easywork-common-lib 1.0.1022 → 1.0.1024

package/dist/modules/authorization/config/resource-configurations.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resource-configurations.js","sourceRoot":"","sources":["../../../../src/modules/authorization/config/resource-configurations.ts"],"names":[],"mappings":";;;AAwHA,8CAMC;AAKD,gDAGC;AAKD,4CAGC;AAKD,sDAEC;AA7IY,QAAA,uBAAuB,GAAmB;IACrD,IAAI,EAAE,SAAS;IACf,UAAU,EAAE,SAAS;IACrB,cAAc,EAAE;QACd,UAAU,EAAE,cAAc;QAC1B,SAAS,EAAE,YAAY;QACvB,SAAS,EAAE,aAAa;QACxB,OAAO,EAAE,SAAS;QAClB,UAAU,EAAE,YAAY;KACzB;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAEY,QAAA,oBAAoB,GAAmB;IAClD,IAAI,EAAE,MAAM;IACZ,UAAU,EAAE,MAAM;IAClB,cAAc,EAAE;QACd,UAAU,EAAE,cAAc;QAC1B,SAAS,EAAE,UAAU;QACrB,SAAS,EAAE,aAAa;QACxB,OAAO,EAAE,SAAS;QAClB,UAAU,EAAE,YAAY;KACzB;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAEY,QAAA,sBAAsB,GAAmB;IACpD,IAAI,EAAE,QAAQ;IACd,UAAU,EAAE,QAAQ;IACpB,cAAc,EAAE;QACd,UAAU,EAAE,cAAc;QAC1B,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,aAAa;QACxB,OAAO,EAAE,SAAS;QAClB,UAAU,EAAE,YAAY;KACzB;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAEY,QAAA,oBAAoB,GAAmB;IAClD,IAAI,EAAE,MAAM;IACZ,UAAU,EAAE,MAAM;IAClB,cAAc,EAAE;QACd,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,WAAW;QACtB,OAAO,EAAE,SAAS;QAClB,UAAU,EAAE,YAAY;QACxB,YAAY,EAAE,cAAc;QAC5B,EAAE,EAAE,IAAI;KACT;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAEY,QAAA,qBAAqB,GAAmB;IACnD,IAAI,EAAE,OAAO;IACb,UAAU,EAAE,OAAO;IACnB,cAAc,EAAE;QACd,UAAU,EAAE,YAAY;QACxB,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,WAAW;QACtB,OAAO,EAAE,SAAS;KACnB;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAEY,QAAA,uBAAuB,GAAmB;IACrD,IAAI,EAAE,SAAS;IACf,UAAU,EAAE,SAAS;IACrB,cAAc,EAAE;QACd,UAAU,EAAE,YAAY;QACxB,SAAS,EAAE,WAAW;QACtB,SAAS,EAAE,WAAW;QACtB,OAAO,EAAE,SAAS;KACnB;IACD,cAAc,EAAE;QACd,OAAO,EAAE,IAAI;QACb,aAAa,EAAE,YAAY;KAC5B;CACF,CAAA;AAMY,QAAA,uBAAuB,GAAmC;IACrE,OAAO,EAAE,+BAAuB;IAChC,IAAI,EAAE,4BAAoB;IAC1B,MAAM,EAAE,8BAAsB;IAC9B,IAAI,EAAE,4BAAoB;IAC1B,KAAK,EAAE,6BAAqB;IAC5B,OAAO,EAAE,+BAAuB;CACjC,CAAA;AAKD,SAAgB,iBAAiB,CAAC,YAAoB;IACpD,MAAM,MAAM,GAAG,+BAAuB,CAAC,YAAY,CAAC,CAAA;IACpD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,yCAAyC,YAAY,EAAE,CAAC,CAAA;IAC1E,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAKD,SAAgB,kBAAkB,CAAC,YAAoB;IACrD,MAAM,MAAM,GAAG,iBAAiB,CAAC,YAAY,CAAC,CAAA;IAC9C,OAAO,MAAM,CAAC,cAAc,EAAE,OAAO,IAAI,KAAK,CAAA;AAChD,CAAC;AAKD,SAAgB,gBAAgB,CAAC,YAAoB,EAAE,YAAoD;IACzG,MAAM,MAAM,GAAG,iBAAiB,CAAC,YAAY,CAAC,CAAA;IAC9C,OAAO,MAAM,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,YAAY,CAAA;AAC5D,CAAC;AAKD,SAAgB,qBAAqB;IACnC,OAAO,MAAM,CAAC,IAAI,CAAC,+BAAuB,CAAC,CAAA;AAC7C,CAAC"}

package/dist/modules/authorization/decorators/contact-permissions.decorator.d.ts

@@ -0,0 +1,13 @@
+export declare class ContactAuthPermissions {
+    static CanCreateContact(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanReadContact(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanUpdateContact(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanDeleteContact(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanMergeContacts(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanBatchOperateContacts(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanExportContacts(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanImportContacts(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanAssignContacts(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanManageContactFiles(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    static CanReadAndAssign(): <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+}

