UNPKG

@cerbos/core

Version:

Common types used by the Cerbos client libraries

github.com/cerbos/cerbos-sdk-javascript/tree/main/packages/core

cerbos/cerbos-sdk-javascript

725 lines • 28.6 kB

JavaScript

"use strict"; /* eslint-disable @typescript-eslint/no-deprecated */ Object.defineProperty(exports, "__esModule", { value: true }); exports.unexpected = void 0; exports.accessLogEntryFromProtobuf = accessLogEntryFromProtobuf; exports.decisionLogEntryFromProtobuf = decisionLogEntryFromProtobuf; exports.checkInputFromProtobuf = checkInputFromProtobuf; exports.checkOutputFromProtobuf = checkOutputFromProtobuf; exports.checkResourcesResponseFromProtobuf = checkResourcesResponseFromProtobuf; exports.deleteSchemasResponseFromProtobuf = deleteSchemasResponseFromProtobuf; exports.disablePoliciesResponseFromProtobuf = disablePoliciesResponseFromProtobuf; exports.enablePoliciesResponseFromProtobuf = enablePoliciesResponseFromProtobuf; exports.getPoliciesResponseFromProtobuf = getPoliciesResponseFromProtobuf; exports.healthCheckResponseFromProtobuf = healthCheckResponseFromProtobuf; exports.policyFromProtobuf = policyFromProtobuf; exports.getSchemasResponseFromProtobuf = getSchemasResponseFromProtobuf; exports.inspectPoliciesResponseFromProtobuf = inspectPoliciesResponseFromProtobuf; exports.listPoliciesResponseFromProtobuf = listPoliciesResponseFromProtobuf; exports.listSchemasResponseFromProtobuf = listSchemasResponseFromProtobuf; exports.planResourcesResponseFromProtobuf = planResourcesResponseFromProtobuf; exports.translateEnum = translateEnum; exports.requireField = requireField; const audit_1 = require("../protobuf/cerbos/audit/v1/audit"); const effect_1 = require("../protobuf/cerbos/effect/v1/effect"); const engine_1 = require("../protobuf/cerbos/engine/v1/engine"); const policy_1 = require("../protobuf/cerbos/policy/v1/policy"); const response_1 = require("../protobuf/cerbos/response/v1/response"); const schema_1 = require("../protobuf/cerbos/schema/v1/schema"); const health_1 = require("../protobuf/grpc/health/v1/health"); const external_1 = require("../types/external"); function accessLogEntryFromProtobuf({ entry, }) { requireOneOf("ListAuditLogEntriesResponse.entry", entry, "accessLogEntry"); const { callId, timestamp, peer, metadata, method, statusCode, oversized, policySource, } = entry.accessLogEntry; requireField("AccessLogEntry.timestamp", timestamp); requireField("AccessLogEntry.peer", peer); return { callId, timestamp, peer: peerFromProtobuf(peer), metadata: auditLogMetadataFromProtobuf(metadata), method, statusCode, oversized, policySource: policySource && policySourceFromProtobuf(policySource), }; } function decisionLogEntryFromProtobuf({ entry, }) { requireOneOf("ListAuditLogEntriesResponse.entry", entry, "decisionLogEntry"); const { callId, timestamp, peer, metadata, auditTrail, method, oversized, policySource, } = entry.decisionLogEntry; requireField("DecisionLogEntry.timestamp", timestamp); requireField("DecisionLogEntry.peer", peer); return { callId, timestamp, peer: peerFromProtobuf(peer), metadata: auditLogMetadataFromProtobuf(metadata), auditTrail: auditTrailFromProtobuf(auditTrail), method: decisionLogEntryMethodFromProtobuf(method), oversized, policySource: policySource && policySourceFromProtobuf(policySource), }; } function peerFromProtobuf({ address, authInfo, userAgent, forwardedFor, }) { return { address, authInfo, userAgent, forwardedFor, }; } function auditLogMetadataFromProtobuf(metadata) { return Object.fromEntries(Object.entries(metadata).map(([key, { values }]) => [key, values])); } function auditTrailFromProtobuf({ effectivePolicies } = { effectivePolicies: {} }) { return { effectivePolicies: Object.fromEntries(Object.entries(effectivePolicies).map(([policyId, sourceAttributes]) => [ policyId, sourceAttributesFromProtobuf(sourceAttributes), ])), }; } function policySourceFromProtobuf({ source, }) { return transformOneOf("PolicySource.source", source, { blob: ({ blob }) => policySourceBlobFromProtobuf(blob), database: ({ database }) => policySourceDatabaseFromProtobuf(database), disk: ({ disk }) => policySourceDiskFromProtobuf(disk), embeddedPdp: ({ embeddedPdp }) => policySourceEmbeddedPDPFromProtobuf(embeddedPdp), git: ({ git }) => policySourceGitFromProtobuf(git), hub: ({ hub }) => policySourceHubFromProtobuf(hub), }); } function policySourceBlobFromProtobuf({ bucketUrl, prefix, }) { return { kind: "blob", bucketUrl, prefix, }; } function policySourceDatabaseFromProtobuf({ driver, }) { return { kind: "database", driver: translateEnum("PolicySource.Database.Driver", audit_1.PolicySource_Database_Driver, driver, { [audit_1.PolicySource_Database_Driver.DRIVER_UNSPECIFIED]: exports.unexpected, [audit_1.PolicySource_Database_Driver.DRIVER_MYSQL]: external_1.DatabaseDriver.MYSQL, [audit_1.PolicySource_Database_Driver.DRIVER_POSTGRES]: external_1.DatabaseDriver.POSTGRES, [audit_1.PolicySource_Database_Driver.DRIVER_SQLITE3]: external_1.DatabaseDriver.SQLITE3, }), }; } function policySourceDiskFromProtobuf({ directory, }) { return { kind: "disk", directory, }; } function policySourceEmbeddedPDPFromProtobuf({ url, commitHash, builtAt, }) { return { kind: "embeddedPDP", url, commit: commitHash, builtAt, }; } function policySourceGitFromProtobuf({ repositoryUrl, branch, subdirectory, }) { return { kind: "git", repositoryUrl, branch, subdirectory, }; } function policySourceHubFromProtobuf({ source, }) { return { kind: "hub", ...policySourceHubSourceFromProtobuf(source), }; } function policySourceHubSourceFromProtobuf(source) { return transformOneOf("PolicySource.Hub.source", source, { label: ({ label }) => policySourceHubLabelFromProtobuf(label), deploymentId: ({ deploymentId }) => policySourceHubDeploymentFromProtobuf(deploymentId), playgroundId: ({ playgroundId }) => policySourceHubPlaygroundFromProtobuf(playgroundId), localBundle: ({ localBundle }) => policySourceHubLocalBundleFromProtobuf(localBundle), }); } function policySourceHubLabelFromProtobuf(label) { return { label }; } function policySourceHubDeploymentFromProtobuf(deploymentId) { return { deploymentId }; } function policySourceHubPlaygroundFromProtobuf(playgroundId) { return { playgroundId }; } function policySourceHubLocalBundleFromProtobuf(localBundle) { return { localBundle: localBundleFromProtobuf(localBundle) }; } function localBundleFromProtobuf({ path, }) { return { path }; } function decisionLogEntryMethodFromProtobuf(method) { return transformOneOf("DecisionLogEntry.method", method, { checkResources: ({ checkResources }) => decisionLogEntryCheckResourcesFromProtobuf(checkResources), planResources: ({ planResources }) => decisionLogEntryPlanResourcesFromProtobuf(planResources), }); } function decisionLogEntryCheckResourcesFromProtobuf({ inputs, outputs, error, }) { return { name: "CheckResources", inputs: inputs.map(checkInputFromProtobuf), outputs: outputs.map(checkOutputFromProtobuf), error: error || undefined, }; } /** @internal */ function checkInputFromProtobuf({ requestId, principal, resource, actions, auxData, }) { requireField("CheckInput.principal", principal); requireField("CheckInput.resource", resource); return { requestId, principal: principalFromProtobuf(principal), resource: resourceFromProtobuf(resource), actions, auxData: auxData && decodedAuxDataFromProtobuf(auxData), }; } function principalFromProtobuf({ id, roles, attr, policyVersion, scope, }) { return { id, roles, attr, policyVersion, scope, }; } function resourceFromProtobuf({ kind, id, attr, policyVersion, scope, }) { return { kind, id, attr, policyVersion, scope, }; } function decodedAuxDataFromProtobuf({ jwt }) { return { jwt }; } /** @internal */ function checkOutputFromProtobuf({ requestId, resourceId, actions, effectiveDerivedRoles, validationErrors, outputs, }) { return { requestId, resourceId, actions: Object.fromEntries(Object.entries(actions).map(([action, effect]) => [ action, checkOutputActionEffectFromProtobuf(effect), ])), effectiveDerivedRoles, validationErrors: validationErrors.map(validationErrorFromProtobuf), outputs: outputs.map(outputResultFromProtobuf), }; } function checkOutputActionEffectFromProtobuf({ effect, policy, scope, }) { return { effect: effectFromProtobuf(effect), policy, scope, }; } function decisionLogEntryPlanResourcesFromProtobuf({ input, output, error, }) { requireField("DecisionLogEntry.PlanResources.input", input); requireField("DecisionLogEntry.PlanResources.output", output); return { name: "PlanResources", input: planResourcesInputFromProtobuf(input), output: planResourcesOutputFromProtobuf(output), error: error || undefined, }; } function planResourcesInputFromProtobuf({ requestId, principal, resource, action, actions, auxData, }) { requireField("PlanResourcesInput.principal", principal); requireField("PlanResourcesInput.resource", resource); return { requestId, principal: principalFromProtobuf(principal), resource: resourceQueryFromProtobuf(resource), ...planResourcesActionsFromProtobuf({ action, actions }), auxData: auxData && decodedAuxDataFromProtobuf(auxData), }; } function resourceQueryFromProtobuf({ kind, attr, policyVersion, scope, }) { return { kind, attr, policyVersion, scope, }; } function planResourcesOutputFromProtobuf({ requestId, filter, filterDebug, action, actions, policyVersion, scope, validationErrors, }) { const base = { requestId, ...planResourcesActionsFromProtobuf({ action, actions }), policyVersion, scope, validationErrors: validationErrors.map(validationErrorFromProtobuf), }; requireField("PlanResourcesOutput.filter", filter); const kind = planKindFromProtobuf(filter.kind); if (kind !== external_1.PlanKind.CONDITIONAL) { return { ...base, kind }; } requireField("PlanResourcesFilter.condition", filter.condition); return { ...base, kind, condition: planOperandFromProtobuf(filter.condition), conditionString: filterDebug, }; } function planResourcesActionsFromProtobuf({ action, actions, }) { return { action: actions.length === 1 ? actions[0] : action, // eslint-disable-line @typescript-eslint/no-non-null-assertion actions: actions.length ? actions : [action], }; } function checkResourcesResponseFromProtobuf({ cerbosCallId, requestId, results, }) { return new external_1.CheckResourcesResponse({ cerbosCallId, requestId, results: results.map(checkResourcesResultFromProtobuf), }); } function checkResourcesResultFromProtobuf({ resource, actions, validationErrors, meta, outputs, }) { requireField("CheckResourcesResponse.ResultEntry.resource", resource); return new external_1.CheckResourcesResult({ resource, actions: actionsFromProtobuf(actions), validationErrors: validationErrors.map(validationErrorFromProtobuf), metadata: meta, outputs: outputs.map(outputResultFromProtobuf), }); } function actionsFromProtobuf(actions) { return Object.fromEntries(Object.entries(actions).map(([action, effect]) => [ action, effectFromProtobuf(effect), ])); } function effectFromProtobuf(effect) { return