roboto-js 1.7.5 → 1.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/.last-build +1 -1
  2. package/SHARING_GUIDE.md +483 -0
  3. package/dist/cjs/rbt_object.cjs +470 -15
  4. package/dist/esm/rbt_object.js +337 -0
  5. package/dist/rbt_object.js +456 -13
  6. package/package.json +1 -1
  7. package/src/rbt_object.js +345 -0
package/dist/esm/rbt_object.js CHANGED
@@ -292,6 +292,343 @@ export default class RbtObject {
292
292
  throw e;
293
293
  }
294
294
  }
295
+
296
+ /**
297
+ * Grants access to this object for specific users and/or user groups.
298
+ * Updates the IAC (Identity and Access Control) permissions.
299
+ *
300
+ * @param {Object} options - Access grant options
301
+ * @param {string[]} [options.userIds=[]] - Array of user IDs to grant read access
302
+ * @param {string[]} [options.groupIds=[]] - Array of user group IDs to grant read access
303
+ * @param {boolean} [options.write=false] - If true, grants write access instead of read access
304
+ * @param {boolean} [options.replace=false] - If true, replaces existing grants; if false, merges with existing
305
+ * @param {boolean} [options.save=true] - If true, automatically saves the object after updating permissions
306
+ * @returns {Promise<RbtObject>} - Returns this object (saved if options.save is true)
307
+ *
308
+ * @example
309
+ * // Grant read access to specific users
310
+ * await myObject.grantAccess({
311
+ * userIds: ['user123', 'user456']
312
+ * });
313
+ *
314
+ * @example
315
+ * // Grant read access to user groups
316
+ * await myObject.grantAccess({
317
+ * groupIds: ['grpRngAccount', 'grpAdmins']
318
+ * });
319
+ *
320
+ * @example
321
+ * // Grant write access to users and groups
322
+ * await myObject.grantAccess({
323
+ * userIds: ['user123'],
324
+ * groupIds: ['grpAdmins'],
325
+ * write: true
326
+ * });
327
+ *
328
+ * @example
329
+ * // Replace existing permissions instead of merging
330
+ * await myObject.grantAccess({
331
+ * userIds: ['user123'],
332
+ * replace: true
333
+ * });
334
+ *
335
+ * @example
336
+ * // Update permissions without auto-saving
337
+ * await myObject.grantAccess({
338
+ * userIds: ['user123'],
339
+ * save: false
340
+ * });
341
+ * // ... make other changes ...
342
+ * await myObject.save();
343
+ */
344
+ async grantAccess(options = {}) {
345
+ const {
346
+ userIds = [],
347
+ groupIds = [],
348
+ write = false,
349
+ replace = false,
350
+ save = true
351
+ } = options;
352
+
353
+ // Validate inputs
354
+ if (!Array.isArray(userIds)) {
355
+ throw new Error('userIds must be an array');
356
+ }
357
+ if (!Array.isArray(groupIds)) {
358
+ throw new Error('groupIds must be an array');
359
+ }
360
+
361
+ // Get current IAC settings
362
+ const iac = this.get('iac') || {};
363
+
364
+ // Determine which grant type to update (read or write)
365
+ const grantType = write ? 'writeGrants' : 'readGrants';
366
+
367
+ // Initialize grants if they don't exist
368
+ if (!iac[grantType]) {
369
+ iac[grantType] = {};
370
+ }
371
+
372
+ // Handle users
373
+ if (userIds.length > 0) {
374
+ if (replace) {
375
+ // Replace existing users
376
+ iac[grantType].users = [...userIds];
377
+ } else {
378
+ // Merge with existing users (avoiding duplicates)
379
+ const existingUsers = iac[grantType].users || [];
380
+ const mergedUsers = [...new Set([...existingUsers, ...userIds])];
381
+ iac[grantType].users = mergedUsers;
382
+ }
383
+ }
384
+
385
+ // Handle user groups
386
+ if (groupIds.length > 0) {
387
+ if (replace) {
388
+ // Replace existing groups
389
+ iac[grantType].userGroups = [...groupIds];
390
+ } else {
391
+ // Merge with existing groups (avoiding duplicates)
392
+ const existingGroups = iac[grantType].userGroups || [];
393
+ const mergedGroups = [...new Set([...existingGroups, ...groupIds])];
394
+ iac[grantType].userGroups = mergedGroups;
395
+ }
396
+ }
397
+
398
+ // Update the object
399
+ this.set('iac', iac);
400
+
401
+ // Save if requested
402
+ if (save) {
403
+ return await this.save();
404
+ }
405
+ return this;
406
+ }
407
+
408
+ /**
409
+ * Publishes this object to make it publicly accessible (or unpublishes it).
