serverless-event-orchestrator 2.5.0 → 2.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dispatcher.d.ts.map +1 -1
- package/dist/dispatcher.js +6 -0
- package/dist/dispatcher.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -1
- package/dist/index.js.map +1 -1
- package/dist/middleware/index.d.ts +2 -0
- package/dist/middleware/index.d.ts.map +1 -1
- package/dist/middleware/index.js +5 -1
- package/dist/middleware/index.js.map +1 -1
- package/dist/middleware/require-feature.d.ts +36 -0
- package/dist/middleware/require-feature.d.ts.map +1 -0
- package/dist/middleware/require-feature.js +71 -0
- package/dist/middleware/require-feature.js.map +1 -0
- package/dist/middleware/require-permission.d.ts +31 -0
- package/dist/middleware/require-permission.d.ts.map +1 -0
- package/dist/middleware/require-permission.js +66 -0
- package/dist/middleware/require-permission.js.map +1 -0
- package/package.json +1 -1
- package/src/dispatcher.ts +7 -0
- package/src/index.ts +2 -0
- package/src/middleware/index.ts +2 -0
- package/src/middleware/require-feature.ts +76 -0
- package/src/middleware/require-permission.ts +71 -0
- package/tests/dispatcher.test.ts +102 -0
- package/tests/middleware/require-feature.test.ts +110 -0
- package/tests/middleware/require-permission.test.ts +110 -0
package/dist/dispatcher.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAgB,MAAM,4BAA4B,CAAC;AACrE,OAAO,EACL,cAAc,EASd,kBAAkB,EAEnB,MAAM,mBAAmB,CAAC;AAQ3B;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,GAAG,GAAG,SAAS,CAOrD;AAsUD;;GAEG;AACH,wBAAsB,aAAa,CACjC,KAAK,EAAE,GAAG,EACV,MAAM,EAAE,cAAc,EACtB,MAAM,GAAE,kBAAuB,GAC9B,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"dispatcher.d.ts","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAgB,MAAM,4BAA4B,CAAC;AACrE,OAAO,EACL,cAAc,EASd,kBAAkB,EAEnB,MAAM,mBAAmB,CAAC;AAQ3B;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,GAAG,GAAG,SAAS,CAOrD;AAsUD;;GAEG;AACH,wBAAsB,aAAa,CACjC,KAAK,EAAE,GAAG,EACV,MAAM,EAAE,cAAc,EACtB,MAAM,GAAE,kBAAuB,GAC9B,OAAO,CAAC,GAAG,CAAC,CAqNd;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,GAAE,kBAAuB;sBAE5C,GAAG,UAAU,cAAc;;EAGhD"}
|
package/dist/dispatcher.js
CHANGED
|
@@ -398,6 +398,12 @@ async function dispatchEvent(event, routes, config = {}) {
|
|
|
398
398
|
if (routeMatch.middleware?.length) {
|
|
399
399
|
normalized = await executeMiddleware(routeMatch.middleware, normalized);
|
|
400
400
|
}
|
|
401
|
+
// Execute per-route middleware (RouteConfig.middleware) — runs LAST,
|
|
402
|
+
// after global and segment middleware, so route-level guards like
|
|
403
|
+
// requirePermission(...) and crmGuard see a fully-initialized context.
|
|
404
|
+
if (routeMatch.config.middleware?.length) {
|
|
405
|
+
normalized = await executeMiddleware(routeMatch.config.middleware, normalized);
|
|
406
|
+
}
|
|
401
407
|
}
|
|
402
408
|
catch (thrown) {
|
|
403
409
|
// If middleware threw an HttpResponse (e.g., forbiddenResponse from tenantGuard), return it
|
package/dist/dispatcher.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dispatcher.js","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":";;AA6BA,0CAOC;AAyUD,sCAkNC;AAKD,gDAKC;AAzkBD,mEAAqE;AAcrE,6DAAmE;AACnE,mDAAsD;AACtD,0DAAwE;AACxE,0DAA0E;AAE1E,oDAAmH;AAEnH;;;;;;;GAOG;AACH,SAAgB,eAAe,CAAC,KAAU;IACxC,IAAI,KAAK,CAAC,MAAM,KAAK,YAAY,IAAI,KAAK,CAAC,aAAa,CAAC,KAAK,iBAAiB;QAAE,OAAO,8BAAS,CAAC,SAAS,CAAC;IAC5G,IAAI,kBAAkB,CAAC,KAAK,CAAC;QAAE,OAAO,8BAAS,CAAC,WAAW,CAAC;IAC5D,IAAI,KAAK,CAAC,cAAc,IAAI,KAAK,CAAC,UAAU;QAAE,OAAO,8BAAS,CAAC,UAAU,CAAC;IAC1E,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,KAAK,SAAS;QAAE,OAAO,8BAAS,CAAC,GAAG,CAAC;IACvH,IAAI,KAAK,CAAC,YAAY;QAAE,OAAO,8BAAS,CAAC,MAAM,CAAC;IAChD,OAAO,8BAAS,CAAC,OAAO,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,KAAU;IACpC,OAAO,CACL,KAAK;QACL,OAAO,KAAK,KAAK,QAAQ;QACzB,KAAK,CAAC,OAAO,KAAK,GAAG;QACrB,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ;QAC5B,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ;QAChC,OAAO,KAAK,CAAC,aAAa,CAAC,KAAK,QAAQ;QACxC,KAAK,CAAC,MAAM,KAAK,SAAS,CAC3B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,MAAW;IACpC,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACxD,MAAM,WAAW,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IACpE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,MAAW;IAClC,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,QAAQ,IAAI,MAAM,CAAC;AACpE,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,OAA+C;IAC3E,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAC/B,IAAI,eAAe,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,wBAAwB,CAAC,OAA+C;IAC/E,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,CAAC;IACxB,IAAI,eAAe,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9D,OAAO,EAAE,CAAC;AACZ,CAAC;AAGD;;GAEG;AACH,SAAS,+BAA+B,CACtC,MAA8B,EAC9B,MAAkB,EAClB,YAAoB,EACpB,UAAkB;IAElB,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,YAAY;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,iBAAiB,GAAG,IAAA,+BAAa,EAAC,YAAY,CAAC,CAAC;IACtD,MAAM,oBAAoB,GAAG,IAAA,+BAAa,EAAC,UAAU,CAAC,CAAC;IAEvD,0CAA0C;IAC1C,IAAI,YAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACpC,wDAAwD;QACxD,MAAM,MAAM,GAAG,IAAA,2BAAS,EAAC,iBAAiB,EAAE,oBAAoB,CAAC,IAAI,EAAE,CAAC;QACxE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7D,CAAC;IAED,6BAA6B;IAC7B,KAAK,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7D,MAAM,MAAM,GAAG,IAAA,2BAAS,EAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;QACxD,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,iCAAiC,CACxC,MAAqD,EACrD,MAAkB,EAClB,YAAoB,EACpB,UAAkB;IAElB,MAAM,QAAQ,GAAmB;QAC/B,iCAAY,CAAC,MAAM;QACnB,iCAAY,CAAC,OAAO;QACpB,iCAAY,CAAC,UAAU;QACvB,iCAAY,CAAC,QAAQ;KACtB,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,UAAU,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;QACvD,MAAM,MAAM,GAAG,+BAA+B,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;QAE7F,IAAI,MAAM,EAAE,CAAC;YACX,OAAO;gBACL,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO;gBACP,UAAU,EAAE,wBAAwB,CAAC,aAAa,CAAC;gBACnD,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAGD;;GAEG;AACH,KAAK,UAAU,wBAAwB,CACrC,KAAU,EACV,OAAqB,EACrB,eAAuC,EACvC,cAAuB,KAAK,EAC5B,qBAAiD;IAEjD,MAAM,QAAQ,GAAG,MAAM,IAAA,8BAAe,EAAC,KAAK,EAAE,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC,CAAC;IAEtF,mEAAmE;IACnE,MAAM,eAAe,GAA2B,KAAK,CAAC,cAAc,IAAI,OAAO,KAAK,CAAC,cAAc,KAAK,QAAQ;QAC9G,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,cAAc,EAAE;QAC7B,CAAC,CAAC,EAAE,CAAC;IAEP,gGAAgG;IAChG,MAAM,MAAM,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,eAAe,EAAE,CAAC;IAE1D,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,UAAU;QAC/B,OAAO,EAAE;YACP,IAAI,EAAE,IAAA,8BAAa,EAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,eAAe,CAAC;YACtD,cAAc,EAAE,MAAM;YACtB,qBAAqB,EAAE,IAAA,iCAAgB,EAAC,KAAK,CAAC,qBAAqB,CAAC;YACpE,OAAO,EAAE,IAAA,6BAAgB,EAAC,KAAK,CAAC,OAAO,CAAC;SACzC;QACD,MAAM;QACN,OAAO,EAAE;YACP,OAAO;YACP,QAAQ;YACR,SAAS,EAAE,KAAK,CAAC,cAAc,EAAE,SAAS;SAC3C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,KAAU;IAC3C,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,WAAW;QAChC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,MAAM;SACnB;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,KAAK,CAAC,EAAE;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,KAAU;IACnC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,IAAI,GAAwB,EAAE,CAAC;IAEnC,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAwB,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;IAClC,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,GAAG;QACxB,OAAO,EAAE;YACP,IAAI;SACL;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,KAAU;IACzC,oFAAoF;IACpF,MAAM,OAAO,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,SAAS,CAAC;IAEzD,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,SAAS;QAC9B,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE;SACzB;QACD,MAAM,EAAE,EAAE,QAAQ,EAAE;QACpB,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,KAAK,CAAC,EAAE;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,KAAU;IACtC,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,MAAM;QAC3B,OAAO,EAAE;YACP,IAAI,EAAE,KAAK;SACZ;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;SAC/B;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,UAA2B,EAC3B,OAAqB,EACrB,MAA0B;IAE1B,yCAAyC;IACzC,IAAI,OAAO,KAAK,iCAAY,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEjD,0CAA0C;IAC1C,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,kBAAkB;QAAE,OAAO,IAAI,CAAC;IAErC,6CAA6C;IAC7C,OAAO,IAAA,6BAAc,EAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAc;IACpC,OAAO,CACL,OAAO,KAAK,KAAK,QAAQ;QACzB,KAAK,KAAK,IAAI;QACd,YAAY,IAAI,KAAK;QACrB,OAAQ,KAAa,CAAC,UAAU,KAAK,QAAQ,CAC9C,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,iBAAiB,CAC9B,UAA0B,EAC1B,KAAsB;IAEtB,IAAI,YAAY,GAAG,KAAK,CAAC;IAEzB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC;QACtC,IAAI,MAAM,EAAE,CAAC;YACX,YAAY,GAAG,MAAM,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,QAAa;IACxC,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE/D,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC;IAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAClD,oIAAoI,CAAC;IACvI,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,mCAAmC,CAAC;IAE5F,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;IAE/C,OAAO;QACL,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,6BAA6B,EAAE,UAAU;YACzC,8BAA8B,EAAE,WAAW;YAC3C,8BAA8B,EAAE,WAAW;YAC3C,GAAG,eAAe;SACnB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,KAAU,EACV,MAAsB,EACtB,SAA6B,EAAE;IAE/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,KAAK,CAAC;IAEpC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAEpC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,4BAA4B;IAC5B,IAAI,IAAI,KAAK,8BAAS,CAAC,UAAU,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,EAAE,WAAW,EAAgB,CAAC;QAC7D,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;QAClD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,CAAC;QAEhD,+CAA+C;QAC/C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;YAC1D,CAAC;YACD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC;YAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB;gBAClD,oIAAoI,CAAC;YACvI,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,mCAAmC,CAAC;YAC5F,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