effect === effect_1.Effect.EFFECT_ALLOW ? external_1.Effect.ALLOW : external_1.Effect.DENY; } function validationErrorFromProtobuf({ path, message, source, }) { return { path, message, source: validationErrorSourceFromProtobuf(source), }; } function validationErrorSourceFromProtobuf(source) { return translateEnum("ValidationError.Source", schema_1.ValidationError_Source, source, { [schema_1.ValidationError_Source.SOURCE_UNSPECIFIED]: exports.unexpected, [schema_1.ValidationError_Source.SOURCE_PRINCIPAL]: external_1.ValidationErrorSource.PRINCIPAL, [schema_1.ValidationError_Source.SOURCE_RESOURCE]: external_1.ValidationErrorSource.RESOURCE, }); } function outputResultFromProtobuf({ src, val }) { return { source: src, value: val, }; } function deleteSchemasResponseFromProtobuf({ deletedSchemas, }) { return { deletedSchemas }; } function disablePoliciesResponseFromProtobuf({ disabledPolicies, }) { return { disabledPolicies }; } function enablePoliciesResponseFromProtobuf({ enabledPolicies, }) { return { enabledPolicies }; } function getPoliciesResponseFromProtobuf({ policies, }) { return { policies: policies.map(policyFromProtobuf) }; } function healthCheckResponseFromProtobuf({ status, }) { return { status: status === health_1.HealthCheckResponse_ServingStatus.SERVING ? external_1.ServiceStatus.SERVING : external_1.ServiceStatus.NOT_SERVING, }; } /** @internal */ function policyFromProtobuf({ apiVersion, description, disabled, metadata, variables, policyType, }) { return { apiVersion, description, disabled, metadata: metadata && policyMetadataFromProtobuf(metadata), variables, ...policyTypeFromProtobuf(policyType), }; } function policyMetadataFromProtobuf({ annotations, hash, sourceAttributes, sourceFile, storeIdentifer, storeIdentifier, }) { return { annotations, hash, sourceAttributes: sourceAttributesFromProtobuf(sourceAttributes), sourceFile, storeIdentifer: storeIdentifier || storeIdentifer, storeIdentifier: storeIdentifier || storeIdentifer, }; } function sourceAttributesFromProtobuf({ attributes } = { attributes: {} }) { return attributes; } function policyTypeFromProtobuf(policyType) { return transformOneOf("Policy.policyType", policyType, { derivedRoles: ({ derivedRoles }) => derivedRolesFromProtobuf(derivedRoles), exportConstants: ({ exportConstants }) => exportConstantsFromProtobuf(exportConstants), exportVariables: ({ exportVariables }) => exportVariablesFromProtobuf(exportVariables), principalPolicy: ({ principalPolicy }) => principalPolicyFromProtobuf(principalPolicy), resourcePolicy: ({ resourcePolicy }) => resourcePolicyFromProtobuf(resourcePolicy), rolePolicy: ({ rolePolicy }) => rolePolicyFromProtobuf(rolePolicy), }); } function derivedRolesFromProtobuf({ name, definitions, constants, variables, }) { return { derivedRoles: { name, definitions: definitions.map(derivedRoleDefinitionFromProtobuf), constants: constants && constantsFromProtobuf(constants), variables: variables && variablesFromProtobuf(variables), }, }; } function derivedRoleDefinitionFromProtobuf({ name, parentRoles, condition, }) { return { name, parentRoles, condition: condition && conditionFromProtobuf(condition), }; } function conditionFromProtobuf({ condition }) { requireOneOf("Condition.condition", condition, "match"); return { match: matchFromProtobuf(condition.match) }; } function matchFromProtobuf({ op }) { return transformOneOf("Match.op", op, { all: ({ all }) => ({ all: matchesFromProtobuf(all) }), any: ({ any }) => ({ any: matchesFromProtobuf(any) }), none: ({ none }) => ({ none: matchesFromProtobuf(none) }), expr: ({ expr }) => ({ expr }), }); } function