410
+ * Adds or removes 'public_user' from the IAC read permissions.
411
+ *
412
+ * @param {Object} options - Publishing options
413
+ * @param {boolean} [options.publish=true] - If true, publishes the object; if false, unpublishes it
414
+ * @param {boolean} [options.save=true] - If true, automatically saves the object after updating permissions
415
+ * @returns {Promise<RbtObject>} - Returns this object (saved if options.save is true)
416
+ *
417
+ * @example
418
+ * // Publish an object (make it public)
419
+ * await myObject.publishObject();
420
+ *
421
+ * @example
422
+ * // Unpublish an object (make it private)
423
+ * await myObject.publishObject({ publish: false });
424
+ *
425
+ * @example
426
+ * // Publish without auto-saving
427
+ * await myObject.publishObject({ save: false });
428
+ * // ... make other changes ...
429
+ * await myObject.save();
430
+ */
431
+ async publishObject(options = {}) {
432
+ const {
433
+ publish = true,
434
+ save = true
435
+ } = options;
436
+
437
+ // Get current IAC settings
438
+ const iac = this.get('iac') || {};
439
+
440
+ // Initialize readGrants if it doesn't exist
441
+ if (!iac.readGrants) {
442
+ iac.readGrants = {};
443
+ }
444
+
445
+ // Initialize users array if it doesn't exist
446
+ if (!Array.isArray(iac.readGrants.users)) {
447
+ iac.readGrants.users = [];
448
+ }
449
+ if (publish) {
450
+ // Add public_user if not already present
451
+ if (!iac.readGrants.users.includes('public_user')) {
452
+ iac.readGrants.users.push('public_user');
453
+ }
454
+ } else {
455
+ // Remove public_user
456
+ iac.readGrants.users = iac.readGrants.users.filter(userId => userId !== 'public_user');
457
+ }
458
+
459
+ // Update the object
460
+ this.set('iac', iac);
461
+
462
+ // Save if requested
463
+ if (save) {
464
+ return await this.save();
465
+ }
466
+ return this;
467
+ }
468
+
469
+ /**
470
+ * Unpublishes this object to remove public access.
471
+ * Removes 'public_user' from the IAC read permissions.
472
+ * This is an alias for publishObject({ publish: false }) for better code clarity.
473
+ *
474
+ * @param {Object} options - Unpublishing options
475
+ * @param {boolean} [options.save=true] - If true, automatically saves the object after updating permissions
476
+ * @returns {Promise<RbtObject>} - Returns this object (saved if options.save is true)
477
+ *
478
+ * @example
479
+ * // Unpublish an object (remove public access)
480
+ * await myObject.unpublishObject();
481
+ *
482
+ * @example
483
+ * // Unpublish without auto-saving
484
+ * await myObject.unpublishObject({ save: false });
485
+ * // ... make other changes ...
486
+ * await myObject.save();
487
+ */
488
+ async unpublishObject(options = {}) {
489
+ return await this.publishObject({
490
+ publish: false,
491
+ save: options.save !== undefined ? options.save : true
492
+ });
493
+ }
494
+
495
+ /**
496
+ * Revokes access from specific users and/or user groups.