,KAAK,CAAC;YAErD,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE;oBACP,6BAA6B,EAAE,UAAU;oBACzC,8BAA8B,EAAE,WAAW;oBAC3C,8BAA8B,EAAE,WAAW;oBAC3C,wBAAwB,EAAE,UAAU;iBACrC;gBACD,IAAI,EAAE,EAAE;aACT,CAAC;QACJ,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,IAAI,IAAA,8BAAgB,EAAC,0BAA0B,CAAC,CAAC,CAAC;QAC7G,CAAC;QAED,IAAI,UAAU,GAAsB,IAAI,CAAC;QAEzC,0EAA0E;QAC1E,IAAI,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;YACjC,UAAU,GAAG,iCAAiC,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;QAC9F,CAAC;aAAM,CAAC;YACN,gCAAgC;YAChC,MAAM,MAAM,GAAG,+BAA+B,CAAC,SAAuB,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;YAC1G,IAAI,MAAM,EAAE,CAAC;gBACX,UAAU,GAAG;oBACX,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;oBAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,OAAO,EAAE,iCAAY,CAAC,MAAM;oBAC5B,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,IAAI,IAAA,8BAAgB,EAAC,oBAAoB,MAAM,CAAC,WAAW,EAAE,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC;QAC7I,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,UAAU,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;QACxF,CAAC;QAED,yEAAyE;QACzE,MAAM,qBAAqB,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,UAAU,GAAG,MAAM,wBAAwB,CAC7C,KAAK,EACL,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,MAAM,EACjB,MAAM,CAAC,mBAAmB,EAC1B,qBAAqB,CACtB,CAAC;QAEF,wEAAwE;QACxE,IAAI,qBAAqB,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YAC1D,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,gEAAgE,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACpG,CAAC;YACD,OAAO,mBAAmB,CAAC,IAAA,kCAAoB,EAAC,yCAAyC,CAAC,CAAC,CAAC;QAC9F,CAAC;QAED,gDAAgD;QAChD,IAAI,CAAC,uBAAuB,CAAC,UAAU,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,CAAC;YACrE,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,gDAAgD,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACpF,CAAC;YACD,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,IAAA,+BAAiB,EAAC,qCAAqC,CAAC,CAAC,CAAC;QAC1H,CAAC;QAED,kEAAkE;QAClE,IAAI,CAAC;YACH,4BAA4B;YAC5B,IAAI,MAAM,CAAC,gBAAgB,EAAE,MAAM,EAAE,CAAC;gBACpC,UAAU,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;YAC5E,CAAC;YAED,6BAA6B;YAC7B,IAAI,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;gBAClC,UAAU,GAAG,MAAM,iBAAiB,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAAC,OAAO,MAAM,EAAE,CAAC;YAChB,4FAA4F;YAC5F,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC3B,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;YACrC,CAAC;YACD,yCAAyC;YACzC,MAAM,MAAM,CAAC;QACf,CAAC;QAED,qDAAqD;QACrD,MAAM,eAAe,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC7D,OAAO,mBAAmB,CAAC,eAAe,CAAC,CAAC;IAC9C,CAAC;IAED,4EAA4E;IAC5E,IAAI,IAAI,KAAK,8BAAS,CAAC,SAAS,EAAE,CAAC;QACjC,MAAM,UAAU,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC;QAC5C,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC;QAE1E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,QAAQ,CAAC,CAAC;YAChE,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,6BAA6B,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,6BAA6B;IAC7B,EAAE;IACF,gFAAgF;IAChF,6EAA6E;IAC7E,6EAA6E;IAC7E,IAAI,IAAI,KAAK,8BAAS,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,UAAU,GAAuB,KAAK,CAAC,aAAa,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAuB,KAAK,CAAC,MAAM,EAAE,aAAa,CAAC;QACtE,MAAM,OAAO,GACX,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;eACxD,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;eACjE,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC;QAEjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,+BAA+B,EAAE,CAAC;QACpE,CAAC;QAED,MAAM,UAAU,GAAG,yBAAyB,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,oBAAoB;IACpB,IAAI,IAAI,KAAK,8BAAS,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC;QAClD,MAAM,SAAS,GAAG,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC;QAE/D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,SAAS,CAAC,CAAC;YAC5D,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC5C,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,2BAA2B;IAC3B,IAAI,IAAI,KAAK,8BAAS,CAAC,MAAM,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;QAEvC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,MAAM,UAAU,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAC/C,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,qBAAqB;IACrB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,CAAC,oBAAoB,CAAC,IAAI,IAAA,gCAAkB,EAAC,oBAAoB,CAAC,CAAC;AAC1G,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,SAA6B,EAAE;IAChE,OAAO;QACL,QAAQ,EAAE,CAAC,KAAU,EAAE,MAAsB,EAAE,EAAE,CAAC,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC;QACtF,MAAM;KACP,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"dispatcher.js","sourceRoot":"","sources":["../src/dispatcher.ts"],"names":[],"mappings":";;AA6BA,0CAOC;AAyUD,sCAyNC;AAKD,gDAKC;AAhlBD,mEAAqE;AAcrE,6DAAmE;AACnE,mDAAsD;AACtD,0DAAwE;AACxE,0DAA0E;AAE1E,oDAAmH;AAEnH;;;;;;;GAOG;AACH,SAAgB,eAAe,CAAC,KAAU;IACxC,IAAI,KAAK,CAAC,MAAM,KAAK,YAAY,IAAI,KAAK,CAAC,aAAa,CAAC,KAAK,iBAAiB;QAAE,OAAO,8BAAS,CAAC,SAAS,CAAC;IAC5G,IAAI,kBAAkB,CAAC,KAAK,CAAC;QAAE,OAAO,8BAAS,CAAC,WAAW,CAAC;IAC5D,IAAI,KAAK,CAAC,cAAc,IAAI,KAAK,CAAC,UAAU;QAAE,OAAO,8BAAS,CAAC,UAAU,CAAC;IAC1E,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,WAAW,KAAK,SAAS;QAAE,OAAO,8BAAS,CAAC,GAAG,CAAC;IACvH,IAAI,KAAK,CAAC,YAAY;QAAE,OAAO,8BAAS,CAAC,MAAM,CAAC;IAChD,OAAO,8BAAS,CAAC,OAAO,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,KAAU;IACpC,OAAO,CACL,KAAK;QACL,OAAO,KAAK,KAAK,QAAQ;QACzB,KAAK,CAAC,OAAO,KAAK,GAAG;QACrB,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ;QAC5B,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ;QAChC,OAAO,KAAK,CAAC,aAAa,CAAC,KAAK,QAAQ;QACxC,KAAK,CAAC,MAAM,KAAK,SAAS,CAC3B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,MAAW;IACpC,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACxD,MAAM,WAAW,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IACpE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,MAAW;IAClC,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,QAAQ,IAAI,MAAM,CAAC;AACpE,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,OAA+C;IAC3E,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAC/B,IAAI,eAAe,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,wBAAwB,CAAC,OAA+C;IAC/E,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,CAAC;IACxB,IAAI,eAAe,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9D,OAAO,EAAE,CAAC;AACZ,CAAC;AAGD;;GAEG;AACH,SAAS,+BAA+B,CACtC,MAA8B,EAC9B,MAAkB,EAClB,YAAoB,EACpB,UAAkB;IAElB,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IACpC,IAAI,CAAC,YAAY;QAAE,OAAO,IAAI,CAAC;IAE/B,MAAM,iBAAiB,GAAG,IAAA,+BAAa,EAAC,YAAY,CAAC,CAAC;IACtD,MAAM,oBAAoB,GAAG,IAAA,+BAAa,EAAC,UAAU,CAAC,CAAC;IAEvD,0CAA0C;IAC1C,IAAI,YAAY,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACpC,wDAAwD;QACxD,MAAM,MAAM,GAAG,IAAA,2BAAS,EAAC,iBAAiB,EAAE,oBAAoB,CAAC,IAAI,EAAE,CAAC;QACxE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7D,CAAC;IAED,6BAA6B;IAC7B,KAAK,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7D,MAAM,MAAM,GAAG,IAAA,2BAAS,EAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;QACxD,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YACpB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,iCAAiC,CACxC,MAAqD,EACrD,MAAkB,EAClB,YAAoB,EACpB,UAAkB;IAElB,MAAM,QAAQ,GAAmB;QAC/B,iCAAY,CAAC,MAAM;QACnB,iCAAY,CAAC,OAAO;QACpB,iCAAY,CAAC,UAAU;QACvB,iCAAY,CAAC,QAAQ;KACtB,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,UAAU,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;QACvD,MAAM,MAAM,GAAG,+BAA+B,CAAC,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;QAE7F,IAAI,MAAM,EAAE,CAAC;YACX,OAAO;gBACL,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;gBAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO;gBACP,UAAU,EAAE,wBAAwB,CAAC,aAAa,CAAC;gBACnD,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAGD;;GAEG;AACH,KAAK,UAAU,wBAAwB,CACrC,KAAU,EACV,OAAqB,EACrB,eAAuC,EACvC,cAAuB,KAAK,EAC5B,qBAAiD;IAEjD,MAAM,QAAQ,GAAG,MAAM,IAAA,8BAAe,EAAC,KAAK,EAAE,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC,CAAC;IAEtF,mEAAmE;IACnE,MAAM,eAAe,GAA2B,KAAK,CAAC,cAAc,IAAI,OAAO,KAAK,CAAC,cAAc,KAAK,QAAQ;QAC9G,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,cAAc,EAAE;QAC7B,CAAC,CAAC,EAAE,CAAC;IAEP,gGAAgG;IAChG,MAAM,MAAM,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,eAAe,EAAE,CAAC;IAE1D,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,UAAU;QAC/B,OAAO,EAAE;YACP,IAAI,EAAE,IAAA,8BAAa,EAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,eAAe,CAAC;YACtD,cAAc,EAAE,MAAM;YACtB,qBAAqB,EAAE,IAAA,iCAAgB,EAAC,KAAK,CAAC,qBAAqB,CAAC;YACpE,OAAO,EAAE,IAAA,6BAAgB,EAAC,KAAK,CAAC,OAAO,CAAC;SACzC;QACD,MAAM;QACN,OAAO,EAAE;YACP,OAAO;YACP,QAAQ;YACR,SAAS,EAAE,KAAK,CAAC,cAAc,EAAE,SAAS;SAC3C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,KAAU;IAC3C,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,WAAW;QAChC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,MAAM;SACnB;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,KAAK,CAAC,EAAE;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,KAAU;IACnC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,IAAI,GAAwB,EAAE,CAAC;IAEnC,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAwB,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,GAAG,EAAE,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;IAClC,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,GAAG;QACxB,OAAO,EAAE;YACP,IAAI;SACL;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,KAAU;IACzC,oFAAoF;IACpF,MAAM,OAAO,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,SAAS,CAAC;IAEzD,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,SAAS;QAC9B,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE;SACzB;QACD,MAAM,EAAE,EAAE,QAAQ,EAAE;QACpB,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;YAC9B,SAAS,EAAE,KAAK,CAAC,EAAE;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,KAAU;IACtC,OAAO;QACL,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,8BAAS,CAAC,MAAM;QAC3B,OAAO,EAAE;YACP,IAAI,EAAE,KAAK;SACZ;QACD,MAAM,EAAE,EAAE;QACV,OAAO,EAAE;YACP,OAAO,EAAE,iCAAY,CAAC,QAAQ;SAC/B;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,UAA2B,EAC3B,OAAqB,EACrB,MAA0B;IAE1B,yCAAyC;IACzC,IAAI,OAAO,KAAK,iCAAY,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEjD,0CAA0C;IAC1C,MAAM,kBAAkB,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