~;;OAEG;IACG,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IA2CxD;;;;;OAKG;IACH,OAAO,CAAC,qBAAqB;IAwB7B;;;;;;OAMG;YACW,mBAAmB;IA6BjC;;OAEG;IACG,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAqCxD;;;;;;;;;;OAUG;YACW,mBAAmB;CAmCpC"}
1	+ {"version":3,"file":"assets_manager.d.ts","sourceRoot":"","sources":["../../src/components/assets_manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAC1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAC1E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAA;AACnE,OAAO,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,iCAAiC,CAAA;AACnF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAEzD,OAAO,KAAK,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAA;AAEpF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AAyDrD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACjD,8CAA8C;IAC9C,WAAW,EAAE,MAAM,CAAA;IACnB,kFAAkF;IAClF,MAAM,EAAE,MAAM,CAAA;IACd,8DAA8D;IAC9D,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAA;IAChB,yEAAyE;IACzE,SAAS,EAAE,OAAO,CAAA;CACrB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,WAAW,kBAAkB;IAC/B,8CAA8C;IAC9C,WAAW,EAAE,MAAM,CAAA;IACnB,+DAA+D;IAC/D,MAAM,EAAE,MAAM,CAAA;IACd,qDAAqD;IACrD,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,wBAAwB;IACxB,QAAQ,EAAE,MAAM,CAAA;IAChB,6BAA6B;IAC7B,IAAI,EAAE,MAAM,CAAA;IACZ,+DAA+D;IAC/D,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,kBAAkB;IAC/B,qCAAqC;IACrC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,2DAA2D;IAC3D,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,oCAAoC;IACpC,SAAS,CAAC,EAAE,OAAO,CAAA;CACtB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;AACH,8BAAsB,aAAc,YAAW,SAAS,EAAE,QAAQ,EAAE,mBAAmB;IACnF,SAAS,CAAC,EAAE,EAAG,eAAe,CAAA;IAC9B,SAAS,CAAC,OAAO,EAAG,cAAc,CAAA;IAClC,SAAS,CAAC,WAAW,EAAG,WAAW,CAAA;IAEnC;;;;;;;;;;;;;;;;;;;OAmBG;IACH,eAAe,CAAC,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,CAAC,EAAE,WAAW,GAAG,IAAI;IAM9F;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,QAAQ,CAAC,gBAAgB,IAAI,0BAA0B;IAEvD;;;;;;;;;;;;;;OAcG;IACH,OAAO,CAAC,iBAAiB;IASzB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,qBAAqB;IAe7B;;;;;;;;;;;;;;;;;OAiBG;IACH,OAAO,CAAC,cAAc;IAoCtB;;;;;;;;;;;;;;;;;;;OAmBG;YACW,mBAAmB;IA4BjC;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAWzB;;;;;OAKG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;;OAMG;YACW,YAAY;IAI1B;;;;;OAKG;YACW,eAAe;IAI7B;;;;;;;;;;OAUG;IACH,OAAO,CAAC,iBAAiB;IAoBzB;;;;;;OAMG;YACW,uBAAuB;IA6BrC;;;;;;;;;;;OAWG;YACW,yBAAyB;IA0BvC;;;;;;;;;;;;;;;;;;;;OAoBG;IACG,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAgC7D;;;;;;;;;;;;OAYG;IACG,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAwChD;;;;;OAKG;YACW,sBAAsB;IAcpC;;;;;OAKG;IACH,OAAO,CAAC,uBAAuB;IAkB/B;;;;;;;;;;;;;OAaG;IACG,YAAY,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;IAW3C;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;IAI/D;;;;;;;;;;;;;;;;;;OAkBG;IACG,mBAAmB,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IAkCjF;;;;;;;;;;;;OAYG;IACG,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBhD;;;;;;;;;;;OAWG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IASxC;;;;;;;;;;;;;OAaG;IACG,iBAAiB,CAAC,QAAQ,EAAE,kBAAkB,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IA2CtE;;;;;OAKG;IACG,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IASrD;;OAEG;IACH;;;;;;;;;;;;;;;;;OAiBG;IACH,YAAY,IAAI,KAAK,CAAC;QAClB,MAAM,EAAE,UAAU,CAAA;QAClB,IAAI,EAAE,MAAM,CAAA;QACZ,OAAO,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,GAAG,CAAA;QAChC,YAAY,CAAC,EAAE,MAAM,CAAA;KACxB,CAAC;IAsDF;;;;;;;OAOG;IACH,cAAc,IAAI,oBAAoB;IA+StC;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAqEnD;;;;;;;;;;;;;OAaG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IA4DnD;;;;;;;;;;;;;;;;;;;OAmBG;IACG,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAcrD;;;;;;;;;;;;;;;;;;;OAmBG;IACG,cAAc,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAerD;;;;;;;;;;;;OAYG;IACG,YAAY,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAkCnD;;OAEG;IACG,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IA2CxD;;;;;OAKG;IACH,OAAO,CAAC,qBAAqB;IAwB7B;;;;;;OAMG;YACW,mBAAmB;IA6BjC;;OAEG;IACG,iBAAiB,CAAC,GAAG,EAAE,GAAG,GAAG,OAAO,CAAC,YAAY,CAAC;IAqCxD;;;;;;;;;;OAUG;YACW,mBAAmB;CAmCpC"}

package/dist/components/assets_manager.js CHANGED Viewed

@@ -3,6 +3,11 @@ import { UserService } from '../auth/user_service.js';