package/dist/modules/authorization/decorators/contact-permissions.decorator.js

@@ -0,0 +1,101 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ContactAuthPermissions = void 0;
+const common_1 = require("@nestjs/common");
+const common_2 = require("../../../common/");
+const permissions_decorator_1 = require("./permissions.decorator");
+class ContactAuthPermissions {
+    static CanCreateContact() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.CREATE,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ALWAYS],
+        });
+    }
+    static CanReadContact() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.READ,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ALWAYS],
+        });
+    }
+    static CanUpdateContact() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.UPDATE,
+            scope: common_2.PermissionScope.ASSIGNED,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.OWNER, common_2.PermissionCondition.ASSIGNED_TO],
+        });
+    }
+    static CanDeleteContact() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.DELETE,
+            scope: common_2.PermissionScope.OWN,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.OWNER],
+        });
+    }
+    static CanMergeContacts() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.MANAGE,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ROLE_LEVEL],
+        });
+    }
+    static CanBatchOperateContacts() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.MANAGE,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ROLE_LEVEL],
+        });
+    }
+    static CanExportContacts() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.EXPORT,
+            scope: common_2.PermissionScope.ASSIGNED,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ALWAYS],
+        });
+    }
+    static CanImportContacts() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.IMPORT,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ROLE_LEVEL],
+        });
+    }
+    static CanAssignContacts() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.ASSIGN,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.ROLE_LEVEL],
+        });
+    }
+    static CanManageContactFiles() {
+        return (0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.MANAGE,
+            scope: common_2.PermissionScope.ASSIGNED,
+            resource: "contact",
+            conditions: [common_2.PermissionCondition.OWNER, common_2.PermissionCondition.ASSIGNED_TO],
+        });
+    }
+    static CanReadAndAssign() {
+        return (0, common_1.applyDecorators)((0, permissions_decorator_1.RequirePermissions)({
+            action: common_2.PermissionAction.READ,
+            scope: common_2.PermissionScope.ASSIGNED,
+            resource: "contact",
+        }, {
+            action: common_2.PermissionAction.ASSIGN,
+            scope: common_2.PermissionScope.GROUP,
+            resource: "contact",
+        }));
+    }
+}
+exports.ContactAuthPermissions = ContactAuthPermissions;
+//# sourceMappingURL=contact-permissions.decorator.js.map

package/dist/modules/authorization/decorators/contact-permissions.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"contact-permissions.decorator.js","sourceRoot":"","sources":["../../../../src/modules/authorization/decorators/contact-permissions.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAAiD;AACjD,6CAI0B;AAC1B,mEAA6D;AAM7D,MAAa,sBAAsB;IAIjC,MAAM,CAAC,gBAAgB;QACrB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,MAAM,CAAC;SACzC,CAAC,CAAC;IACL,CAAC;IAMD,MAAM,CAAC,cAAc;QACnB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,IAAI;YAC7B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,MAAM,CAAC;SACzC,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,gBAAgB;QACrB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;YAC/B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,KAAK,EAAE,4BAAmB,CAAC,WAAW,CAAC;SACzE,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,gBAAgB;QACrB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,GAAG;YAC1B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,KAAK,CAAC;SACxC,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,gBAAgB;QACrB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,UAAU,CAAC;SAC7C,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,uBAAuB;QAC5B,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,UAAU,CAAC;SAC7C,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,iBAAiB;QACtB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;YAC/B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,MAAM,CAAC;SACzC,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,iBAAiB;QACtB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,UAAU,CAAC;SAC7C,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,iBAAiB;QACtB,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,UAAU,CAAC;SAC7C,CAAC,CAAC;IACL,CAAC;IAKD,MAAM,CAAC,qBAAqB;QAC1B,OAAO,IAAA,0CAAkB,EAAC;YACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;YAC/B,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,CAAC,4BAAmB,CAAC,KAAK,EAAE,4BAAmB,CAAC,WAAW,CAAC;SACzE,CAAC,CAAC;IACL,CAAC;IAMD,MAAM,CAAC,gBAAgB;QACrB,OAAO,IAAA,wBAAe,EACpB,IAAA,0CAAkB,EAChB;YACE,MAAM,EAAE,yBAAgB,CAAC,IAAI;YAC7B,KAAK,EAAE,wBAAe,CAAC,QAAQ;YAC/B,QAAQ,EAAE,SAAS;SACpB,EACD;YACE,MAAM,EAAE,yBAAgB,CAAC,MAAM;YAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;YAC5B,QAAQ,EAAE,SAAS;SACpB,CACF,CACF,CAAC;IACJ,CAAC;CACF;AA9ID,wDA8IC"}