,kBAAkB;QAAE,OAAO,IAAI,CAAC;IAErC,6CAA6C;IAC7C,OAAO,IAAA,6BAAc,EAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAc;IACpC,OAAO,CACL,OAAO,KAAK,KAAK,QAAQ;QACzB,KAAK,KAAK,IAAI;QACd,YAAY,IAAI,KAAK;QACrB,OAAQ,KAAa,CAAC,UAAU,KAAK,QAAQ,CAC9C,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,iBAAiB,CAC9B,UAA0B,EAC1B,KAAsB;IAEtB,IAAI,YAAY,GAAG,KAAK,CAAC;IAEzB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,CAAC;QACtC,IAAI,MAAM,EAAE,CAAC;YACX,YAAY,GAAG,MAAM,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,QAAa;IACxC,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE/D,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC;IAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAClD,oIAAoI,CAAC;IACvI,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,mCAAmC,CAAC;IAE5F,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;IAE/C,OAAO;QACL,GAAG,QAAQ;QACX,OAAO,EAAE;YACP,6BAA6B,EAAE,UAAU;YACzC,8BAA8B,EAAE,WAAW;YAC3C,8BAA8B,EAAE,WAAW;YAC3C,GAAG,eAAe;SACnB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,KAAU,EACV,MAAsB,EACtB,SAA6B,EAAE;IAE/B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,KAAK,CAAC;IAEpC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAEpC,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,4BAA4B;IAC5B,IAAI,IAAI,KAAK,8BAAS,CAAC,UAAU,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,EAAE,WAAW,EAAgB,CAAC;QAC7D,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC;QAClD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,QAAQ,CAAC;QAEhD,+CAA+C;QAC/C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YACzB,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;YAC1D,CAAC;YACD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC;YAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB;gBAClD,oIAAoI,CAAC;YACvI,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,mCAAmC,CAAC;YAC5F,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,KAAK,CAAC;YAErD,OAAO;gBACL,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE;oBACP,6BAA6B,EAAE,UAAU;oBACzC,8BAA8B,EAAE,WAAW;oBAC3C,8BAA8B,EAAE,WAAW;oBAC3C,wBAAwB,EAAE,UAAU;iBACrC;gBACD,IAAI,EAAE,EAAE;aACT,CAAC;QACJ,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QACrF,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC;QACpC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,IAAI,IAAA,8BAAgB,EAAC,0BAA0B,CAAC,CAAC,CAAC;QAC7G,CAAC;QAED,IAAI,UAAU,GAAsB,IAAI,CAAC;QAEzC,0EAA0E;QAC1E,IAAI,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;YACjC,UAAU,GAAG,iCAAiC,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;QAC9F,CAAC;aAAM,CAAC;YACN,gCAAgC;YAChC,MAAM,MAAM,GAAG,+BAA+B,CAAC,SAAuB,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;YAC1G,IAAI,MAAM,EAAE,CAAC;gBACX,UAAU,GAAG;oBACX,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;oBAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,OAAO,EAAE,iCAAY,CAAC,MAAM;oBAC5B,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;YACjE,CAAC;YACD,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,IAAI,IAAA,8BAAgB,EAAC,oBAAoB,MAAM,CAAC,WAAW,EAAE,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC;QAC7I,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,UAAU,CAAC,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;QACxF,CAAC;QAED,yEAAyE;QACzE,MAAM,qBAAqB,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC3E,IAAI,UAAU,GAAG,MAAM,wBAAwB,CAC7C,KAAK,EACL,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,MAAM,EACjB,MAAM,CAAC,mBAAmB,EAC1B,qBAAqB,CACtB,CAAC;QAEF,wEAAwE;QACxE,IAAI,qBAAqB,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YAC1D,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,gEAAgE,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACpG,CAAC;YACD,OAAO,mBAAmB,CAAC,IAAA,kCAAoB,EAAC,yCAAyC,CAAC,CAAC,CAAC;QAC9F,CAAC;QAED,gDAAgD;QAChD,IAAI,CAAC,uBAAuB,CAAC,UAAU,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,CAAC;YACrE,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,gDAAgD,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;YACpF,CAAC;YACD,OAAO,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,IAAA,+BAAiB,EAAC,qCAAqC,CAAC,CAAC,CAAC;QAC1H,CAAC;QAED,kEAAkE;QAClE,IAAI,CAAC;YACH,4BAA4B;YAC5B,IAAI,MAAM,CAAC,gBAAgB,EAAE,MAAM,EAAE,CAAC;gBACpC,UAAU,GAAG,MAAM,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;YAC5E,CAAC;YAED,6BAA6B;YAC7B,IAAI,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;gBAClC,UAAU,GAAG,MAAM,iBAAiB,CAAC,UAAU,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YAC1E,CAAC;YAED,qEAAqE;YACrE,kEAAkE;YAClE,uEAAuE;YACvE,IAAI,UAAU,CAAC,MAAM,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;gBACzC,UAAU,GAAG,MAAM,iBAAiB,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;YACjF,CAAC;QACH,CAAC;QAAC,OAAO,MAAM,EAAE,CAAC;YAChB,4FAA4F;YAC5F,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC3B,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;YACrC,CAAC;YACD,yCAAyC;YACzC,MAAM,MAAM,CAAC;QACf,CAAC;QAED,qDAAqD;QACrD,MAAM,eAAe,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC7D,OAAO,mBAAmB,CAAC,eAAe,CAAC,CAAC;IAC9C,CAAC;IAED,4EAA4E;IAC5E,IAAI,IAAI,KAAK,8BAAS,CAAC,SAAS,EAAE,CAAC;QACjC,MAAM,UAAU,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC;QAC5C,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC;QAE1E,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,QAAQ,CAAC,CAAC;YAChE,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,6BAA6B,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,6BAA6B;IAC7B,EAAE;IACF,gFAAgF;IAChF,6EAA6E;IAC7E,6EAA6E;IAC7E,IAAI,IAAI,KAAK,8BAAS,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,UAAU,GAAuB,KAAK,CAAC,aAAa,CAAC,CAAC;QAC5D,MAAM,aAAa,GAAuB,KAAK,CAAC,MAAM,EAAE,aAAa,CAAC;QACtE,MAAM,OAAO,GACX,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;eACxD,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;eACjE,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC;QAEjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,+BAA+B,EAAE,CAAC;QACpE,CAAC;QAED,MAAM,UAAU,GAAG,yBAAyB,CAAC,KAAK,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,oBAAoB;IACpB,IAAI,IAAI,KAAK,8BAAS,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,cAAc,CAAC;QAClD,MAAM,SAAS,GAAG,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC;QAE/D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,SAAS,CAAC,CAAC;YAC5D,CAAC;YACD,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,uBAAuB,EAAE,CAAC;QAC5D,CAAC;QAED,MAAM,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC5C,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,2BAA2B;IAC3B,IAAI,IAAI,KAAK,8BAAS,CAAC,MAAM,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;QAEvC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,EAAE,0BAA0B,EAAE,CAAC;QAC/D,CAAC;QAED,MAAM,UAAU,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAC/C,OAAO,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;IAED,qBAAqB;IACrB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,MAAM,CAAC,SAAS,EAAE,UAAU,EAAE,CAAC,oBAAoB,CAAC,IAAI,IAAA,gCAAkB,EAAC,oBAAoB,CAAC,CAAC;AAC1G,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,SAA6B,EAAE;IAChE,OAAO;QACL,QAAQ,EAAE,CAAC,KAAU,EAAE,MAAsB,EAAE,EAAE,CAAC,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC;QACtF,MAAM;KACP,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -20,5 +20,5 @@ export { TenantContext } from './tenant/TenantContext.js';
|
|
|
20
20
|
export type { TenantInfo, TenantType, Plan, TenantFeatures, TenantClaims, } from './tenant/types.js';
|
|
21
21
|
export { isTenantType, isPlan, TENANT_HEADERS, } from './tenant/types.js';
|
|
22
22
|
export { tenantInfoFromClaims, tenantInfoFromHeaders, tenantInfoToHeaders, } from './tenant/helpers.js';
|
|
23
|
-
export { initTenantContext, tenantGuard, crmGuard, } from './middleware/index.js';
|
|
23
|
+
export { initTenantContext, tenantGuard, crmGuard, requirePermission, requireFeature, } from './middleware/index.js';
|
|
24
24
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAGrF,OAAO,EACL,SAAS,EACT,YAAY,GACb,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,UAAU,EACV,eAAe,EACf,UAAU,EACV,mBAAmB,EACnB,aAAa,EACb,uBAAuB,EACvB,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,eAAe,EACf,cAAc,EACd,eAAe,EACf,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,sBAAsB,EACtB,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,aAAa,EACb,gBAAgB,EAChB,kBAAkB,GACnB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,gBAAgB,EAChB,QAAQ,GACT,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,WAAW,EACX,YAAY,GACb,MAAM,yBAAyB,CAAC;AAEjC,YAAY,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AAEtE,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAGvD,OAAO,EACL,SAAS,EACT,cAAc,EACd,iBAAiB,EACjB,aAAa,GACd,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,UAAU,EACV,UAAU,EACV,IAAI,EACJ,cAAc,EACd,YAAY,GACb,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,YAAY,EACZ,MAAM,EACN,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,WAAW,EACX,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAGrF,OAAO,EACL,SAAS,EACT,YAAY,GACb,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,UAAU,EACV,YAAY,EACZ,WAAW,EACX,UAAU,EACV,eAAe,EACf,UAAU,EACV,mBAAmB,EACnB,aAAa,EACb,uBAAuB,EACvB,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,eAAe,EACf,cAAc,EACd,eAAe,EACf,UAAU,EACV,eAAe,EACf,kBAAkB,EAClB,yBAAyB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,UAAU,EACV,gBAAgB,EAChB,YAAY,EACZ,mBAAmB,EACnB,sBAAsB,EACtB,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,aAAa,EACb,gBAAgB,EAChB,kBAAkB,GACnB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,gBAAgB,EAChB,QAAQ,GACT,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,WAAW,EACX,YAAY,GACb,MAAM,yBAAyB,CAAC;AAEjC,YAAY,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AAEtE,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAGvD,OAAO,EACL,SAAS,EACT,cAAc,EACd,iBAAiB,EACjB,aAAa,GACd,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,gBAAgB,EAChB,SAAS,EACT,cAAc,GACf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,UAAU,EACV,UAAU,EACV,IAAI,EACJ,cAAc,EACd,YAAY,GACb,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,YAAY,EACZ,MAAM,EACN,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,WAAW,EACX,QAAQ,EACR,iBAAiB,EACjB,cAAc,GACf,MAAM,uBAAuB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
* Cognito User Pool validation, and built-in infrastructure middlewares.