 import { AuthConfig } from '../auth/auth_config.js';
 import { successResponse, errorResponse, badRequestResponse, unauthorizedResponse, forbiddenResponse, notFoundResponse, textResponse, fileResponse, multiStatusResponse, HttpStatus } from '../utils/http_responses.js';
 import fs from 'fs/promises';
+import { safeAsync } from '../utils/safe_async.js';
+import { Logger } from '../utils/logger.js';
+import { validateAssetUpdate, validateIdParam, validatePagination } from '../validation/index.js';
+import { validateData, validateQuery, validateParams } from '../validation/validate.js';
+const logger = new Logger('AssetsManager');
 /**
  * Abstract base class for Assets Manager components with authentication and access control.
  *
@@ -298,14 +303,12 @@ export class AssetsManager {
     }
     /**
      * Cleans up temporary file after processing.
-     * Silently ignores cleanup errors.
+     * Logs cleanup errors but doesn't throw.
      *
      * @param filePath - Path to temporary file
      */
     async cleanupTempFile(filePath) {
-        await fs.unlink(filePath).catch(() => {
-            // Ignore cleanup errors
-        });
+        await safeAsync(() => fs.unlink(filePath), `cleanup temp file ${filePath}`, logger);
     }
     /**
      * Validates ownership of an asset.
@@ -375,11 +378,9 @@ export class AssetsManager {
      * @returns Object with asset on success, or DataResponse on failure
      */
     async fetchAssetWithAccessCheck(req) {
-        const { id } = req.params || {};
-        if (!id) {
-            return { success: false, response: badRequestResponse('Asset ID is required') };
-        }
-        const asset = await this.getAssetById(id);
+        // Validate ID parameter (ValidationError bubbles up to global handler -> 422)
+        const validatedParams = await validateParams(validateIdParam, req.params || {}, 'Asset ID');
+        const asset = await this.getAssetById(validatedParams.id.toString());
         if (!asset) {
             return { success: false, response: textResponse(HttpStatus.NOT_FOUND, 'Asset not found') };
         }
@@ -457,17 +458,29 @@ export class AssetsManager {
      */
     async retrieve(req) {
         try {
+            // Validate pagination parameters if present (ValidationError bubbles up to global handler -> 422)
+            let pagination = {};
+            if (req?.query && Object.keys(req.query).length > 0) {
+                pagination = await validateQuery(validatePagination, req.query, 'Pagination');
+            }
             const assets = await this.getAllAssets();
             const isAdmin = req && ApisixAuthParser.isAdmin(req.headers || {});
             // Admin can see everything
+            let visibleAssets;
             if (isAdmin) {
-                return successResponse(this.formatAssetsForResponse(assets));
+                visibleAssets = assets;
+            }
+            else {
+                // Get authenticated user ID if available
+                const authenticatedUserId = await this.getAuthenticatedUserId(req);
+                // Filter to visible assets only
+                visibleAssets = assets.filter(asset => asset.is_public || (authenticatedUserId !== null && asset.owner_id === authenticatedUserId));
             }
-            // Get authenticated user ID if available
-            const authenticatedUserId = await this.getAuthenticatedUserId(req);
-            // Filter to visible assets only
-            const visibleAssets = assets.filter(asset => asset.is_public || (authenticatedUserId !== null && asset.owner_id === authenticatedUserId));
-            return successResponse(this.formatAssetsForResponse(visibleAssets));
+            // Apply pagination
+            const offset = pagination.offset ?? 0;
+            const limit = pagination.limit ?? visibleAssets.length;
+            const paginatedAssets = visibleAssets.slice(offset, offset + limit);
+            return successResponse(this.formatAssetsForResponse(paginatedAssets));
         }
         catch (error) {
             return errorResponse(error);
@@ -584,22 +597,19 @@ export class AssetsManager {
         if (record.name !== config.name) {
             throw new Error(`Asset ${id} does not belong to component ${config.name}`);
         }
-        // Apply updates, keeping existing values for non-updated fields