matchesFromProtobuf({ of }) { return { of: of.map(matchFromProtobuf) }; } function constantsFromProtobuf({ import: imports, local, }) { return { import: imports, local, }; } function exportConstantsFromProtobuf({ name, definitions, }) { return { exportConstants: { name, definitions, }, }; } function variablesFromProtobuf({ import: imports, local, }) { return { import: imports, local, }; } function exportVariablesFromProtobuf({ name, definitions, }) { return { exportVariables: { name, definitions, }, }; } function principalPolicyFromProtobuf({ principal, version, rules, scope, scopePermissions, constants, variables, }) { return { principalPolicy: { principal, version, rules: rules.map(principalRuleFromProtobuf), scope, scopePermissions: scopePermissionsFromProtobuf(scopePermissions), constants: constants && constantsFromProtobuf(constants), variables: variables && variablesFromProtobuf(variables), }, }; } function principalRuleFromProtobuf({ resource, actions, }) { return { resource, actions: actions.map(principalRuleActionFromProtobuf), }; } function principalRuleActionFromProtobuf({ action, effect, condition, name, output, }) { return { action, effect: effectFromProtobuf(effect), condition: condition && conditionFromProtobuf(condition), name, output: output && outputFromProtobuf(output), }; } function outputFromProtobuf({ expr, when }) { const output = {}; if (expr) { output.expr = expr; } if (when) { output.when = when; } return output; } function resourcePolicyFromProtobuf({ resource, version, importDerivedRoles, rules, schemas, scope, scopePermissions, constants, variables, }) { return { resourcePolicy: { resource, version, importDerivedRoles, rules: rules.map(resourceRuleFromProtobuf), schemas: schemas && schemaRefsFromProtobuf(schemas), scope, scopePermissions: scopePermissionsFromProtobuf(scopePermissions), constants: constants && constantsFromProtobuf(constants), variables: variables && variablesFromProtobuf(variables), }, }; } function resourceRuleFromProtobuf({ actions, effect, derivedRoles, roles, condition, name, output, }) { return { actions, effect: effectFromProtobuf(effect), derivedRoles, roles, condition: condition && conditionFromProtobuf(condition), name, output: output && outputFromProtobuf(output), }; } function rolePolicyFromProtobuf({ policyType, parentRoles, scope, rules, }) { requireOneOf("RolePolicy.policyType", policyType, "role"); return { rolePolicy: { role: policyType.role, parentRoles: parentRoles, scope, rules: rules.map(roleRuleFromProtobuf), }, }; } function roleRuleFromProtobuf({ resource, allowActions, }) { return { resource, allowActions, }; } function scopePermissionsFromProtobuf(scopePermissions) { return translateEnum("ScopePermissions", policy_1.ScopePermissions, scopePermissions, { [policy_1.ScopePermissions.SCOPE_PERMISSIONS_UNSPECIFIED]: undefined, [policy_1.ScopePermissions.SCOPE_PERMISSIONS_OVERRIDE_PARENT]: external_1.ScopePermissions.OVERRIDE_PARENT, [policy_1.ScopePermissions.SCOPE_PERMISSIONS_REQUIRE_PARENTAL_CONSENT_FOR_ALLOWS]: external_1.ScopePermissions.REQUIRE_PARENTAL_CONSENT_FOR_ALLOWS, }); } function schemaRefsFromProtobuf({ principalSchema, resourceSchema, }) { return { principalSchema: principalSchema && schemaRefFromProtobuf(principalSchema), resourceSchema: resourceSchema && schemaRefFromProtobuf(resourceSchema), }; } function schemaRefFromProtobuf({ ref, ignoreWhen }) { return { ref, ignoreWhen: ignoreWhen && { actions: ignoreWhen.actions }, }; } function getSchemasResponseFromProtobuf({ schemas, }) { return { schemas: schemas.map(schemaFromProtobuf) }; } function schemaFromProtobuf({ id, definition }) { return { id, definition: new external_1.SchemaDefinition(definition), }; } function inspectPoliciesResponseFromProtobuf({ results, }) { return { policies: Object.fromEntries(Object.entries(results).map(([id, result]) => [ id, inspectedPolicyFromProtobuf(result), ])), }; } function inspectedPolicyFromProtobuf({ policyId, actions, attributes, constants, derivedRoles, variables, }) { return { id: policyId, actions, attributes: attributes.map(inspectedAttributeFromProtobuf), constants: constants.map(inspectedConstantFromProtobuf), derivedRoles: derivedRoles.map(inspectedDerivedRoleFromProtobuf), variables: variables.map(inspectedVariableFromProtobuf), }; } function inspectedAttributeFromProtobuf({ kind, name, }) { return { kind: inspectedAttributeKindFromProtobuf(kind), name, }; } function inspectedAttributeKindFromProtobuf(kind) { return translateEnum("InspectPoliciesResponse.Attribute.Kind", response_1.InspectPoliciesResponse_Attribute_Kind, kind, { [response_1.InspectPoliciesResponse_Attribute_Kind.KIND_UNSPECIFIED]: exports.unexpected, [response_1.InspectPoliciesResponse_Attribute_Kind.KIND_PRINCIPAL_ATTRIBUTE]: external_1.InspectedAttributeKind.PRINCIPAL, [response_1.InspectPoliciesResponse_Attribute_Kind.KIND_RESOURCE_ATTRIBUTE]: external_1.InspectedAttributeKind.RESOURCE, }); } function inspectedConstantFromProtobuf({ kind, name, value, source, used, }) { return { kind: inspectedConstantKindFromProtobuf(kind), name, value: value, source: source || undefined, used, }; } function inspectedConstantKindFromProtobuf(kind) { return translateEnum("InspectPoliciesResponse.Constant.Kind", response_1.InspectPoliciesResponse_Constant_Kind, kind, { [response_1.InspectPoliciesResponse_Constant_Kind.KIND_UNSPECIFIED]: exports.unexpected, [response_1.InspectPoliciesResponse_Constant_Kind.KIND_EXPORTED]: external_1.InspectedConstantKind.EXPORTED, [response_1.InspectPoliciesResponse_Constant_Kind.KIND_IMPORTED]: external_1.InspectedConstantKind.IMPORTED, [response_1.InspectPoliciesResponse_Constant_Kind.KIND_LOCAL]: external_1.InspectedConstantKind.LOCAL, [response_1.InspectPoliciesResponse_Constant_Kind.KIND_UNDEFINED]: external_1.InspectedConstantKind.UNDEFINED, [response_1.InspectPoliciesResponse_Constant_Kind.KIND_UNKNOWN]: external_1.InspectedConstantKind.UNKNOWN, }); } function inspectedDerivedRoleFromProtobuf({ kind, name, source, }) { return { kind: inspectedDerivedRoleKindFromProtobuf(kind), name, source: source || undefined, }; } function inspectedDerivedRoleKindFromProtobuf(kind) { return translateEnum("InspectPoliciesResponse.DerivedRole.Kind", response_1.InspectPoliciesResponse_DerivedRole_Kind, kind, { [response_1.InspectPoliciesResponse_DerivedRole_Kind.KIND_UNSPECIFIED]: exports.unexpected, [response_1.InspectPoliciesResponse_DerivedRole_Kind.KIND_EXPORTED]: external_1.InspectedDerivedRoleKind.EXPORTED, [response_1.InspectPoliciesResponse_DerivedRole_Kind.KIND_IMPORTED]: external_1.InspectedDerivedRoleKind.IMPORTED, [response_1.InspectPoliciesResponse_DerivedRole_Kind.KIND_UNDEFINED]: external_1.InspectedDerivedRoleKind.UNDEFINED, }); } function inspectedVariableFromProtobuf({ kind, name, value, source, used, }) { return { kind: inspectedVariableKindFromProtobuf(kind), name, definition: value || undefined, source: source || undefined, used, }; } function inspectedVariableKindFromProtobuf(kind) { return translateEnum("InspectPoliciesResponse.Variable.Kind", response_1.InspectPoliciesResponse_Variable_Kind, kind, { [response_1.InspectPoliciesResponse_Variable_Kind.KIND_UNSPECIFIED]: exports.unexpected, [response_1.InspectPoliciesResponse_Variable_Kind.KIND_EXPORTED]: external_1.InspectedVariableKind.EXPORTED, [response_1.InspectPoliciesResponse_Variable_Kind.KIND_IMPORTED]: external_1.InspectedVariableKind.IMPORTED, [response_1.InspectPoliciesResponse_Variable_Kind.KIND_LOCAL]: external_1.InspectedVariableKind.LOCAL, [response_1.InspectPoliciesResponse_Variable_Kind.KIND_UNDEFINED]: external_1.InspectedVariableKind.UNDEFINED, [response_1.InspectPoliciesResponse_Variable_Kind.KIND_UNKNOWN]: external_1.InspectedVariableKind.UNKNOWN, }); } function listPoliciesResponseFromProtobuf({ policyIds, }) { return { ids: policyIds }; } function listSchemasResponseFromProtobuf({ schemaIds, }) { return { ids: schemaIds }; } function planResourcesResponseFromProtobuf({ cerbosCallId, requestId, filter, validationErrors, meta, }) { const base = { cerbosCallId, requestId, validationErrors: validationErrors.map(validationErrorFromProtobuf), metadata: meta && planResourcesMetadataFromProtobuf(meta), }; requireField("PlanResourcesResponse.filter", filter); const kind = planKindFromProtobuf(filter.kind); if (kind !== external_1.PlanKind.CONDITIONAL) { return { ...base, kind }; } requireField("PlanResourcesFilter.condition", filter.condition); return { ...base, kind, condition: planOperandFromProtobuf(filter.condition), }; } function planKindFromProtobuf(kind) { return translateEnum("PlanResourcesFilter.Kind", engine_1.PlanResourcesFilter_Kind, kind, { [engine_1.PlanResourcesFilter_Kind.KIND_UNSPECIFIED]: exports.unexpected, [engine_1.PlanResourcesFilter_Kind.KIND_ALWAYS_ALLOWED]: external_1.PlanKind.ALWAYS_ALLOWED, [engine_1.PlanResourcesFilter_Kind.KIND_ALWAYS_DENIED]: external_1.PlanKind.ALWAYS_DENIED, [engine_1.PlanResourcesFilter_Kind.KIND_CONDITIONAL]: external_1.PlanKind.CONDITIONAL, }); } function planOperandFromProtobuf({ node, }) { return transformOneOf("PlanResourcesFilter.Expression.Operand.node", node, { expression: ({ expression }) => new external_1.PlanExpression(expression.operator, expression.operands.map(planOperandFromProtobuf)), value: ({ value }) => new external_1.PlanExpressionValue((value ?? null)), variable: ({ variable }) => new external_1.PlanExpressionVariable(variable), }); } function planResourcesMetadataFromProtobuf({ filterDebug, matchedScope, matchedScopes, }) { return { conditionString: filterDebug, matchedScope, matchedScopes, }; } /** @internal */ exports.unexpected = Symbol("unexpected"); function isUnexpected(value) { return value === exports.unexpected; } /** @internal */ function translateEnum(descriptor, source, value, translate) { if (value in translate) { const result = translate[value]; if (!isUnexpected(result)) { return result; } } const wanted = Object.entries(source) .filter(([, value]) => typeof value === "number" && !isUnexpected(translate[value])) .map(([key, value]) => `${key}:${value}`) .join("|"); const got = source[value] ? `${source[value]}:${value}` : value; throw new Error(`Unexpected ${descriptor}: wanted ${wanted}, got ${got}`); } function transformOneOf(descriptor, oneOf, transforms) { requireField(descriptor, oneOf); const transform = transforms[oneOf.$case]; if (!transform || isUnexpected(transform)) { throw new Error(`Unexpected ${descriptor}: wanted ${Object.keys(transforms).join("|")}, got ${oneOf.$case}`); } return transform(oneOf); } function requireOneOf(descriptor, oneOf, $case) { requireField(descriptor, oneOf); if (oneOf.$case !== $case) { throw new Error(`Unexpected ${descriptor}: wanted ${$case}, got ${oneOf.$case}`); } } /** @internal */ function requireField(descriptor, value) { if (value === undefined) { throw new Error(`Missing ${descriptor}`); } } //# sourceMappingURL=fromProtobuf.js.map