|
|
8
8
|
*/
|
|
9
9
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
-
exports.crmGuard = exports.tenantGuard = exports.initTenantContext = exports.tenantInfoToHeaders = exports.tenantInfoFromHeaders = exports.tenantInfoFromClaims = exports.TENANT_HEADERS = exports.isPlan = exports.isTenantType = exports.TenantContext = exports.getCorsHeaders = exports.getHeader = exports.normalizeHeaders = exports.normalizePath = exports.hasPathParameters = exports.patternToRegex = exports.matchPath = exports.verifyJwt = exports.hasAllGroups = exports.hasAnyGroup = exports.validateIssuer = exports.extractUserPoolId = exports.extractIdentity = exports.withCors = exports.applyCorsHeaders = exports.createPreflightResponse = exports.isPreflightRequest = exports.withJsonBodyParser = exports.parseQueryParams = exports.parseJsonBody = exports.customErrorResponse = exports.internalErrorResponse = exports.validationErrorResponse = exports.conflictResponse = exports.notFoundResponse = exports.forbiddenResponse = exports.unauthorizedResponse = exports.badRequestResponse = exports.createdResponse = exports.successResponse = exports.createStandardResponse = exports.DefaultResponseCode = exports.HttpStatus = exports.RouteSegment = exports.EventType = exports.createOrchestrator = exports.detectEventType = void 0;
|
|
10
|
+
exports.requireFeature = exports.requirePermission = exports.crmGuard = exports.tenantGuard = exports.initTenantContext = exports.tenantInfoToHeaders = exports.tenantInfoFromHeaders = exports.tenantInfoFromClaims = exports.TENANT_HEADERS = exports.isPlan = exports.isTenantType = exports.TenantContext = exports.getCorsHeaders = exports.getHeader = exports.normalizeHeaders = exports.normalizePath = exports.hasPathParameters = exports.patternToRegex = exports.matchPath = exports.verifyJwt = exports.hasAllGroups = exports.hasAnyGroup = exports.validateIssuer = exports.extractUserPoolId = exports.extractIdentity = exports.withCors = exports.applyCorsHeaders = exports.createPreflightResponse = exports.isPreflightRequest = exports.withJsonBodyParser = exports.parseQueryParams = exports.parseJsonBody = exports.customErrorResponse = exports.internalErrorResponse = exports.validationErrorResponse = exports.conflictResponse = exports.notFoundResponse = exports.forbiddenResponse = exports.unauthorizedResponse = exports.badRequestResponse = exports.createdResponse = exports.successResponse = exports.createStandardResponse = exports.DefaultResponseCode = exports.HttpStatus = exports.RouteSegment = exports.EventType = exports.createOrchestrator = exports.detectEventType = void 0;
|
|
11
11
|
// Core dispatcher
|
|
12
12
|
var dispatcher_js_1 = require("./dispatcher.js");
|
|
13
13
|
Object.defineProperty(exports, "dispatchEvent", { enumerable: true, get: function () { return dispatcher_js_1.dispatchEvent; } });
|
|
@@ -77,4 +77,6 @@ var index_js_1 = require("./middleware/index.js");
|
|
|
77
77
|
Object.defineProperty(exports, "initTenantContext", { enumerable: true, get: function () { return index_js_1.initTenantContext; } });
|
|
78
78
|
Object.defineProperty(exports, "tenantGuard", { enumerable: true, get: function () { return index_js_1.tenantGuard; } });
|
|
79
79
|
Object.defineProperty(exports, "crmGuard", { enumerable: true, get: function () { return index_js_1.crmGuard; } });
|
|
80
|
+
Object.defineProperty(exports, "requirePermission", { enumerable: true, get: function () { return index_js_1.requirePermission; } });
|
|
81
|
+
Object.defineProperty(exports, "requireFeature", { enumerable: true, get: function () { return index_js_1.requireFeature; } });
|
|
80
82
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAEH,kBAAkB;AAClB,iDAAqF;AAA5E,8GAAA,aAAa,OAAA;AAAE,gHAAA,eAAe,OAAA;AAAE,mHAAA,kBAAkB,OAAA;AAE3D,QAAQ;AACR,iEAGoC;AAFlC,+GAAA,SAAS,OAAA;AACT,kHAAA,YAAY,OAAA;AAyBd,iBAAiB;AACjB,kDAgB4B;AAf1B,yGAAA,UAAU,OAAA;AAGV,kHAAA,mBAAmB,OAAA;AACnB,qHAAA,sBAAsB,OAAA;AACtB,8GAAA,eAAe,OAAA;AACf,8GAAA,eAAe,OAAA;AACf,iHAAA,kBAAkB,OAAA;AAClB,mHAAA,oBAAoB,OAAA;AACpB,gHAAA,iBAAiB,OAAA;AACjB,+GAAA,gBAAgB,OAAA;AAChB,+GAAA,gBAAgB,OAAA;AAChB,sHAAA,uBAAuB,OAAA;AACvB,oHAAA,qBAAqB,OAAA;AACrB,kHAAA,mBAAmB,OAAA;AAGrB,wDAI+B;AAH7B,+GAAA,aAAa,OAAA;AACb,kHAAA,gBAAgB,OAAA;AAChB,oHAAA,kBAAkB,OAAA;AAGpB,0CAKwB;AAJtB,6GAAA,kBAAkB,OAAA;AAClB,kHAAA,uBAAuB,OAAA;AACvB,2GAAA,gBAAgB,OAAA;AAChB,mGAAA,QAAQ,OAAA;AAGV,qBAAqB;AACrB,wDAMiC;AAL/B,+GAAA,eAAe,OAAA;AACf,iHAAA,iBAAiB,OAAA;AACjB,8GAAA,cAAc,OAAA;AACd,2GAAA,WAAW,OAAA;AACX,4GAAA,YAAY,OAAA;AAKd,8DAAuD;AAA9C,4GAAA,SAAS,OAAA;AAElB,iBAAiB;AACjB,2DAKiC;AAJ/B,4GAAA,SAAS,OAAA;AACT,iHAAA,cAAc,OAAA;AACd,oHAAA,iBAAiB,OAAA;AACjB,gHAAA,aAAa,OAAA;AAGf,mBAAmB;AACnB,iDAI4B;AAH1B,8GAAA,gBAAgB,OAAA;AAChB,uGAAA,SAAS,OAAA;AACT,4GAAA,cAAc,OAAA;AAGhB,iBAAiB;AACjB,8DAA0D;AAAjD,iHAAA,aAAa,OAAA;AAUtB,8CAI2B;AAHzB,wGAAA,YAAY,OAAA;AACZ,kGAAA,MAAM,OAAA;AACN,0GAAA,cAAc,OAAA;AAGhB,kDAI6B;AAH3B,kHAAA,oBAAoB,OAAA;AACpB,mHAAA,qBAAqB,OAAA;AACrB,iHAAA,mBAAmB,OAAA;AAGrB,oBAAoB;AACpB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAEH,kBAAkB;AAClB,iDAAqF;AAA5E,8GAAA,aAAa,OAAA;AAAE,gHAAA,eAAe,OAAA;AAAE,mHAAA,kBAAkB,OAAA;AAE3D,QAAQ;AACR,iEAGoC;AAFlC,+GAAA,SAAS,OAAA;AACT,kHAAA,YAAY,OAAA;AAyBd,iBAAiB;AACjB,kDAgB4B;AAf1B,yGAAA,UAAU,OAAA;AAGV,kHAAA,mBAAmB,OAAA;AACnB,qHAAA,sBAAsB,OAAA;AACtB,8GAAA,eAAe,OAAA;AACf,8GAAA,eAAe,OAAA;AACf,iHAAA,kBAAkB,OAAA;AAClB,mHAAA,oBAAoB,OAAA;AACpB,gHAAA,iBAAiB,OAAA;AACjB,+GAAA,gBAAgB,OAAA;AAChB,+GAAA,gBAAgB,OAAA;AAChB,sHAAA,uBAAuB,OAAA;AACvB,oHAAA,qBAAqB,OAAA;AACrB,kHAAA,mBAAmB,OAAA;AAGrB,wDAI+B;AAH7B,+GAAA,aAAa,OAAA;AACb,kHAAA,gBAAgB,OAAA;AAChB,oHAAA,kBAAkB,OAAA;AAGpB,0CAKwB;AAJtB,6GAAA,kBAAkB,OAAA;AAClB,kHAAA,uBAAuB,OAAA;AACvB,2GAAA,gBAAgB,OAAA;AAChB,mGAAA,QAAQ,OAAA;AAGV,qBAAqB;AACrB,wDAMiC;AAL/B,+GAAA,eAAe,OAAA;AACf,iHAAA,iBAAiB,OAAA;AACjB,8GAAA,cAAc,OAAA;AACd,2GAAA,WAAW,OAAA;AACX,4GAAA,YAAY,OAAA;AAKd,8DAAuD;AAA9C,4GAAA,SAAS,OAAA;AAElB,iBAAiB;AACjB,2DAKiC;AAJ/B,4GAAA,SAAS,OAAA;AACT,iHAAA,cAAc,OAAA;AACd,oHAAA,iBAAiB,OAAA;AACjB,gHAAA,aAAa,OAAA;AAGf,mBAAmB;AACnB,iDAI4B;AAH1B,8GAAA,gBAAgB,OAAA;AAChB,uGAAA,SAAS,OAAA;AACT,4GAAA,cAAc,OAAA;AAGhB,iBAAiB;AACjB,8DAA0D;AAAjD,iHAAA,aAAa,OAAA;AAUtB,8CAI2B;AAHzB,wGAAA,YAAY,OAAA;AACZ,kGAAA,MAAM,OAAA;AACN,0GAAA,cAAc,OAAA;AAGhB,kDAI6B;AAH3B,kHAAA,oBAAoB,OAAA;AACpB,mHAAA,qBAAqB,OAAA;AACrB,iHAAA,mBAAmB,OAAA;AAGrB,oBAAoB;AACpB,kDAM+B;AAL7B,6GAAA,iBAAiB,OAAA;AACjB,uGAAA,WAAW,OAAA;AACX,oGAAA,QAAQ,OAAA;AACR,6GAAA,iBAAiB,OAAA;AACjB,0GAAA,cAAc,OAAA"}
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
export { initTenantContext } from './init-tenant-context.js';
|
|
2
2
|
export { tenantGuard } from './tenant-guard.js';
|
|
3
3
|
export { crmGuard } from './crm-guard.js';
|
|
4
|
+
export { requirePermission } from './require-permission.js';
|
|
5
|
+
export { requireFeature } from './require-feature.js';
|
|
4
6
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC"}
|
package/dist/middleware/index.js
CHANGED
|
@@ -1,10 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.crmGuard = exports.tenantGuard = exports.initTenantContext = void 0;
|
|
3
|
+
exports.requireFeature = exports.requirePermission = exports.crmGuard = exports.tenantGuard = exports.initTenantContext = void 0;
|
|
4
4
|
var init_tenant_context_js_1 = require("./init-tenant-context.js");
|
|
5
5
|
Object.defineProperty(exports, "initTenantContext", { enumerable: true, get: function () { return init_tenant_context_js_1.initTenantContext; } });
|
|
6
6
|
var tenant_guard_js_1 = require("./tenant-guard.js");
|
|
7
7
|
Object.defineProperty(exports, "tenantGuard", { enumerable: true, get: function () { return tenant_guard_js_1.tenantGuard; } });
|
|
8
8
|
var crm_guard_js_1 = require("./crm-guard.js");
|
|
9
9
|
Object.defineProperty(exports, "crmGuard", { enumerable: true, get: function () { return crm_guard_js_1.crmGuard; } });
