@cloud-copilot/iam-policy/dist/cjs/principals/principal.js

An ORM for AWS IAM policies

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.PrincipalImpl = void 0;
const utils_js_1 = require("../utils.js");
const accountIdRegex = /^[0-9]{12}$/;
const accountArnRegex = /^arn:.*?:iam::[0-9]{12}:root$/;
const uniqueIdRegex = /^A[0-9A-Z]+$/;
class PrincipalImpl {
    principalType;
    principalId;
    constructor(principalType, principalId) {
        this.principalType = principalType;
        this.principalId = principalId;
    }
    value() {
        return this.principalId;
    }
    type() {
        return this.principalType;
    }
    isWildcardPrincipal() {
        return this.principalType === 'AWS' && (0, utils_js_1.isAllWildcards)(this.principalId);
    }
    isAccountPrincipal() {
        if (this.principalType !== 'AWS') {
            return false;
        }
        return accountIdRegex.test(this.principalId) || accountArnRegex.test(this.principalId);
    }
    isUniqueIdPrincipal() {
        if (this.principalType !== 'AWS') {
            return false;
        }
        return uniqueIdRegex.test(this.principalId);
    }
    isAwsPrincipal() {
        if (this.principalType !== 'AWS') {
            return false;
        }
        const anyThis = this;
        return (!(0, utils_js_1.isAllWildcards)(anyThis.principalId) &&
            !anyThis.isAccountPrincipal() &&
            !anyThis.isUniqueIdPrincipal());
    }
    isServicePrincipal() {
        return this.principalType === 'Service';
    }
    isFederatedPrincipal() {
        return this.principalType === 'Federated';
    }
    isCanonicalUserPrincipal() {
        return this.principalType === 'CanonicalUser';
    }
    wildcard() {
        if (!this.isWildcardPrincipal()) {
            throw new Error('Principal is not a wildcard principal, call isWildcardPrincipal() before calling wildcard()');
        }
        return '*';
    }
    accountId() {
        if (!this.isAccountPrincipal()) {
            throw new Error('Principal is not an account principal, call isAccountPrincipal() before calling accountId()');
        }
        if (accountArnRegex.test(this.principalId)) {
            return this.principalId.split(':')[4];
        }
        return this.principalId;
    }
    uniqueId() {
        if (!this.isUniqueIdPrincipal()) {
            throw new Error('Principal is not a unique id principal, call isUniqueIdPrincipal() before calling uniqueId()');
        }
        return this.principalId;
    }
    arn() {
        if (!this.isAwsPrincipal()) {
            throw new Error('Principal is not an AWS principal, call isAwsPrincipal() before calling arn()');
        }
        return this.principalId;
    }
    service() {
        if (!this.isServicePrincipal()) {
            throw new Error('Principal is not a service principal, call isServicePrincipal() before calling service()');
        }
        return this.principalId;
    }
    federated() {
        if (this.principalType !== 'Federated') {
            throw new Error('Principal is not a federated principal, call isFederatedPrincipal() before calling federated()');
        }
        return this.principalId;
    }
    canonicalUser() {
        if (this.principalType !== 'CanonicalUser') {
            throw new Error('Principal is not a canonical user principal, call isCanonicalUserPrincipal() before calling canonicalUser()');
        }
        return this.principalId;
    }
}
exports.PrincipalImpl = PrincipalImpl;
//# sourceMappingURL=principal.js.map