-        const updatedMetadata = {
-            id: parseInt(id),
-            name: config.name,
-            type: record.contentType,
-            url: record.url,
-            date: record.date, // Keep original date
-            description: updates.description ?? record.description ?? '',
-            source: updates.source ?? record.source ?? '',
-            owner_id: record.owner_id ?? null,
-            filename: record.filename ?? '',
-            is_public: updates.is_public !== undefined ? updates.is_public : (record.is_public ?? true)
-        };
-        // Update the record - delete and re-create with updated metadata
-        await this.db.delete(id, this.getConfiguration().name);
-        await this.db.save(updatedMetadata);
+        // Apply updates - only include fields that are being updated
+        const updateData = {};
+        if (updates.description !== undefined) {
+            updateData.description = updates.description;
+        }
+        if (updates.source !== undefined) {
+            updateData.source = updates.source;
+        }
+        if (updates.is_public !== undefined) {
+            updateData.is_public = updates.is_public;
+        }
+        // Use true UPDATE to preserve the record ID
+        await this.db.updateAssetMetadata(config.name, parseInt(id), updateData);
     }
     /**
      * Delete asset by ID.
@@ -1214,16 +1224,16 @@ export class AssetsManager {
             if (!userId) {
                 return errorResponse('Failed to retrieve user information');
             }
-            const { id } = req.params || {};
-            const { description, source, is_public } = req.body || {};
-            if (!id) {
-                return badRequestResponse('Asset ID is required');
-            }
+            // Validate ID parameter (ValidationError bubbles up to global handler -> 422)
+            const validatedParams = await validateParams(validateIdParam, req.params || {}, 'Asset ID');
+            // Validate request body (ValidationError bubbles up to global handler -> 422)
+            const validatedBody = await validateData(validateAssetUpdate, req.body || {}, 'Asset update');
+            const { description, source, is_public } = validatedBody;
             if (!description && !source && is_public === undefined) {
                 return badRequestResponse('At least one field (description, source, or is_public) must be provided for update');
             }
             // Check if asset exists
-            const asset = await this.getAssetById(id);
+            const asset = await this.getAssetById(validatedParams.id.toString());
             if (!asset) {
                 return notFoundResponse('Asset not found');
             }
@@ -1240,7 +1250,7 @@ export class AssetsManager {
                 updates.source = source;
             if (is_public !== undefined)
                 updates.is_public = Boolean(is_public);
-            await this.updateAssetMetadata(id, updates);
+            await this.updateAssetMetadata(validatedParams.id.toString(), updates);
             return successResponse({ message: 'Asset metadata updated successfully' });
         }
         catch (error) {
@@ -1338,12 +1348,10 @@ export class AssetsManager {
             if (!userId) {
                 return errorResponse('Failed to retrieve user information');
             }
-            const { id } = req.params || {};
-            if (!id) {
-                return badRequestResponse('Asset ID is required');
-            }
+            // Validate ID parameter (ValidationError bubbles up to global handler -> 422)
+            const validatedParams = await validateParams(validateIdParam, req.params || {}, 'Asset ID');
             // Check if asset exists
-            const asset = await this.getAssetById(id);
+            const asset = await this.getAssetById(validatedParams.id.toString());
             if (!asset) {
                 return notFoundResponse('Asset not found');
             }
@@ -1352,7 +1360,7 @@ export class AssetsManager {
             if (ownershipError) {
                 return ownershipError;
             }
-            await this.deleteAssetById(id);
+            await this.deleteAssetById(validatedParams.id.toString());
             return successResponse({ message: 'Asset deleted successfully' });
         }
         catch (error) {