|
|
10
|
+
var require_permission_js_1 = require("./require-permission.js");
|
|
11
|
+
Object.defineProperty(exports, "requirePermission", { enumerable: true, get: function () { return require_permission_js_1.requirePermission; } });
|
|
12
|
+
var require_feature_js_1 = require("./require-feature.js");
|
|
13
|
+
Object.defineProperty(exports, "requireFeature", { enumerable: true, get: function () { return require_feature_js_1.requireFeature; } });
|
|
10
14
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":";;;AAAA,mEAA6D;AAApD,2HAAA,iBAAiB,OAAA;AAC1B,qDAAgD;AAAvC,8GAAA,WAAW,OAAA;AACpB,+CAA0C;AAAjC,wGAAA,QAAQ,OAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":";;;AAAA,mEAA6D;AAApD,2HAAA,iBAAiB,OAAA;AAC1B,qDAAgD;AAAvC,8GAAA,WAAW,OAAA;AACpB,+CAA0C;AAAjC,wGAAA,QAAQ,OAAA;AACjB,iEAA4D;AAAnD,0HAAA,iBAAiB,OAAA;AAC1B,2DAAsD;AAA7C,oHAAA,cAAc,OAAA"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
import type { MiddlewareFn } from '../types/routes.js';
|
|
2
|
+
/**
|
|
3
|
+
* Factory that builds a route-level premium-feature guard.
|
|
4
|
+
*
|
|
5
|
+
* Reads the `features` claim (a CSV of feature CODES) from
|
|
6
|
+
* event.context.identity.claims.features, minted by ml-auth's
|
|
7
|
+
* PreTokenGeneration. The claim holds the premium feature codes the tenant's
|
|
8
|
+
* plan TIER unlocks (tenant-wide). Passes when the identity holds AT LEAST ONE
|
|
9
|
+
* of the required codes. PLATFORM_ADMIN always bypasses.
|
|
10
|
+
*
|
|
11
|
+
* The features model is DEFAULT-OPEN: only premium endpoints attach this guard;
|
|
12
|
+
* unrestricted (free) endpoints attach nothing. So a feature that is not gated
|
|
13
|
+
* never reaches this middleware.
|
|
14
|
+
*
|
|
15
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
16
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT features claim).
|
|
17
|
+
*
|
|
18
|
+
* Throws forbiddenResponse (403, code FEATURE_NOT_IN_PLAN) on a miss; the
|
|
19
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
20
|
+
*
|
|
21
|
+
* Usage:
|
|
22
|
+
* ```typescript
|
|
23
|
+
* private: {
|
|
24
|
+
* post: {
|
|
25
|
+
* '/properties/{id}/ai-description': {
|
|
26
|
+
* handler: generateAiDescription,
|
|
27
|
+
* middleware: [requireFeature('aiDescriptions')],
|
|
28
|
+
* },
|
|
29
|
+
* },
|
|
30
|
+
* }
|
|
31
|
+
* ```
|
|
32
|
+
*
|
|
33
|
+
* @param code - A single feature code, or an array (ANY match passes).
|
|
34
|
+
*/
|
|
35
|
+
export declare function requireFeature(code: string | string[]): MiddlewareFn;
|
|
36
|
+
//# sourceMappingURL=require-feature.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"require-feature.d.ts","sourceRoot":"","sources":["../../src/middleware/require-feature.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAmB,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAqBxE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,YAAY,CAqBpE"}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.requireFeature = requireFeature;
|
|
4
|
+
const response_js_1 = require("../http/response.js");
|
|
5
|
+
const extractor_js_1 = require("../identity/extractor.js");
|
|
6
|
+
/**
|
|
7
|
+
* Groups that bypass the feature check.
|
|
8
|
+
* PLATFORM_ADMIN = MLHolding employees in the Backoffice pool.
|
|
9
|
+
*/
|
|
10
|
+
const FEATURE_BYPASS_ROLES = ['PLATFORM_ADMIN'];
|
|
11
|
+
/**
|
|
12
|
+
* Parses the `features` JWT claim into a string[] of feature CODES.
|
|
13
|
+
* The claim can arrive as a comma-separated string (Cognito) or an array,
|
|
14
|
+
* mirroring how parseGroups handles cognito:groups.
|
|
15
|
+
*/
|
|
16
|
+
function parseFeatures(features) {
|
|
17
|
+
if (!features)
|
|
18
|
+
return [];
|
|
19
|
+
if (Array.isArray(features))
|
|
20
|
+
return features;
|
|
21
|
+
return features.split(',').map(f => f.trim()).filter(Boolean);
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Factory that builds a route-level premium-feature guard.
|
|
25
|
+
*
|
|
26
|
+
* Reads the `features` claim (a CSV of feature CODES) from
|
|
27
|
+
* event.context.identity.claims.features, minted by ml-auth's
|
|
28
|
+
* PreTokenGeneration. The claim holds the premium feature codes the tenant's
|
|
29
|
+
* plan TIER unlocks (tenant-wide). Passes when the identity holds AT LEAST ONE
|
|
30
|
+
* of the required codes. PLATFORM_ADMIN always bypasses.
|
|
31
|
+
*
|
|
32
|
+
* The features model is DEFAULT-OPEN: only premium endpoints attach this guard;
|
|
33
|
+
* unrestricted (free) endpoints attach nothing. So a feature that is not gated
|
|
34
|
+
* never reaches this middleware.
|
|
35
|
+
*
|
|
36
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
37
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT features claim).
|
|
38
|
+
*
|
|
39
|
+
* Throws forbiddenResponse (403, code FEATURE_NOT_IN_PLAN) on a miss; the
|
|
40
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
41
|
+
*
|
|
42
|
+
* Usage:
|
|
43
|
+
* ```typescript
|
|
44
|
+
* private: {
|
|
45
|
+
* post: {
|
|
46
|
+
* '/properties/{id}/ai-description': {
|
|
47
|
+
* handler: generateAiDescription,
|
|
48
|
+
* middleware: [requireFeature('aiDescriptions')],
|
|
49
|
+
* },
|
|
50
|
+
* },
|
|
51
|
+
* }
|
|
52
|
+
* ```
|
|
53
|
+
*
|
|
54
|
+
* @param code - A single feature code, or an array (ANY match passes).
|
|
55
|
+
*/
|
|
56
|
+
function requireFeature(code) {
|
|
57
|
+
const requiredCodes = Array.isArray(code) ? code : [code];
|
|
58
|
+
return async (event) => {
|
|
59
|
+
// PLATFORM_ADMIN bypasses the feature check
|
|
60
|
+
if ((0, extractor_js_1.hasAnyGroup)(event.context.identity, FEATURE_BYPASS_ROLES)) {
|
|
61
|
+
return event;
|
|
62
|
+
}
|
|
63
|
+
const unlocked = parseFeatures(event.context.identity?.claims?.features);
|
|
64
|
+
const hasAny = requiredCodes.some(required => unlocked.includes(required));
|
|
65
|
+
if (!hasAny) {
|
|
66
|
+
throw (0, response_js_1.forbiddenResponse)(`Missing required feature: ${requiredCodes.join(' or ')}`, 'FEATURE_NOT_IN_PLAN');
|
|
67
|
+
}
|
|
68
|
+
return event;
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
//# sourceMappingURL=require-feature.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"require-feature.js","sourceRoot":"","sources":["../../src/middleware/require-feature.ts"],"names":[],"mappings":";;AAsDA,wCAqBC;AA1ED,qDAAwD;AACxD,2DAAuD;AAEvD;;;GAGG;AACH,MAAM,oBAAoB,GAAG,CAAC,gBAAgB,CAAC,CAAC;AAEhD;;;;GAIG;AACH,SAAS,aAAa,CAAC,QAAuC;IAC5D,IAAI,CAAC,QAAQ;QAAE,OAAO,EAAE,CAAC;IACzB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC7C,OAAO,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAChE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,SAAgB,cAAc,CAAC,IAAuB;IACpD,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE1D,OAAO,KAAK,EAAE,KAAsB,EAA4B,EAAE;QAChE,4CAA4C;QAC5C,IAAI,IAAA,0BAAW,EAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,oBAAoB,CAAC,EAAE,CAAC;YAC9D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;QAEzE,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC3E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAA,+BAAiB,EACrB,6BAA6B,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,EACzD,qBAA4B,CAC7B,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import type { MiddlewareFn } from '../types/routes.js';
|
|
2
|
+
/**
|
|
3
|
+
* Factory that builds a route-level authorization guard.
|
|
4
|
+
*
|
|
5
|
+
* Reads the `permissions` claim (a CSV of permission CODES) from
|
|
6
|
+
* event.context.identity.claims.permissions, minted by ml-auth's
|
|
7
|
+
* PreTokenGeneration. Passes when the identity holds AT LEAST ONE of the
|
|
8
|
+
* required codes. PLATFORM_ADMIN always bypasses.
|
|
9
|
+
*
|
|
10
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
11
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT permissions claim).