package/dist/modules/authorization/decorators/permissions.decorator.d.ts

@@ -0,0 +1,51 @@
+import { PermissionAction, PermissionScope } from "../../../common/";
+export declare const PERMISSIONS_KEY = "permissions";
+export declare const PERMISSION_RESOURCE_KEY = "permission_resource";
+export declare const PERMISSION_CONTEXT_KEY = "permission_context";
+export interface PermissionConfig {
+    action: PermissionAction;
+    scope?: PermissionScope;
+    resource?: string;
+    conditions?: string[];
+    bypassFor?: string[];
+}
+export declare const RequirePermissions: (...permissions: PermissionConfig[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const PermissionResource: (resource: string) => import("@nestjs/common").CustomDecorator<string>;
+export declare const PermissionContext: (context: Record<string, any>) => import("@nestjs/common").CustomDecorator<string>;
+export declare const CanCreate: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanRead: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanUpdate: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanDelete: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanManage: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanAssign: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanExport: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanImport: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanApprove: (scope?: PermissionScope, conditions?: string[]) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanCreateAndRead: (scope?: PermissionScope) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanReadAndUpdate: (scope?: PermissionScope) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const CanFullAccess: (scope?: PermissionScope) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+export declare const ContactPermissions: {
+    CanCreateContact: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanReadContact: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanUpdateContact: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanDeleteContact: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanManageContacts: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanMergeContacts: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanExportContacts: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+};
+export declare const LeadPermissions: {
+    CanCreateLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanReadLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanUpdateLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanDeleteLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanConvertLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanCancelLead: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+};
+export declare const PolicyPermissions: {
+    CanCreatePolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanReadPolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanUpdatePolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanDeletePolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanCancelPolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    CanApprovePolicy: () => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+};

package/dist/modules/authorization/decorators/permissions.decorator.js

@@ -0,0 +1,144 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PolicyPermissions = exports.LeadPermissions = exports.ContactPermissions = exports.CanFullAccess = exports.CanReadAndUpdate = exports.CanCreateAndRead = exports.CanApprove = exports.CanImport = exports.CanExport = exports.CanAssign = exports.CanManage = exports.CanDelete = exports.CanUpdate = exports.CanRead = exports.CanCreate = exports.PermissionContext = exports.PermissionResource = exports.RequirePermissions = exports.PERMISSION_CONTEXT_KEY = exports.PERMISSION_RESOURCE_KEY = exports.PERMISSIONS_KEY = void 0;
+const common_1 = require("@nestjs/common");
+const common_2 = require("../../../common/");
+exports.PERMISSIONS_KEY = "permissions";
+exports.PERMISSION_RESOURCE_KEY = "permission_resource";
+exports.PERMISSION_CONTEXT_KEY = "permission_context";
+const RequirePermissions = (...permissions) => {
+    return (0, common_1.applyDecorators)((0, common_1.SetMetadata)(exports.PERMISSIONS_KEY, permissions));
+};
+exports.RequirePermissions = RequirePermissions;
+const PermissionResource = (resource) => {
+    return (0, common_1.SetMetadata)(exports.PERMISSION_RESOURCE_KEY, resource);
+};
+exports.PermissionResource = PermissionResource;
+const PermissionContext = (context) => {
