UNPKG

@eang/core

Version:

eang - model driven enterprise event processing

92 lines (91 loc) 3.21 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import { Cnx, Obj, EangEventTypes } from './entity.js'; import { PersonObj } from './objects.js'; import { Prettify } from './types.js'; export interface AuthzRequest { subject: PersonObj; action: AuthzAction; entity: Obj | Cnx; environment?: Environment; } export type RuleEffects = (typeof RuleEffect)[keyof typeof RuleEffect] | undefined; export declare const RuleEffect: { readonly allow: "allow"; readonly deny: "deny"; }; export interface AuthzResult { effect: RuleEffects; matchedRule?: PolicyRule; entity: Obj | Cnx; } export interface PolicyRule { effect: RuleEffects; filter?: (resourceType: string, actionType: string) => boolean; matcher?: (accessRequest: AuthzRequest, authz?: Authorizer) => boolean; mapper?: (resource: Obj | Cnx) => Obj | Cnx; } export declare class Authorizer { defaultPolicyChain: PolicyRule[]; constructor(defaultPolicyChain?: PolicyRule[]); authorize(authzRequest: AuthzRequest, policyRuleChain: PolicyRule[]): AuthzResult; contains(obj: Record<string, unknown>, objPath: string | string[], match: unknown): boolean; private applyChain; } export declare class Environment { name: string; description?: string | undefined; timeOfDay?: string; timeRange?: { start: string; end: string; }; dayOfWeek?: string; date?: Date; isHoliday?: boolean; ipAddress?: string; geographicLocation?: { country?: string; region?: string; city?: string; }; networkZone?: 'internal' | 'DMZ' | 'external'; connectionType?: 'VPN' | 'direct' | 'wireless' | string; deviceType?: 'company-managed' | 'BYOD' | 'mobile' | 'desktop' | string; securityPosture?: { patchLevel?: string; antivirusStatus?: 'active' | 'inactive' | string; encryptionStatus?: 'enabled' | 'disabled' | string; }; operatingSystem?: string; osVersion?: string; browserType?: string; browserVersion?: string; certificateStatus?: 'valid' | 'expired' | 'missing' | string; threatLevel?: 'low' | 'medium' | 'high' | 'critical' | string; anomalyScore?: number; previousAuthFailures?: number; sessionCharacteristics?: { duration?: number; idleTime?: number; }; businessProcess?: string; emergencyStatus?: boolean; systemLoad?: number; systemHealth?: 'normal' | 'degraded' | 'critical' | string; maintenanceWindow?: boolean; dataClassificationLevel?: 'public' | 'internal' | 'confidential' | 'restricted' | string; regulatoryJurisdiction?: string[]; underAudit?: boolean; constructor(name: string, description?: string | undefined, attributes?: Partial<Omit<Environment, 'name' | 'description'>>); } export type AuthzActionType = Prettify<EangEventTypes | 'read'>; export declare class AuthzAction { type: AuthzActionType; data: Record<string, unknown>; private constructor(); static create(data: Record<string, unknown>): AuthzAction; static update(data: Record<string, unknown>): AuthzAction; static delete(): AuthzAction; static start(): AuthzAction; static stop(): AuthzAction; static read(): AuthzAction; }