|
|
12
|
+
*
|
|
13
|
+
* Throws forbiddenResponse (403, code PERMISSION_DENIED) on a miss; the
|
|
14
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
15
|
+
*
|
|
16
|
+
* Usage:
|
|
17
|
+
* ```typescript
|
|
18
|
+
* backoffice: {
|
|
19
|
+
* post: {
|
|
20
|
+
* '/backoffice/plans': {
|
|
21
|
+
* handler: createPlan,
|
|
22
|
+
* middleware: [requirePermission('MANAGE_PLANS')],
|
|
23
|
+
* },
|
|
24
|
+
* },
|
|
25
|
+
* }
|
|
26
|
+
* ```
|
|
27
|
+
*
|
|
28
|
+
* @param code - A single permission code, or an array (ANY match passes).
|
|
29
|
+
*/
|
|
30
|
+
export declare function requirePermission(code: string | string[]): MiddlewareFn;
|
|
31
|
+
//# sourceMappingURL=require-permission.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"require-permission.d.ts","sourceRoot":"","sources":["../../src/middleware/require-permission.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAmB,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAqBxE;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,YAAY,CAqBvE"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.requirePermission = requirePermission;
|
|
4
|
+
const response_js_1 = require("../http/response.js");
|
|
5
|
+
const extractor_js_1 = require("../identity/extractor.js");
|
|
6
|
+
/**
|
|
7
|
+
* Groups that bypass the permission check.
|
|
8
|
+
* PLATFORM_ADMIN = MLHolding employees in the Backoffice pool.
|
|
9
|
+
*/
|
|
10
|
+
const PERMISSION_BYPASS_ROLES = ['PLATFORM_ADMIN'];
|
|
11
|
+
/**
|
|
12
|
+
* Parses the `permissions` JWT claim into a string[] of permission CODES.
|
|
13
|
+
* The claim can arrive as a comma-separated string (Cognito) or an array,
|
|
14
|
+
* mirroring how parseGroups handles cognito:groups.
|
|
15
|
+
*/
|
|
16
|
+
function parsePermissions(permissions) {
|
|
17
|
+
if (!permissions)
|
|
18
|
+
return [];
|
|
19
|
+
if (Array.isArray(permissions))
|
|
20
|
+
return permissions;
|
|
21
|
+
return permissions.split(',').map(p => p.trim()).filter(Boolean);
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Factory that builds a route-level authorization guard.
|
|
25
|
+
*
|
|
26
|
+
* Reads the `permissions` claim (a CSV of permission CODES) from
|
|
27
|
+
* event.context.identity.claims.permissions, minted by ml-auth's
|
|
28
|
+
* PreTokenGeneration. Passes when the identity holds AT LEAST ONE of the
|
|
29
|
+
* required codes. PLATFORM_ADMIN always bypasses.
|
|
30
|
+
*
|
|
31
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
32
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT permissions claim).
|
|
33
|
+
*
|
|
34
|
+
* Throws forbiddenResponse (403, code PERMISSION_DENIED) on a miss; the
|
|
35
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
36
|
+
*
|
|
37
|
+
* Usage:
|
|
38
|
+
* ```typescript
|
|
39
|
+
* backoffice: {
|
|
40
|
+
* post: {
|
|
41
|
+
* '/backoffice/plans': {
|
|
42
|
+
* handler: createPlan,
|
|
43
|
+
* middleware: [requirePermission('MANAGE_PLANS')],
|
|
44
|
+
* },
|
|
45
|
+
* },
|
|
46
|
+
* }
|
|
47
|
+
* ```
|
|
48
|
+
*
|
|
49
|
+
* @param code - A single permission code, or an array (ANY match passes).
|
|
50
|
+
*/
|
|
51
|
+
function requirePermission(code) {
|
|
52
|
+
const requiredCodes = Array.isArray(code) ? code : [code];
|
|
53
|
+
return async (event) => {
|
|
54
|
+
// PLATFORM_ADMIN bypasses the permission check
|
|
55
|
+
if ((0, extractor_js_1.hasAnyGroup)(event.context.identity, PERMISSION_BYPASS_ROLES)) {
|
|
56
|
+
return event;
|
|
57
|
+
}
|
|
58
|
+
const granted = parsePermissions(event.context.identity?.claims?.permissions);
|
|
59
|
+
const hasAny = requiredCodes.some(required => granted.includes(required));
|
|
60
|
+
if (!hasAny) {
|
|
61
|
+
throw (0, response_js_1.forbiddenResponse)(`Missing required permission: ${requiredCodes.join(' or ')}`, 'PERMISSION_DENIED');
|
|
62
|
+
}
|
|
63
|
+
return event;
|
|
64
|
+
};
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=require-permission.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"require-permission.js","sourceRoot":"","sources":["../../src/middleware/require-permission.ts"],"names":[],"mappings":";;AAiDA,8CAqBC;AArED,qDAAwD;AACxD,2DAAuD;AAEvD;;;GAGG;AACH,MAAM,uBAAuB,GAAG,CAAC,gBAAgB,CAAC,CAAC;AAEnD;;;;GAIG;AACH,SAAS,gBAAgB,CAAC,WAA0C;IAClE,IAAI,CAAC,WAAW;QAAE,OAAO,EAAE,CAAC;IAC5B,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC;QAAE,OAAO,WAAW,CAAC;IACnD,OAAO,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACnE,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,SAAgB,iBAAiB,CAAC,IAAuB;IACvD,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE1D,OAAO,KAAK,EAAE,KAAsB,EAA4B,EAAE;QAChE,+CAA+C;QAC/C,IAAI,IAAA,0BAAW,EAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,uBAAuB,CAAC,EAAE,CAAC;YACjE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;QAE9E,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC1E,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAA,+BAAiB,EACrB,gCAAgC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,EAC5D,mBAA0B,CAC3B,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "serverless-event-orchestrator",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.6.0",
|
|
4
4
|
"description": "A lightweight, type-safe event dispatcher and middleware orchestrator for AWS Lambda. Designed for hexagonal architectures with support for segmented routing (public, private, backoffice), Cognito User Pool validation, and built-in infrastructure middlewares.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
package/src/dispatcher.ts
CHANGED
|
@@ -485,6 +485,13 @@ export async function dispatchEvent(
|
|
|
485
485
|
if (routeMatch.middleware?.length) {
|
|
486
486
|
normalized = await executeMiddleware(routeMatch.middleware, normalized);
|
|
487
487
|
}
|
|
488
|
+
|
|
489
|
+
// Execute per-route middleware (RouteConfig.middleware) — runs LAST,
|
|
490
|
+
// after global and segment middleware, so route-level guards like
|
|
491
|
+
// requirePermission(...) and crmGuard see a fully-initialized context.
|
|
492
|
+
if (routeMatch.config.middleware?.length) {
|
|
493
|
+
normalized = await executeMiddleware(routeMatch.config.middleware, normalized);
|
|
494
|
+
}
|
|
488
495
|
} catch (thrown) {
|
|
489
496
|
// If middleware threw an HttpResponse (e.g., forbiddenResponse from tenantGuard), return it
|
|
490
497
|
if (isHttpResponse(thrown)) {
|
package/src/index.ts
CHANGED
package/src/middleware/index.ts
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
1
|
export { initTenantContext } from './init-tenant-context.js';
|
|
2
2
|
export { tenantGuard } from './tenant-guard.js';
|
|
3
3
|
export { crmGuard } from './crm-guard.js';
|
|
4
|
+
export { requirePermission } from './require-permission.js';
|
|
5
|
+
export { requireFeature } from './require-feature.js';
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
import type { NormalizedEvent, MiddlewareFn } from '../types/routes.js';
|
|
2
|
+
import { forbiddenResponse } from '../http/response.js';
|
|
3
|
+
import { hasAnyGroup } from '../identity/extractor.js';
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Groups that bypass the feature check.
|
|
7
|
+
* PLATFORM_ADMIN = MLHolding employees in the Backoffice pool.
|
|
8
|
+
*/
|
|
9
|
+
const FEATURE_BYPASS_ROLES = ['PLATFORM_ADMIN'];
|
|
10
|
+
|
|
11
|
+
/**
|
|
12
|
+
* Parses the `features` JWT claim into a string[] of feature CODES.
|
|
13
|
+
* The claim can arrive as a comma-separated string (Cognito) or an array,
|
|
14
|
+
* mirroring how parseGroups handles cognito:groups.
|
|
15
|
+
*/
|
|
16
|
+
function parseFeatures(features: string | string[] | undefined): string[] {
|
|
17
|
+
if (!features) return [];
|
|
18
|
+
if (Array.isArray(features)) return features;
|
|
19
|
+
return features.split(',').map(f => f.trim()).filter(Boolean);
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
/**
|
|
23
|
+
* Factory that builds a route-level premium-feature guard.
|
|
24
|
+
*
|
|
25
|
+
* Reads the `features` claim (a CSV of feature CODES) from
|
|
26
|
+
* event.context.identity.claims.features, minted by ml-auth's
|
|
27
|
+
* PreTokenGeneration. The claim holds the premium feature codes the tenant's
|
|
28
|
+
* plan TIER unlocks (tenant-wide). Passes when the identity holds AT LEAST ONE
|
|
29
|
+
* of the required codes. PLATFORM_ADMIN always bypasses.
|
|
30
|
+
*
|
|
31
|
+
* The features model is DEFAULT-OPEN: only premium endpoints attach this guard;
|
|
32
|
+
* unrestricted (free) endpoints attach nothing. So a feature that is not gated
|
|
33
|
+
* never reaches this middleware.
|
|
34
|
+
*
|
|
35
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
36
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT features claim).
|
|
37
|
+
*
|
|
38
|
+
* Throws forbiddenResponse (403, code FEATURE_NOT_IN_PLAN) on a miss; the
|
|
39
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
40
|
+
*
|
|
41
|
+
* Usage:
|
|
42
|
+
* ```typescript
|
|
43
|
+
* private: {
|
|
44
|
+
* post: {
|
|
45
|
+
* '/properties/{id}/ai-description': {
|
|
46
|
+
* handler: generateAiDescription,
|
|
47
|
+
* middleware: [requireFeature('aiDescriptions')],
|
|
48
|
+
* },
|
|
49
|
+
* },
|
|
50
|
+
* }
|
|
51
|
+
* ```
|
|
52
|
+
*
|
|
53
|
+
* @param code - A single feature code, or an array (ANY match passes).