497
+ *
498
+ * @param {Object} options - Access revocation options
499
+ * @param {string[]} [options.userIds=[]] - Array of user IDs to remove from read or write access
500
+ * @param {string[]} [options.groupIds=[]] - Array of group IDs to remove from read or write access
501
+ * @param {boolean} [options.write=false] - If true, removes write access; if false, removes read access
502
+ * @param {boolean} [options.save=true] - If true, automatically saves the object after updating permissions
503
+ * @returns {Promise<RbtObject>} - Returns this object (saved if options.save is true)
504
+ *
505
+ * @example
506
+ * // Revoke read access from specific users
507
+ * await myObject.revokeAccess({
508
+ * userIds: ['user_123', 'user_456']
509
+ * });
510
+ *
511
+ * @example
512
+ * // Revoke write access from specific groups
513
+ * await myObject.revokeAccess({
514
+ * groupIds: ['grpEditors'],
515
+ * write: true
516
+ * });
517
+ *
518
+ * @example
519
+ * // Revoke access from users and groups
520
+ * await myObject.revokeAccess({
521
+ * userIds: ['user_123'],
522
+ * groupIds: ['grpViewers']
523
+ * });
524
+ *
525
+ * @example
526
+ * // Revoke without auto-saving
527
+ * await myObject.revokeAccess({
528
+ * userIds: ['user_123'],
529
+ * save: false
530
+ * });
531
+ */
532
+ async revokeAccess(options = {}) {
533
+ const {
534
+ userIds = [],
535
+ groupIds = [],
536
+ write = false,
537
+ save = true
538
+ } = options;
539
+
540
+ // Validate inputs
541
+ if (!Array.isArray(userIds)) {
542
+ throw new Error('userIds must be an array');
543
+ }
544
+ if (!Array.isArray(groupIds)) {
545
+ throw new Error('groupIds must be an array');
546
+ }
547
+
548
+ // Get current IAC settings
549
+ const iac = this.get('iac') || {};
550
+
551
+ // Determine which grant type to update (read or write)
552
+ const grantType = write ? 'writeGrants' : 'readGrants';
553
+
554
+ // Initialize grants if they don't exist
555
+ if (!iac[grantType]) {
556
+ iac[grantType] = {};
557
+ }
558
+
559
+ // Remove specified users
560
+ if (userIds.length > 0 && Array.isArray(iac[grantType].users)) {
561
+ iac[grantType].users = iac[grantType].users.filter(userId => !userIds.includes(userId));
562
+ }
563
+
564
+ // Remove specified groups
565
+ if (groupIds.length > 0 && Array.isArray(iac[grantType].userGroups)) {
566
+ iac[grantType].userGroups = iac[grantType].userGroups.filter(groupId => !groupIds.includes(groupId));
567
+ }
568
+
569
+ // Update the object
570
+ this.set('iac', iac);
571
+
572
+ // Save if requested
573
+ if (save) {
574
+ return await this.save();
575
+ }
576
+ return this;
577
+ }
578
+
579
+ /**
580
+ * Checks if this object is currently published (publicly accessible).
581
+ *
582
+ * @returns {boolean} - True if 'public_user' is in the read grants, false otherwise
583
+ *
584
+ * @example
585
+ * if (myObject.isPublished()) {
586
+ * console.log('Object is public');
587
+ * }
588
+ */
589
+ isPublished() {
590
+ const iac = this.get('iac');
591
+ if (!iac || !iac.readGrants || !Array.isArray(iac.readGrants.users)) {
592
+ return false;
593
+ }
594
+ return iac.readGrants.users.includes('public_user');
595
+ }
596
+
597
+ /**
598
+ * Gets the current sharing permissions for this object.
599
+ *
600
+ * @returns {Object} - Object containing read and write grants
601
+ * @returns {Object} returns.readGrants - Read access grants
602
+ * @returns {string[]} returns.readGrants.users - Array of user IDs with read access
603
+ * @returns {string[]} returns.readGrants.userGroups - Array of group IDs with read access
604
+ * @returns {string[]} returns.readGrants.organizations - Array of organization IDs with read access
605
+ * @returns {Object} returns.writeGrants - Write access grants
606
+ * @returns {string[]} returns.writeGrants.users - Array of user IDs with write access
607
+ * @returns {string[]} returns.writeGrants.userGroups - Array of group IDs with write access
608
+ * @returns {string[]} returns.writeGrants.organizations - Array of organization IDs with write access
609
+ *
610
+ * @example
611
+ * const permissions = myObject.getSharing();
612
+ * console.log('Read users:', permissions.readGrants.users);
613
+ * console.log('Read groups:', permissions.readGrants.userGroups);
614
+ */
615
+ getSharing() {
616
+ const iac = this.get('iac') || {};
617
+ return {
618
+ readGrants: {
619
+ users: iac.readGrants?.users || [],
620
+ userGroups: iac.readGrants?.userGroups || [],
621
+ organizations: iac.readGrants?.organizations || [],
622
+ userSegments: iac.readGrants?.userSegments || []
623
+ },
624
+ writeGrants: {
625
+ users: iac.writeGrants?.users || [],
626
+ userGroups: iac.writeGrants?.userGroups || [],
627
+ organizations: iac.writeGrants?.organizations || [],
628
+ userSegments: iac.writeGrants?.userSegments || []
629
+ }
630
+ };
631
+ }
295
632
  async delete() {
296
633
  if (!this._internalData.type) {
297
634
  throw new Error('Cannot delete object without type');