@cloud-copilot/iam-simulate
Version:
Simulate evaluation of AWS IAM policies
54 lines • 2.05 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.Bool = void 0;
const util_js_1 = require("../../util.js");
exports.Bool = {
name: 'Bool',
matches: (request, keyValue, policyValues) => {
const explains = policyValues.map((policyValue) => {
const { pattern, errors } = (0, util_js_1.convertIamString)(policyValue, request, {
replaceWildcards: false
});
if (errors && errors.length > 0) {
return {
value: policyValue,
matches: false,
errors
};
}
const resolvedValue = (0, util_js_1.convertIamString)(policyValue, request, {
replaceWildcards: false,
convertToRegex: false
});
const lowercaseResolvedValue = resolvedValue.toLowerCase();
if (lowercaseResolvedValue != 'true' && lowercaseResolvedValue != 'false') {
return {
matches: false,
value: policyValue,
errors: ['Invalid boolean pattern'],
resolvedValue: resolvedValue == policyValue ? undefined : resolvedValue
};
}
if (keyValue.toLowerCase() != 'true' && keyValue.toLowerCase() != 'false') {
return {
matches: false,
value: policyValue,
errors: [`request value '${keyValue}' is not a boolean`]
};
}
return {
matches: new RegExp(pattern, 'i').test(keyValue),
value: policyValue,
resolvedValue: resolvedValue == policyValue ? undefined : resolvedValue
};
});
return {
matches: explains.some((explain) => explain.matches),
explains
};
},
allowsVariables: true,
allowsWildcards: false,
isNegative: false
};
//# sourceMappingURL=Bool.js.map