|
|
54
|
+
*/
|
|
55
|
+
export function requireFeature(code: string | string[]): MiddlewareFn {
|
|
56
|
+
const requiredCodes = Array.isArray(code) ? code : [code];
|
|
57
|
+
|
|
58
|
+
return async (event: NormalizedEvent): Promise<NormalizedEvent> => {
|
|
59
|
+
// PLATFORM_ADMIN bypasses the feature check
|
|
60
|
+
if (hasAnyGroup(event.context.identity, FEATURE_BYPASS_ROLES)) {
|
|
61
|
+
return event;
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
const unlocked = parseFeatures(event.context.identity?.claims?.features);
|
|
65
|
+
|
|
66
|
+
const hasAny = requiredCodes.some(required => unlocked.includes(required));
|
|
67
|
+
if (!hasAny) {
|
|
68
|
+
throw forbiddenResponse(
|
|
69
|
+
`Missing required feature: ${requiredCodes.join(' or ')}`,
|
|
70
|
+
'FEATURE_NOT_IN_PLAN' as any
|
|
71
|
+
);
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
return event;
|
|
75
|
+
};
|
|
76
|
+
}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import type { NormalizedEvent, MiddlewareFn } from '../types/routes.js';
|
|
2
|
+
import { forbiddenResponse } from '../http/response.js';
|
|
3
|
+
import { hasAnyGroup } from '../identity/extractor.js';
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Groups that bypass the permission check.
|
|
7
|
+
* PLATFORM_ADMIN = MLHolding employees in the Backoffice pool.
|
|
8
|
+
*/
|
|
9
|
+
const PERMISSION_BYPASS_ROLES = ['PLATFORM_ADMIN'];
|
|
10
|
+
|
|
11
|
+
/**
|
|
12
|
+
* Parses the `permissions` JWT claim into a string[] of permission CODES.
|
|
13
|
+
* The claim can arrive as a comma-separated string (Cognito) or an array,
|
|
14
|
+
* mirroring how parseGroups handles cognito:groups.
|
|
15
|
+
*/
|
|
16
|
+
function parsePermissions(permissions: string | string[] | undefined): string[] {
|
|
17
|
+
if (!permissions) return [];
|
|
18
|
+
if (Array.isArray(permissions)) return permissions;
|
|
19
|
+
return permissions.split(',').map(p => p.trim()).filter(Boolean);
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
/**
|
|
23
|
+
* Factory that builds a route-level authorization guard.
|
|
24
|
+
*
|
|
25
|
+
* Reads the `permissions` claim (a CSV of permission CODES) from
|
|
26
|
+
* event.context.identity.claims.permissions, minted by ml-auth's
|
|
27
|
+
* PreTokenGeneration. Passes when the identity holds AT LEAST ONE of the
|
|
28
|
+
* required codes. PLATFORM_ADMIN always bypasses.
|
|
29
|
+
*
|
|
30
|
+
* Attach ONLY on private/backoffice routes — NEVER on internal routes
|
|
31
|
+
* (those are Lambda-to-Lambda IAM-authed and carry no JWT permissions claim).
|
|
32
|
+
*
|
|
33
|
+
* Throws forbiddenResponse (403, code PERMISSION_DENIED) on a miss; the
|
|
34
|
+
* dispatcher catches the thrown HttpResponse and returns it.
|
|
35
|
+
*
|
|
36
|
+
* Usage:
|
|
37
|
+
* ```typescript
|
|
38
|
+
* backoffice: {
|
|
39
|
+
* post: {
|
|
40
|
+
* '/backoffice/plans': {
|
|
41
|
+
* handler: createPlan,
|
|
42
|
+
* middleware: [requirePermission('MANAGE_PLANS')],
|
|
43
|
+
* },
|
|
44
|
+
* },
|
|
45
|
+
* }
|
|
46
|
+
* ```
|
|
47
|
+
*
|
|
48
|
+
* @param code - A single permission code, or an array (ANY match passes).
|
|
49
|
+
*/
|
|
50
|
+
export function requirePermission(code: string | string[]): MiddlewareFn {
|
|
51
|
+
const requiredCodes = Array.isArray(code) ? code : [code];
|
|
52
|
+
|
|
53
|
+
return async (event: NormalizedEvent): Promise<NormalizedEvent> => {
|
|
54
|
+
// PLATFORM_ADMIN bypasses the permission check
|
|
55
|
+
if (hasAnyGroup(event.context.identity, PERMISSION_BYPASS_ROLES)) {
|
|
56
|
+
return event;
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
const granted = parsePermissions(event.context.identity?.claims?.permissions);
|
|
60
|
+
|
|
61
|
+
const hasAny = requiredCodes.some(required => granted.includes(required));
|
|
62
|
+
if (!hasAny) {
|
|
63
|
+
throw forbiddenResponse(
|
|
64
|
+
`Missing required permission: ${requiredCodes.join(' or ')}`,
|
|
65
|
+
'PERMISSION_DENIED' as any
|
|
66
|
+
);
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
return event;
|
|
70
|
+
};
|
|
71
|
+
}
|
package/tests/dispatcher.test.ts
CHANGED
|
@@ -679,6 +679,108 @@ describe('dispatchEvent - User Pool Validation', () => {
|
|
|
679
679
|
});
|
|
680
680
|
});
|
|
681
681
|
|
|
682
|
+
describe('dispatchEvent - Per-Route Middleware (RouteConfig.middleware)', () => {
|
|
683
|
+
beforeEach(() => {
|
|
684
|
+
jest.clearAllMocks();
|
|
685
|
+
});
|
|
686
|
+
|
|
687
|
+
it('should execute middleware declared on an individual route', async () => {
|
|
688
|
+
const handler = jest.fn().mockResolvedValue({ statusCode: 200, body: '{}' });
|
|
689
|
+
const routeMw = jest.fn().mockImplementation((event: NormalizedEvent) => event);
|
|
690
|
+
|
|
691
|
+
const routes: DispatchRoutes = {
|
|
692
|
+
apigateway: {
|
|
693
|
+
private: {
|
|
694
|
+
get: {
|
|
695
|
+
'/profile': { handler, middleware: [routeMw] },
|
|
696
|
+
},
|
|
697
|
+
},
|
|
698
|
+
} as SegmentedHttpRouter,
|
|
699
|
+
};
|
|
700
|
+
|
|
701
|
+
const event = {
|
|
702
|
+
requestContext: { requestId: '123' },
|
|
703
|
+
httpMethod: 'GET',
|
|
704
|
+
resource: '/profile',
|
|
705
|
+
path: '/profile',
|
|
706
|
+
headers: {},
|
|
707
|
+
body: null,
|
|
708
|
+
};
|
|
709
|
+
|
|
710
|
+
await dispatchEvent(event, routes);
|
|
711
|
+
|
|
712
|
+
expect(routeMw).toHaveBeenCalledTimes(1);
|
|
713
|
+
expect(handler).toHaveBeenCalledTimes(1);
|
|
714
|
+
});
|
|
715
|
+
|
|
716
|
+
it('should run middleware in order: global -> segment -> route', async () => {
|
|
717
|
+
const callOrder: string[] = [];
|
|
718
|
+
const globalMw = jest.fn().mockImplementation((e: NormalizedEvent) => { callOrder.push('global'); return e; });
|
|
719
|
+
const segmentMw = jest.fn().mockImplementation((e: NormalizedEvent) => { callOrder.push('segment'); return e; });
|
|
720
|
+
const routeMw = jest.fn().mockImplementation((e: NormalizedEvent) => { callOrder.push('route'); return e; });
|
|
721
|
+
const handler = jest.fn().mockImplementation((_e: NormalizedEvent) => { callOrder.push('handler'); return { statusCode: 200, body: '{}' }; });
|
|
722
|
+
|
|
723
|
+
const routes: DispatchRoutes = {
|
|
724
|
+
apigateway: {
|
|
725
|
+
private: {
|
|
726
|
+
middleware: [segmentMw],
|
|
727
|
+
routes: {
|
|
728
|
+
get: {
|
|
729
|
+
'/profile': { handler, middleware: [routeMw] },
|
|
730
|
+
},
|
|
731
|
+
},
|
|
732
|
+
},
|
|
733
|
+
} as any,
|
|
734
|
+
};
|
|
735
|
+
|
|
736
|
+
const event = {
|
|
737
|
+
requestContext: { requestId: '123' },
|
|
738
|
+
httpMethod: 'GET',
|
|
739
|
+
resource: '/profile',
|
|
740
|
+
path: '/profile',
|
|
741
|
+
headers: {},
|
|
742
|
+
body: null,
|
|
743
|
+
};
|
|
744
|
+
|
|
745
|
+
await dispatchEvent(event, routes, { globalMiddleware: [globalMw] });
|
|
746
|
+
|
|
747
|
+
expect(callOrder).toEqual(['global', 'segment', 'route', 'handler']);
|
|
748
|
+
});
|
|
749
|
+
|
|
750
|
+
it('should short-circuit and return the HttpResponse a per-route middleware throws', async () => {
|
|
751
|
+
const handler = jest.fn().mockResolvedValue({ statusCode: 200, body: '{}' });
|
|
752
|
+
const blockingMw = jest.fn().mockImplementation(async () => {
|
|
753
|
+
throw { statusCode: 403, body: JSON.stringify({ status: 403, code: 'PERMISSION_DENIED' }) };
|
|
754
|
+
});
|
|
755
|
+
|
|
756
|
+
const routes: DispatchRoutes = {
|
|
757
|
+
apigateway: {
|
|
758
|
+
backoffice: {
|
|
759
|
+
post: {
|
|
760
|
+
'/backoffice/plans': { handler, middleware: [blockingMw] },
|
|
761
|
+
},
|
|
762
|
+
},
|
|
763
|
+
} as SegmentedHttpRouter,
|
|
764
|
+
};
|
|
765
|
+
|
|
766
|
+
const event = {
|
|
767
|
+
requestContext: { requestId: '123' },
|
|
768
|
+
httpMethod: 'POST',
|
|
769
|
+
resource: '/backoffice/plans',
|
|
770
|
+
path: '/backoffice/plans',
|
|
771
|
+
headers: {},
|
|
772
|
+
body: null,
|
|
773
|
+
};
|
|
774
|
+
|
|
775
|
+
const result = await dispatchEvent(event, routes);
|
|
776
|
+
|
|
777
|
+
expect(blockingMw).toHaveBeenCalledTimes(1);
|
|
778
|
+
expect(handler).not.toHaveBeenCalled();
|
|
779
|
+
expect(result.statusCode).toBe(403);
|
|
780
|
+
expect(JSON.parse(result.body).code).toBe('PERMISSION_DENIED');
|
|
781
|
+
});
|
|
782
|
+
});
|
|
783
|
+
|
|
682
784
|
describe('dispatchEvent - Internal Segment', () => {
|
|
683
785
|
const mockHandler = jest.fn().mockResolvedValue({ statusCode: 200, body: '{}' });
|
|
684
786
|
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
import { requireFeature } from '../../src/middleware/require-feature';
|
|
2
|
+
import { RouteSegment } from '../../src/types/event-type.enum';
|
|
3
|
+
import type { NormalizedEvent } from '../../src/types/routes';
|
|
4
|
+
|
|
5
|
+
function createEvent(options: {
|
|
6
|
+
features?: string | string[];
|
|
7
|
+
groups?: string[];
|
|
8
|
+
}): NormalizedEvent {
|
|
9
|
+
const claims: Record<string, any> = {};
|
|
10
|
+
if (options.features !== undefined) {
|
|
11
|
+
claims.features = options.features;
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
return {
|
|
15
|
+
eventRaw: {},