+    return (0, common_1.SetMetadata)(exports.PERMISSION_CONTEXT_KEY, context);
+};
+exports.PermissionContext = PermissionContext;
+const CanCreate = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.CREATE,
+        scope,
+        conditions,
+    });
+};
+exports.CanCreate = CanCreate;
+const CanRead = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.READ,
+        scope,
+        conditions,
+    });
+};
+exports.CanRead = CanRead;
+const CanUpdate = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.UPDATE,
+        scope,
+        conditions,
+    });
+};
+exports.CanUpdate = CanUpdate;
+const CanDelete = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.DELETE,
+        scope,
+        conditions,
+    });
+};
+exports.CanDelete = CanDelete;
+const CanManage = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.MANAGE,
+        scope,
+        conditions,
+    });
+};
+exports.CanManage = CanManage;
+const CanAssign = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.ASSIGN,
+        scope,
+        conditions,
+    });
+};
+exports.CanAssign = CanAssign;
+const CanExport = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.EXPORT,
+        scope,
+        conditions,
+    });
+};
+exports.CanExport = CanExport;
+const CanImport = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.IMPORT,
+        scope,
+        conditions,
+    });
+};
+exports.CanImport = CanImport;
+const CanApprove = (scope, conditions) => {
+    return (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.APPROVE,
+        scope,
+        conditions,
+    });
+};
+exports.CanApprove = CanApprove;
+const CanCreateAndRead = (scope) => {
+    return (0, exports.RequirePermissions)({ action: common_2.PermissionAction.CREATE, scope }, { action: common_2.PermissionAction.READ, scope });
+};
+exports.CanCreateAndRead = CanCreateAndRead;
+const CanReadAndUpdate = (scope) => {
+    return (0, exports.RequirePermissions)({ action: common_2.PermissionAction.READ, scope }, { action: common_2.PermissionAction.UPDATE, scope });
+};
+exports.CanReadAndUpdate = CanReadAndUpdate;
+const CanFullAccess = (scope) => {
+    return (0, exports.RequirePermissions)({ action: common_2.PermissionAction.CREATE, scope }, { action: common_2.PermissionAction.READ, scope }, { action: common_2.PermissionAction.UPDATE, scope }, { action: common_2.PermissionAction.DELETE, scope });
+};
+exports.CanFullAccess = CanFullAccess;
+exports.ContactPermissions = {
+    CanCreateContact: () => (0, exports.CanCreate)(common_2.PermissionScope.GROUP),
+    CanReadContact: () => (0, exports.CanRead)(common_2.PermissionScope.ASSIGNED),
+    CanUpdateContact: () => (0, exports.CanUpdate)(common_2.PermissionScope.ASSIGNED),
+    CanDeleteContact: () => (0, exports.CanDelete)(common_2.PermissionScope.OWN),
+    CanManageContacts: () => (0, exports.CanManage)(common_2.PermissionScope.ALL),
+    CanMergeContacts: () => (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.UPDATE,
+        scope: common_2.PermissionScope.GROUP,
+        conditions: ["SAME_GROUP"],
+    }),
+    CanExportContacts: () => (0, exports.CanExport)(common_2.PermissionScope.GROUP),
+};
+exports.LeadPermissions = {
+    CanCreateLead: () => (0, exports.CanCreate)(common_2.PermissionScope.GROUP),
+    CanReadLead: () => (0, exports.CanRead)(common_2.PermissionScope.ASSIGNED),
+    CanUpdateLead: () => (0, exports.CanUpdate)(common_2.PermissionScope.ASSIGNED),
+    CanDeleteLead: () => (0, exports.CanDelete)(common_2.PermissionScope.OWN),
+    CanConvertLead: () => (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.UPDATE,
+        scope: common_2.PermissionScope.ASSIGNED,
+        conditions: ["ASSIGNED_TO", "OWNER"],
+    }),
+    CanCancelLead: () => (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.CANCEL,
+        scope: common_2.PermissionScope.ASSIGNED,
+    }),
+};
+exports.PolicyPermissions = {
+    CanCreatePolicy: () => (0, exports.CanCreate)(common_2.PermissionScope.GROUP),
+    CanReadPolicy: () => (0, exports.CanRead)(common_2.PermissionScope.ASSIGNED),
+    CanUpdatePolicy: () => (0, exports.CanUpdate)(common_2.PermissionScope.ASSIGNED),
+    CanDeletePolicy: () => (0, exports.CanDelete)(common_2.PermissionScope.OWN),
+    CanCancelPolicy: () => (0, exports.RequirePermissions)({
+        action: common_2.PermissionAction.CANCEL,
+        scope: common_2.PermissionScope.ASSIGNED,
+    }),
+    CanApprovePolicy: () => (0, exports.CanApprove)(common_2.PermissionScope.GROUP),
+};
+//# sourceMappingURL=permissions.decorator.js.map

