wu-framework 2.5.0 → 2.6.0

package/dist/wu-framework.dev.js

@@ -1,4 +1,4 @@
-/*! wu-framework v2.5.0 | MIT License */
+/*! wu-framework v2.6.0 | MIT License */
 import { logger } from './core/wu-logger.js';
 export { enableAllLogs, silenceAllLogs } from './core/wu-logger.js';
 export { WuLoader } from './core/wu-loader.js';
@@ -7400,6 +7400,11 @@ class WuCore {
     // Estado
     this.isInitialized = false;
 
+    // RBAC: principal actual (quién usa el sistema). Las apps que declaran
+    // `roles` (en su config o manifest) solo se montan si el principal está
+    // autorizado. null = sin principal (las apps restringidas se niegan).
+    this._principal = null;
+
     logger.wuInfo('Wu Framework initialized - Universal Microfrontends');
   }
 
@@ -7495,6 +7500,63 @@ class WuCore {
     }
   }
 
+  // ── RBAC: aislamiento rol↔módulo (declarativo, enforced en mount) ──────────
+
+  /**
+   * Fija el principal actual (rol/permisos del usuario). Las apps que declaran
+   * `roles` solo se montan si el principal está autorizado. Se refleja también
+   * en wu.store('auth.principal') para que apps/DevTools lo lean.
+   * @param {{role?: string, roles?: string[], permissions?: string[]}|null} principal
+   * @returns {Object|null} el principal efectivo
+   */
+  setPrincipal(principal) {
+    this._principal = principal || null;
+    try { this.store.set('auth.principal', this._principal); } catch { /* store opcional */ }
+    this.eventBus.emit('principal:changed', { principal: this._principal });
+    return this._principal;
+  }
+
+  /** @returns {Object|null} el principal actual */
+  getPrincipal() {
+    return this._principal;
+  }
+
+  /** Roles permitidos para montar `appName` (de config o manifest), o null si es público. */
+  _requiredRoles(appName) {
+    const app = this.apps.get(appName);
+    const manifest = this.manifests.get(appName);
+    const roles = app?.roles ?? manifest?.wu?.roles ?? manifest?.roles ?? null;
+    return Array.isArray(roles) && roles.length ? roles : null;
+  }
+
+  /** Roles que porta el principal actual (role + roles[]). */
+  _principalRoles() {
+    const p = this._principal;
+    if (!p) return [];
+    const out = [];
+    if (typeof p.role === 'string') out.push(p.role);
+    if (Array.isArray(p.roles)) out.push(...p.roles);
+    return out;
+  }
+
+  /**
+   * ¿Puede el principal actual montar/acceder a `appName`?
+   * App pública (sin `roles`) → siempre true. App restringida → requiere un
+   * principal cuyos roles intersecten, o un permiso `mount:*` / `mount:<app>`.
+   * @param {string} appName
+   * @returns {boolean}
+   */
+  can(appName) {
+    const required = this._requiredRoles(appName);
+    if (!required) return true; // módulo público
+    const p = this._principal;
+    if (!p) return false; // restringido y sin principal
+    const perms = Array.isArray(p.permissions) ? p.permissions : [];
+    if (perms.includes('mount:*') || perms.includes(`mount:${appName}`)) return true;
+    const roles = this._principalRoles();
+    return roles.some((r) => required.includes(r));
+  }
+
   /**
    * Definir lifecycle de una micro-app
    * @param {string} appName - Nombre de la app
@@ -7533,6 +7595,27 @@ class WuCore {
    * @param {string} containerSelector - Selector del contenedor
    */
   async mount(appName, containerSelector) {
+    // ── RBAC: negar el montaje de módulos para los que el principal no está
+    // autorizado. Se chequea ANTES del ref-counting → un deny es un early-throw
+    // limpio, sin efectos. Emite `access:denied` (bus) y `wu:access:denied` (DOM)
+    // para que el shell muestre un fallback. NOTA: es enforcement client-side —
+    // mejora corrección/UX; la barrera dura es el server (no servir el bundle).
+    if (!this.can(appName)) {
+      const required = this._requiredRoles(appName) || [];
+      const role = this._principal?.role ?? null;
+      this.eventBus.emit('access:denied', { appName, role, required }, { appName });
+      try {
+        window.dispatchEvent(new CustomEvent('wu:access:denied', { detail: { appName, role, required } }));
+      } catch { /* no-DOM env */ }
+      const err = new Error(
+        `[Wu] Access denied: el rol '${role ?? 'ninguno'}' no puede montar '${appName}' (requiere: ${required.join(', ') || 'un principal'})`,
+      );
+      err.code = 'WU_ACCESS_DENIED';
+      err.appName = appName;
+      err.required = required;
+      throw err;
+    }
+
     // ── StrictMode + Suspense compat: reference counting ──
     // Old approach was a single 60ms grace timer cancelled by the second
     // mount(). That works for one mount→unmount→mount cycle but breaks
@@ -9445,9 +9528,9 @@ if (typeof window !== 'undefined') {
 // Augment the instance everywhere (browser AND Node/SSR) — the d.ts declares
 // these members unconditionally on WuCore, so they must exist in any runtime.
 if (!wu.version) {
-  // "2.5.0" is replaced at build time with package.json version.
+  // "2.6.0" is replaced at build time with package.json version.
   // Fallback handles raw-source imports (no bundler).
-  wu.version = "2.5.0" ;
+  wu.version = "2.6.0" ;
   wu.info = {
     name: 'Wu Framework',
     description: 'Universal Microfrontends',
@@ -9646,6 +9729,12 @@ const useHook = (phase, middleware, opts) => wu.hooks.use(phase, middleware, opt
 const provide = (name, impl, opts) => wu.contracts.provide(name, impl, opts);
 const consume = (name, range, opts) => wu.contracts.consume(name, range, opts);
 