|
|
16
|
+
eventType: 'apigateway',
|
|
17
|
+
payload: { headers: {} },
|
|
18
|
+
params: {},
|
|
19
|
+
context: {
|
|
20
|
+
segment: RouteSegment.Private,
|
|
21
|
+
identity: {
|
|
22
|
+
userId: 'user-1',
|
|
23
|
+
groups: options.groups ?? [],
|
|
24
|
+
claims,
|
|
25
|
+
},
|
|
26
|
+
requestId: 'req-test',
|
|
27
|
+
},
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
describe('requireFeature', () => {
|
|
32
|
+
it('allows access when the required code is present (CSV claim)', async () => {
|
|
33
|
+
const mw = requireFeature('aiDescriptions');
|
|
34
|
+
const event = createEvent({ features: 'virtualTours,aiDescriptions,bulkExport' });
|
|
35
|
+
const result = await mw(event);
|
|
36
|
+
expect(result).toBeDefined();
|
|
37
|
+
});
|
|
38
|
+
|
|
39
|
+
it('allows access when the required code is present (array claim)', async () => {
|
|
40
|
+
const mw = requireFeature('aiDescriptions');
|
|
41
|
+
const event = createEvent({ features: ['virtualTours', 'aiDescriptions'] });
|
|
42
|
+
const result = await mw(event);
|
|
43
|
+
expect(result).toBeDefined();
|
|
44
|
+
});
|
|
45
|
+
|
|
46
|
+
it('throws 403 when the required code is missing', async () => {
|
|
47
|
+
const mw = requireFeature('aiDescriptions');
|
|
48
|
+
const event = createEvent({ features: 'virtualTours,bulkExport' });
|
|
49
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
50
|
+
});
|
|
51
|
+
|
|
52
|
+
it('throws 403 when the features claim is absent', async () => {
|
|
53
|
+
const mw = requireFeature('aiDescriptions');
|
|
54
|
+
const event = createEvent({});
|
|
55
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
it('error body includes FEATURE_NOT_IN_PLAN code and the missing feature', async () => {
|
|
59
|
+
const mw = requireFeature('bulkExport');
|
|
60
|
+
const event = createEvent({ features: 'aiDescriptions' });
|
|
61
|
+
try {
|
|
62
|
+
await mw(event);
|
|
63
|
+
fail('Should have thrown');
|
|
64
|
+
} catch (err: any) {
|
|
65
|
+
expect(err.statusCode).toBe(403);
|
|
66
|
+
const body = JSON.parse(err.body);
|
|
67
|
+
expect(body.code).toBe('FEATURE_NOT_IN_PLAN');
|
|
68
|
+
expect(body.message).toContain('bulkExport');
|
|
69
|
+
}
|
|
70
|
+
});
|
|
71
|
+
|
|
72
|
+
it('PLATFORM_ADMIN bypasses the feature check even with no features claim', async () => {
|
|
73
|
+
const mw = requireFeature('aiDescriptions');
|
|
74
|
+
const event = createEvent({ groups: ['PLATFORM_ADMIN'] });
|
|
75
|
+
const result = await mw(event);
|
|
76
|
+
expect(result).toBeDefined();
|
|
77
|
+
});
|
|
78
|
+
|
|
79
|
+
it('accepts string[] arg and passes when ANY required code is present', async () => {
|
|
80
|
+
const mw = requireFeature(['virtualTours', 'aiDescriptions']);
|
|
81
|
+
const event = createEvent({ features: 'bulkExport,aiDescriptions' });
|
|
82
|
+
const result = await mw(event);
|
|
83
|
+
expect(result).toBeDefined();
|
|
84
|
+
});
|
|
85
|
+
|
|
86
|
+
it('throws 403 with string[] arg when NONE of the required codes are present', async () => {
|
|
87
|
+
const mw = requireFeature(['virtualTours', 'aiDescriptions']);
|
|
88
|
+
const event = createEvent({ features: 'bulkExport,advancedSearch' });
|
|
89
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
90
|
+
});
|
|
91
|
+
|
|
92
|
+
it('trims whitespace in CSV claim values', async () => {
|
|
93
|
+
const mw = requireFeature('aiDescriptions');
|
|
94
|
+
const event = createEvent({ features: ' virtualTours , aiDescriptions , bulkExport ' });
|
|
95
|
+
const result = await mw(event);
|
|
96
|
+
expect(result).toBeDefined();
|
|
97
|
+
});
|
|
98
|
+
});
|
|
99
|
+
|
|
100
|
+
describe('requireFeature barrel exports', () => {
|
|
101
|
+
it('is exported from the middleware barrel', async () => {
|
|
102
|
+
const barrel = await import('../../src/middleware/index');
|
|
103
|
+
expect(typeof barrel.requireFeature).toBe('function');
|
|
104
|
+
});
|
|
105
|
+
|
|
106
|
+
it('is exported from the root barrel', async () => {
|
|
107
|
+
const root = await import('../../src/index');
|
|
108
|
+
expect(typeof root.requireFeature).toBe('function');
|
|
109
|
+
});
|
|
110
|
+
});
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
import { requirePermission } from '../../src/middleware/require-permission';
|
|
2
|
+
import { RouteSegment } from '../../src/types/event-type.enum';
|
|
3
|
+
import type { NormalizedEvent } from '../../src/types/routes';
|
|
4
|
+
|
|
5
|
+
function createEvent(options: {
|
|
6
|
+
permissions?: string | string[];
|
|
7
|
+
groups?: string[];
|
|
8
|
+
}): NormalizedEvent {
|
|
9
|
+
const claims: Record<string, any> = {};
|
|
10
|
+
if (options.permissions !== undefined) {
|
|
11
|
+
claims.permissions = options.permissions;
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
return {
|
|
15
|
+
eventRaw: {},
|
|
16
|
+
eventType: 'apigateway',
|
|
17
|
+
payload: { headers: {} },
|
|
18
|
+
params: {},
|
|
19
|
+
context: {
|
|
20
|
+
segment: RouteSegment.Backoffice,
|
|
21
|
+
identity: {
|
|
22
|
+
userId: 'user-1',
|
|
23
|
+
groups: options.groups ?? [],
|
|
24
|
+
claims,
|
|
25
|
+
},
|
|
26
|
+
requestId: 'req-test',
|
|
27
|
+
},
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
describe('requirePermission', () => {
|
|
32
|
+
it('allows access when the required code is present (CSV claim)', async () => {
|
|
33
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
34
|
+
const event = createEvent({ permissions: 'READ_PROPERTY,MANAGE_PLANS,MANAGE_ROLES' });
|
|
35
|
+
const result = await mw(event);
|
|
36
|
+
expect(result).toBeDefined();
|
|
37
|
+
});
|
|
38
|
+
|
|
39
|
+
it('allows access when the required code is present (array claim)', async () => {
|
|
40
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
41
|
+
const event = createEvent({ permissions: ['READ_PROPERTY', 'MANAGE_PLANS'] });
|
|
42
|
+
const result = await mw(event);
|
|
43
|
+
expect(result).toBeDefined();
|
|
44
|
+
});
|
|
45
|
+
|
|
46
|
+
it('throws 403 when the required code is missing', async () => {
|
|
47
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
48
|
+
const event = createEvent({ permissions: 'READ_PROPERTY,CREATE_PROPERTY' });
|
|
49
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
50
|
+
});
|
|
51
|
+
|
|
52
|
+
it('throws 403 when the permissions claim is absent', async () => {
|
|
53
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
54
|
+
const event = createEvent({});
|
|
55
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
it('error body includes PERMISSION_DENIED code and the missing permission', async () => {
|
|
59
|
+
const mw = requirePermission('MANAGE_PERMISSIONS');
|
|
60
|
+
const event = createEvent({ permissions: 'READ_PROPERTY' });
|
|
61
|
+
try {
|
|
62
|
+
await mw(event);
|
|
63
|
+
fail('Should have thrown');
|
|
64
|
+
} catch (err: any) {
|
|
65
|
+
expect(err.statusCode).toBe(403);
|
|
66
|
+
const body = JSON.parse(err.body);
|
|
67
|
+
expect(body.code).toBe('PERMISSION_DENIED');
|
|
68
|
+
expect(body.message).toContain('MANAGE_PERMISSIONS');
|
|
69
|
+
}
|
|
70
|
+
});
|
|
71
|
+
|
|
72
|
+
it('PLATFORM_ADMIN bypasses the permission check even with no permissions claim', async () => {
|
|
73
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
74
|
+
const event = createEvent({ groups: ['PLATFORM_ADMIN'] });
|
|
75
|
+
const result = await mw(event);
|
|
76
|
+
expect(result).toBeDefined();
|
|
77
|
+
});
|
|
78
|
+
|
|
79
|
+
it('accepts string[] arg and passes when ANY required code is present', async () => {
|
|
80
|
+
const mw = requirePermission(['MANAGE_ROLES', 'MANAGE_USERS']);
|
|
81
|
+
const event = createEvent({ permissions: 'READ_PROPERTY,MANAGE_USERS' });
|
|
82
|
+
const result = await mw(event);
|
|
83
|
+
expect(result).toBeDefined();
|
|
84
|
+
});
|
|
85
|
+
|
|
86
|
+
it('throws 403 with string[] arg when NONE of the required codes are present', async () => {
|
|
87
|
+
const mw = requirePermission(['MANAGE_ROLES', 'MANAGE_USERS']);
|
|
88
|
+
const event = createEvent({ permissions: 'READ_PROPERTY,CREATE_PROPERTY' });
|
|
89
|
+
await expect(mw(event)).rejects.toMatchObject({ statusCode: 403 });
|
|
90
|
+
});
|
|
91
|
+
|
|
92
|
+
it('trims whitespace in CSV claim values', async () => {
|
|
93
|
+
const mw = requirePermission('MANAGE_PLANS');
|
|
94
|
+
const event = createEvent({ permissions: ' READ_PROPERTY , MANAGE_PLANS , MANAGE_ROLES ' });
|
|
95
|
+
const result = await mw(event);
|
|
96
|
+
expect(result).toBeDefined();
|
|
97
|
+
});
|
|
98
|
+
});
|
|
99
|
+
|
|
100
|
+
describe('requirePermission barrel exports', () => {
|
|
101
|
+
it('is exported from the middleware barrel', async () => {
|
|
102
|
+
const barrel = await import('../../src/middleware/index');
|
|
103
|
+
expect(typeof barrel.requirePermission).toBe('function');
|
|
104
|
+
});
|
|
105
|
+
|
|
106
|
+
it('is exported from the root barrel', async () => {
|
|
107
|
+
const root = await import('../../src/index');
|
|
108
|
+
expect(typeof root.requirePermission).toBe('function');
|
|
109
|
+
});
|
|
110
|
+
});
|