package/dist/modules/authorization/decorators/permissions.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.decorator.js","sourceRoot":"","sources":["../../../../src/modules/authorization/decorators/permissions.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA8D;AAC9D,6CAAqE;AAExD,QAAA,eAAe,GAAG,aAAa,CAAC;AAChC,QAAA,uBAAuB,GAAG,qBAAqB,CAAC;AAChD,QAAA,sBAAsB,GAAG,oBAAoB,CAAC;AAapD,MAAM,kBAAkB,GAAG,CAAC,GAAG,WAA+B,EAAE,EAAE;IACvE,OAAO,IAAA,wBAAe,EAAC,IAAA,oBAAW,EAAC,uBAAe,EAAE,WAAW,CAAC,CAAC,CAAC;AACpE,CAAC,CAAC;AAFW,QAAA,kBAAkB,sBAE7B;AAKK,MAAM,kBAAkB,GAAG,CAAC,QAAgB,EAAE,EAAE;IACrD,OAAO,IAAA,oBAAW,EAAC,+BAAuB,EAAE,QAAQ,CAAC,CAAC;AACxD,CAAC,CAAC;AAFW,QAAA,kBAAkB,sBAE7B;AAKK,MAAM,iBAAiB,GAAG,CAAC,OAA4B,EAAE,EAAE;IAChE,OAAO,IAAA,oBAAW,EAAC,8BAAsB,EAAE,OAAO,CAAC,CAAC;AACtD,CAAC,CAAC;AAFW,QAAA,iBAAiB,qBAE5B;AAGK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,OAAO,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IACxE,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,IAAI;QAC7B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,OAAO,WAMlB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,SAAS,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC1E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,SAAS,aAMpB;AAEK,MAAM,UAAU,GAAG,CAAC,KAAuB,EAAE,UAAqB,EAAE,EAAE;IAC3E,OAAO,IAAA,0BAAkB,EAAC;QACxB,MAAM,EAAE,yBAAgB,CAAC,OAAO;QAChC,KAAK;QACL,UAAU;KACX,CAAC,CAAC;AACL,CAAC,CAAC;AANW,QAAA,UAAU,cAMrB;AAGK,MAAM,gBAAgB,GAAG,CAAC,KAAuB,EAAE,EAAE;IAC1D,OAAO,IAAA,0BAAkB,EACvB,EAAE,MAAM,EAAE,yBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,EAC1C,EAAE,MAAM,EAAE,yBAAgB,CAAC,IAAI,EAAE,KAAK,EAAE,CACzC,CAAC;AACJ,CAAC,CAAC;AALW,QAAA,gBAAgB,oBAK3B;AAEK,MAAM,gBAAgB,GAAG,CAAC,KAAuB,EAAE,EAAE;IAC1D,OAAO,IAAA,0BAAkB,EACvB,EAAE,MAAM,EAAE,yBAAgB,CAAC,IAAI,EAAE,KAAK,EAAE,EACxC,EAAE,MAAM,EAAE,yBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,CAC3C,CAAC;AACJ,CAAC,CAAC;AALW,QAAA,gBAAgB,oBAK3B;AAEK,MAAM,aAAa,GAAG,CAAC,KAAuB,EAAE,EAAE;IACvD,OAAO,IAAA,0BAAkB,EACvB,EAAE,MAAM,EAAE,yBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,EAC1C,EAAE,MAAM,EAAE,yBAAgB,CAAC,IAAI,EAAE,KAAK,EAAE,EACxC,EAAE,MAAM,EAAE,yBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,EAC1C,EAAE,MAAM,EAAE,yBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,CAC3C,CAAC;AACJ,CAAC,CAAC;AAPW,QAAA,aAAa,iBAOxB;AAGW,QAAA,kBAAkB,GAAG;IAChC,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,KAAK,CAAC;IACxD,cAAc,EAAE,GAAG,EAAE,CAAC,IAAA,eAAO,EAAC,wBAAe,CAAC,QAAQ,CAAC;IACvD,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,QAAQ,CAAC;IAC3D,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,GAAG,CAAC;IACtD,iBAAiB,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,GAAG,CAAC;IACvD,gBAAgB,EAAE,GAAG,EAAE,CACrB,IAAA,0BAAkB,EAAC;QACjB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK,EAAE,wBAAe,CAAC,KAAK;QAC5B,UAAU,EAAE,CAAC,YAAY,CAAC;KAC3B,CAAC;IACJ,iBAAiB,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,KAAK,CAAC;CAC1D,CAAC;AAEW,QAAA,eAAe,GAAG;IAC7B,aAAa,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,KAAK,CAAC;IACrD,WAAW,EAAE,GAAG,EAAE,CAAC,IAAA,eAAO,EAAC,wBAAe,CAAC,QAAQ,CAAC;IACpD,aAAa,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,QAAQ,CAAC;IACxD,aAAa,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,GAAG,CAAC;IACnD,cAAc,EAAE,GAAG,EAAE,CACnB,IAAA,0BAAkB,EAAC;QACjB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;QAC/B,UAAU,EAAE,CAAC,aAAa,EAAE,OAAO,CAAC;KACrC,CAAC;IACJ,aAAa,EAAE,GAAG,EAAE,CAClB,IAAA,0BAAkB,EAAC;QACjB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;KAChC,CAAC;CACL,CAAC;AAEW,QAAA,iBAAiB,GAAG;IAC/B,eAAe,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,KAAK,CAAC;IACvD,aAAa,EAAE,GAAG,EAAE,CAAC,IAAA,eAAO,EAAC,wBAAe,CAAC,QAAQ,CAAC;IACtD,eAAe,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,QAAQ,CAAC;IAC1D,eAAe,EAAE,GAAG,EAAE,CAAC,IAAA,iBAAS,EAAC,wBAAe,CAAC,GAAG,CAAC;IACrD,eAAe,EAAE,GAAG,EAAE,CACpB,IAAA,0BAAkB,EAAC;QACjB,MAAM,EAAE,yBAAgB,CAAC,MAAM;QAC/B,KAAK,EAAE,wBAAe,CAAC,QAAQ;KAChC,CAAC;IACJ,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAA,kBAAU,EAAC,wBAAe,CAAC,KAAK,CAAC;CAC1D,CAAC"}