+// RBAC: aislamiento rol↔módulo (v2.6+). `setPrincipal` fija quién usa el sistema;
+// las apps que declaran `roles` solo se montan si el principal está autorizado.
+const setPrincipal = (principal) => wu.setPrincipal(principal);
+const getPrincipal = () => wu.getPrincipal();
+const can = (appName) => wu.can(appName);
+
 // --- AI subsystem ---
 // AI classes were previously re-exported from this entry point. Doing so anchored
 // the ~80 KB AI chunk to the main bundle. As of v2.0, AI is loaded lazily via the
@@ -9658,5 +9747,5 @@ const consume = (name, range, opts) => wu.contracts.consume(name, range, opts);
 //
 // For runtime use, prefer `wu.ai.*` — it auto-loads the chunk on first method call.
 
-export { WuApp, WuCache, WuContracts, WuCore, WuErrorBoundary, WuEventBus, WuLifecycleHooks, WuLoadingStrategy, WuManifest, WuOverrides, WuPerformance, WuPluginSystem, WuPrefetch, WuProxySandbox, WuSandbox, WuStore, WuStyleBridge, app, clearOverrides, compareVersions, consume, createConditionalHook, createGuardHook, createPlugin, createSimpleHook, createTimedHook, createTransformHook, wu_default as default, define, destroy, emit, endMeasure, generatePerformanceReport, getOverrides, getState, hide, init, isHidden, mount, normalizeStyleMode, off, on, onStateChange, once, override, parseVersion, prefetch, prefetchAll, provide, removeOverride, satisfies, setState, show, startMeasure, store, syncStore, unmount, useHook, usePlugin, wu };
+export { WuApp, WuCache, WuContracts, WuCore, WuErrorBoundary, WuEventBus, WuLifecycleHooks, WuLoadingStrategy, WuManifest, WuOverrides, WuPerformance, WuPluginSystem, WuPrefetch, WuProxySandbox, WuSandbox, WuStore, WuStyleBridge, app, can, clearOverrides, compareVersions, consume, createConditionalHook, createGuardHook, createPlugin, createSimpleHook, createTimedHook, createTransformHook, wu_default as default, define, destroy, emit, endMeasure, generatePerformanceReport, getOverrides, getPrincipal, getState, hide, init, isHidden, mount, normalizeStyleMode, off, on, onStateChange, once, override, parseVersion, prefetch, prefetchAll, provide, removeOverride, satisfies, setPrincipal, setState, show, startMeasure, store, syncStore, unmount, useHook, usePlugin, wu };
 //# sourceMappingURL=wu-framework.dev.js.map