package/dist/modules/authorization/factories/resource-authorization.factory.d.ts

@@ -0,0 +1,55 @@
+import { Logger } from "@nestjs/common";
+import { Repository } from "typeorm";
+import { PermissionAction } from "../../../common/";
+import { SubGroup } from "../../../entities";
+import { ResourceAuthorizationService, ResourceConfig } from "../services/resource-authorization.service";
+export declare class ResourceAuthorizationBuilder {
+    private readonly resourceAuthService;
+    private readonly logger;
+    private resourceConfig?;
+    private subGroupRepository?;
+    private customConfig?;
+    constructor(resourceAuthService: ResourceAuthorizationService, logger: Logger);
+    forResource(resourceName: string): this;
+    withCustomConfig(config: ResourceConfig): this;
+    overrideConfig(overrides: Partial<ResourceConfig>): this;
+    withSubGroupRepository(repository: Repository<SubGroup>): this;
+    build(): ConfiguredResourceAuthorization;
+}
+export declare class ConfiguredResourceAuthorization {
+    private readonly authService;
+    private readonly config;
+    private readonly subGroupRepository?;
+    constructor(authService: ResourceAuthorizationService, config: ResourceConfig, subGroupRepository?: Repository<SubGroup>);
+    applyPermissionFilters(queryBuilder: any, user: any, options?: {
+        getAll?: boolean;
+        assistantIds?: string[];
+        action?: PermissionAction;
+    }): Promise<import("typeorm").SelectQueryBuilder<unknown>>;
+    canPerformAction(user: any, action: PermissionAction, targetEntity?: any): Promise<import("../../../common/").PermissionResult>;
+    validateAccess(user: any, action: PermissionAction, targetEntity: any): Promise<void>;
+    getAssistantIds(user: any): Promise<string[]>;
+    getSubGroupMembers(user: any): Promise<string[]>;
+    canCreate(user: any): Promise<boolean>;
+    canRead(user: any, entity?: any): Promise<boolean>;
+    canUpdate(user: any, entity: any): Promise<boolean>;
+    canDelete(user: any, entity: any): Promise<boolean>;
+    canManage(user: any): Promise<boolean>;
+    canImport(user: any): Promise<boolean>;
+    canExport(user: any): Promise<boolean>;
+    getConfig(): ResourceConfig;
+    hasSubGroupSupport(): boolean;
+}
+export declare class ResourceAuthorizationFactory {
+    private readonly resourceAuthService;
+    private readonly logger;
+    constructor(resourceAuthService: ResourceAuthorizationService);
+    createBuilder(): ResourceAuthorizationBuilder;
+    forContact(subGroupRepository: Repository<SubGroup>): ConfiguredResourceAuthorization;
+    forLead(subGroupRepository?: Repository<SubGroup>): ConfiguredResourceAuthorization;
+    forPolicy(subGroupRepository?: Repository<SubGroup>): ConfiguredResourceAuthorization;
+    forTask(subGroupRepository?: Repository<SubGroup>): ConfiguredResourceAuthorization;
+    forResource(resourceName: string, subGroupRepository?: Repository<SubGroup>): ConfiguredResourceAuthorization;
+    getAvailableResources(): string[];
+    isValidResource(resourceName: string): boolean;
+}

package/dist/modules/authorization/factories/resource-authorization.factory.js

@@ -0,0 +1,184 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var ResourceAuthorizationFactory_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ResourceAuthorizationFactory = exports.ConfiguredResourceAuthorization = exports.ResourceAuthorizationBuilder = void 0;
+const common_1 = require("@nestjs/common");
+const resource_authorization_service_1 = require("../services/resource-authorization.service");
+const resource_configurations_1 = require("../config/resource-configurations");
+class ResourceAuthorizationBuilder {
+    resourceAuthService;
+    logger;
+    resourceConfig;
+    subGroupRepository;
+    customConfig;
+    constructor(resourceAuthService, logger) {
+        this.resourceAuthService = resourceAuthService;
+        this.logger = logger;
+    }
+    forResource(resourceName) {
+        try {
+            this.resourceConfig = (0, resource_configurations_1.getResourceConfig)(resourceName);
+            this.logger.debug(`Configured authorization for resource: ${resourceName}`);
+        }
+        catch (error) {
+            this.logger.error(`Failed to configure resource ${resourceName}: ${error instanceof Error ? error.message : "Unknown error"}`);
+            throw error;
+        }
+        return this;
+    }
+    withCustomConfig(config) {
+        this.resourceConfig = config;
+        this.logger.debug(`Configured authorization with custom config for: ${config.name}`);
+        return this;
+    }
+    overrideConfig(overrides) {
+        this.customConfig = overrides;
+        this.logger.debug(`Added config overrides: ${JSON.stringify(overrides)}`);
+        return this;
+    }
+    withSubGroupRepository(repository) {
+        this.subGroupRepository = repository;
+        return this;
+    }
+    build() {
+        if (!this.resourceConfig) {
+            throw new Error("Resource configuration is required. Call forResource() or withCustomConfig() first.");
+        }
+        const finalConfig = this.customConfig
+            ? { ...this.resourceConfig, ...this.customConfig }
+            : this.resourceConfig;
+        if (finalConfig.subGroupConfig?.enabled && !this.subGroupRepository) {
+            this.logger.warn(`Subgroups are enabled for ${finalConfig.name} but no SubGroup repository provided`);
+        }
+        return new ConfiguredResourceAuthorization(this.resourceAuthService, finalConfig, this.subGroupRepository);
+    }
+}
+exports.ResourceAuthorizationBuilder = ResourceAuthorizationBuilder;
+class ConfiguredResourceAuthorization {
+    authService;
+    config;
+    subGroupRepository;
+    constructor(authService, config, subGroupRepository) {
+        this.authService = authService;
+        this.config = config;
+        this.subGroupRepository = subGroupRepository;
+    }
+    async applyPermissionFilters(queryBuilder, user, options = {}) {
+        return this.authService.applyPermissionFilters(queryBuilder, user, this.config, {
+            ...options,
+            subGroupRepository: this.subGroupRepository,
+        });
+    }
+    async canPerformAction(user, action, targetEntity) {
+        return this.authService.canPerformAction(user, action, this.config, targetEntity);
+    }
+    async validateAccess(user, action, targetEntity) {
+        return this.authService.validateAccess(user, action, this.config, targetEntity);
+    }
+    async getAssistantIds(user) {
+        if (!this.config.subGroupConfig?.enabled || !this.subGroupRepository) {
+            return [];
+        }
+        return this.authService.getAssistantIds(user, this.subGroupRepository);
+    }
+    async getSubGroupMembers(user) {
+        if (!this.config.subGroupConfig?.enabled || !this.subGroupRepository) {
+            return [];
+        }
+        return this.authService.getSubGroupMembers(user, this.subGroupRepository);
+    }
+    async canCreate(user) {
+        return this.authService.canCreate(user, this.config);
+    }
+    async canRead(user, entity) {
+        return this.authService.canRead(user, this.config, entity);
+    }
+    async canUpdate(user, entity) {
+        return this.authService.canUpdate(user, this.config, entity);
+    }
+    async canDelete(user, entity) {
+        return this.authService.canDelete(user, this.config, entity);
+    }
+    async canManage(user) {
+        return this.authService.canManage(user, this.config);
+    }
+    async canImport(user) {
+        return this.authService.canImport(user, this.config);
+    }
+    async canExport(user) {
+        return this.authService.canExport(user, this.config);
+    }
+    getConfig() {
+        return this.config;
+    }
+    hasSubGroupSupport() {
+        return this.config.subGroupConfig?.enabled ?? false;
+    }
+}
+exports.ConfiguredResourceAuthorization = ConfiguredResourceAuthorization;
+let ResourceAuthorizationFactory = ResourceAuthorizationFactory_1 = class ResourceAuthorizationFactory {
+    resourceAuthService;
+    logger = new common_1.Logger(ResourceAuthorizationFactory_1.name);
+    constructor(resourceAuthService) {
+        this.resourceAuthService = resourceAuthService;
+    }
+    createBuilder() {
+        return new ResourceAuthorizationBuilder(this.resourceAuthService, this.logger);
+    }
+    forContact(subGroupRepository) {
+        const builder = this.createBuilder().forResource("contact");
+        if (subGroupRepository) {
+            builder.withSubGroupRepository(subGroupRepository);
+        }
+        return builder.build();
+    }
+    forLead(subGroupRepository) {
+        const builder = this.createBuilder().forResource("lead");
+        if (subGroupRepository) {
+            builder.withSubGroupRepository(subGroupRepository);
+        }
+        return builder.build();
+    }
+    forPolicy(subGroupRepository) {
+        const builder = this.createBuilder().forResource("policy");
+        if (subGroupRepository) {
+            builder.withSubGroupRepository(subGroupRepository);
+        }
+        return builder.build();
+    }
+    forTask(subGroupRepository) {
+        const builder = this.createBuilder().forResource("task");
+        if (subGroupRepository) {
+            builder.withSubGroupRepository(subGroupRepository);
+        }
+        return builder.build();
+    }
+    forResource(resourceName, subGroupRepository) {
+        const builder = this.createBuilder().forResource(resourceName);
+        if (subGroupRepository) {
+            builder.withSubGroupRepository(subGroupRepository);
+        }
+        return builder.build();
+    }
+    getAvailableResources() {
+        return Object.keys(resource_configurations_1.RESOURCE_CONFIGURATIONS);
+    }
+    isValidResource(resourceName) {
+        return resourceName in resource_configurations_1.RESOURCE_CONFIGURATIONS;
+    }
+};
+exports.ResourceAuthorizationFactory = ResourceAuthorizationFactory;
+exports.ResourceAuthorizationFactory = ResourceAuthorizationFactory = ResourceAuthorizationFactory_1 = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [resource_authorization_service_1.ResourceAuthorizationService])
+], ResourceAuthorizationFactory);
+//# sourceMappingURL=resource-authorization.factory.js.map

package/dist/modules/authorization/factories/resource-authorization.factory.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resource-authorization.factory.js","sourceRoot":"","sources":["../../../../src/modules/authorization/factories/resource-authorization.factory.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAAoD;AAIpD,+FAGoD;AACpD,+EAG2C;AAM3C,MAAa,4BAA4B;IAMpB;IACA;IANX,cAAc,CAAkB;IAChC,kBAAkB,CAAwB;IAC1C,YAAY,CAA2B;IAE/C,YACmB,mBAAiD,EACjD,MAAc;QADd,wBAAmB,GAAnB,mBAAmB,CAA8B;QACjD,WAAM,GAAN,MAAM,CAAQ;IAC9B,CAAC;IAKJ,WAAW,CAAC,YAAoB;QAC9B,IAAI,CAAC;YACH,IAAI,CAAC,cAAc,GAAG,IAAA,2CAAiB,EAAC,YAAY,CAAC,CAAC;YACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0CAA0C,YAAY,EAAE,CACzD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,gCAAgC,YAAY,KAC1C,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAC3C,EAAE,CACH,CAAC;YACF,MAAM,KAAK,CAAC;QACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,gBAAgB,CAAC,MAAsB;QACrC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;QAC7B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,oDAAoD,MAAM,CAAC,IAAI,EAAE,CAClE,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,cAAc,CAAC,SAAkC;QAC/C,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC;QAC9B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC1E,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,sBAAsB,CAAC,UAAgC;QACrD,IAAI,CAAC,kBAAkB,GAAG,UAAU,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAKD,KAAK;QACH,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CACb,qFAAqF,CACtF,CAAC;QACJ,CAAC;QAGD,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY;YACnC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,IAAI,CAAC,YAAY,EAAE;YAClD,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QAGxB,IAAI,WAAW,CAAC,cAAc,EAAE,OAAO,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACpE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6BAA6B,WAAW,CAAC,IAAI,sCAAsC,CACpF,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,+BAA+B,CACxC,IAAI,CAAC,mBAAmB,EACxB,WAAW,EACX,IAAI,CAAC,kBAAkB,CACxB,CAAC;IACJ,CAAC;CACF;AAtFD,oEAsFC;AAMD,MAAa,+BAA+B;IAEvB;IACA;IACA;IAHnB,YACmB,WAAyC,EACzC,MAAsB,EACtB,kBAAyC;QAFzC,gBAAW,GAAX,WAAW,CAA8B;QACzC,WAAM,GAAN,MAAM,CAAgB;QACtB,uBAAkB,GAAlB,kBAAkB,CAAuB;IACzD,CAAC;IAKJ,KAAK,CAAC,sBAAsB,CAC1B,YAAiB,EACjB,IAAS,EACT,UAII,EAAE;QAEN,OAAO,IAAI,CAAC,WAAW,CAAC,sBAAsB,CAC5C,YAAY,EACZ,IAAI,EACJ,IAAI,CAAC,MAAM,EACX;YACE,GAAG,OAAO;YACV,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;SAC5C,CACF,CAAC;IACJ,CAAC;IAKD,KAAK,CAAC,gBAAgB,CACpB,IAAS,EACT,MAAwB,EACxB,YAAkB;QAElB,OAAO,IAAI,CAAC,WAAW,CAAC,gBAAgB,CACtC,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,MAAM,EACX,YAAY,CACb,CAAC;IACJ,CAAC;IAKD,KAAK,CAAC,cAAc,CAAC,IAAS,EAAE,MAAwB,EAAE,YAAiB;QACzE,OAAO,IAAI,CAAC,WAAW,CAAC,cAAc,CACpC,IAAI,EACJ,MAAM,EACN,IAAI,CAAC,MAAM,EACX,YAAY,CACb,CAAC;IACJ,CAAC;IAKD,KAAK,CAAC,eAAe,CAAC,IAAS;QAC7B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACzE,CAAC;IAKD,KAAK,CAAC,kBAAkB,CAAC,IAAS;QAChC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACrE,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,IAAI,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC5E,CAAC;IAKD,KAAK,CAAC,SAAS,CAAC,IAAS;QACvB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,IAAS,EAAE,MAAY;QACnC,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7D,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,IAAS,EAAE,MAAW;QACpC,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/D,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,IAAS,EAAE,MAAW;QACpC,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/D,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,IAAS;QACvB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,IAAS;QACvB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IACD,KAAK,CAAC,SAAS,CAAC,IAAS;QACvB,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IAKD,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC;IACrB,CAAC;IAKD,kBAAkB;QAChB,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,IAAI,KAAK,CAAC;IACtD,CAAC;CACF;AApHD,0EAoHC;AAMM,IAAM,4BAA4B,oCAAlC,MAAM,4BAA4B;IAIpB;IAHF,MAAM,GAAG,IAAI,eAAM,CAAC,8BAA4B,CAAC,IAAI,CAAC,CAAC;IAExE,YACmB,mBAAiD;QAAjD,wBAAmB,GAAnB,mBAAmB,CAA8B;IACjE,CAAC;IAKJ,aAAa;QACX,OAAO,IAAI,4BAA4B,CACrC,IAAI,CAAC,mBAAmB,EACxB,IAAI,CAAC,MAAM,CACZ,CAAC;IACJ,CAAC;IAKD,UAAU,CACR,kBAAwC;QAExC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC5D,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,CACL,kBAAyC;QAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAED,SAAS,CACP,kBAAyC;QAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC3D,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,CACL,kBAAyC;QAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAKD,WAAW,CACT,YAAoB,EACpB,kBAAyC;QAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAC/D,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,OAAO,OAAO,CAAC,KAAK,EAAE,CAAC;IACzB,CAAC;IAKD,qBAAqB;QACnB,OAAO,MAAM,CAAC,IAAI,CAAC,iDAAuB,CAAC,CAAC;IAC9C,CAAC;IAKD,eAAe,CAAC,YAAoB;QAClC,OAAO,YAAY,IAAI,iDAAuB,CAAC;IACjD,CAAC;CACF,CAAA;AAvFY,oEAA4B;uCAA5B,4BAA4B;IADxC,IAAA,mBAAU,GAAE;qCAK6B,6DAA4B;GAJzD,4BAA4B,CAuFxC"}

package/dist/modules/authorization/index.d.ts

@@ -0,0 +1,7 @@
+export * from "./authorization.module";
+export * from "./interfaces/authorization.interface";
+export * from "./services";
+export * from "./factories/resource-authorization.factory";
+export * from "./config/resource-configurations";
+export * from "./decorators/permissions.decorator";
+export * from "./decorators/contact-permissions.decorator";

package/dist/modules/authorization/index.js

@@ -0,0 +1,24 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./authorization.module"), exports);
+__exportStar(require("./interfaces/authorization.interface"), exports);
+__exportStar(require("./services"), exports);
+__exportStar(require("./factories/resource-authorization.factory"), exports);
+__exportStar(require("./config/resource-configurations"), exports);
+__exportStar(require("./decorators/permissions.decorator"), exports);
+__exportStar(require("./decorators/contact-permissions.decorator"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/authorization/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/modules/authorization/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AACA,yDAAuC;AAGvC,uEAAqD;AAGrD,6CAA2B;AAG3B,6EAA2D;AAG3D,mEAAiD;AAGjD,qEAAmD;AACnD,6EAA2D"}