@enbox/api
Version:
SDK for accessing the features and capabilities of Web5
233 lines • 9.49 kB
JavaScript
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __rest = (this && this.__rest) || function (s, e) {
var t = {};
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
t[p] = s[p];
if (s != null && typeof Object.getOwnPropertySymbols === "function")
for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
t[p[i]] = s[p[i]];
}
return t;
};
import { Convert } from '@enbox/common';
import { AgentPermissionsApi, DwnInterface, DwnPermissionGrant, } from '@enbox/agent';
import { PermissionGrantRevocation } from './grant-revocation.js';
/**
* The `PermissionGrant` class encapsulates a permissions protocol `grant` record, providing a more
* developer-friendly interface for working with Decentralized Web Node (DWN) records.
*
* Methods are provided to revoke, check if isRevoked, and manage the grant's lifecycle, including writing to remote DWNs.
*
* @beta
*/
export class PermissionGrant {
constructor({ api, connectedDid, message, grant }) {
this._permissions = api;
// Store the connected DID for convenience.
this._connectedDid = connectedDid;
// Store the message that represents the grant.
this._message = message;
// Store the parsed grant object.
this._grant = grant;
}
/** parses the grant given an agent, connectedDid and data encoded records write message */
static parse(options) {
return __awaiter(this, void 0, void 0, function* () {
//TODO: this does not have to be async https://github.com/TBD54566975/web5-js/pull/831/files
const grant = yield DwnPermissionGrant.parse(options.message);
const api = new AgentPermissionsApi({ agent: options.agent });
return new PermissionGrant(Object.assign(Object.assign({}, options), { grant, api }));
});
}
/** The agent to use for this instantiation of the grant */
get agent() {
return this._permissions.agent;
}
/** The grant's ID, which is also the underlying record's ID */
get id() {
return this._grant.id;
}
/** The DID which granted the permission */
get grantor() {
return this._grant.grantor;
}
/** The DID which the permission was granted to */
get grantee() {
return this._grant.grantee;
}
/** The date the permission was granted */
get dateGranted() {
return this._grant.dateGranted;
}
/** (optional) Description of the permission grant */
get description() {
return this._grant.description;
}
/** (optional) The Id of the PermissionRequest if one was used */
get requestId() {
return this._grant.requestId;
}
/** The date on which the permission expires */
get dateExpires() {
return this._grant.dateExpires;
}
/** Whether or not the permission grant can be used to impersonate the grantor */
get delegated() {
return this._grant.delegated;
}
/** The permission scope under which the grant is valid */
get scope() {
return this._grant.scope;
}
/** The conditions under which the grant is valid */
get conditions() {
return this._grant.conditions;
}
/** The raw `RecordsWrite` DWN message with encoded data that was used to instantiate this grant */
get rawMessage() {
return this._message;
}
/**
* Send the current grant to a remote DWN by specifying their DID
* If no DID is specified, the target is assumed to be the owner (connectedDID).
*
* @param target - the optional DID to send the grant to, if none is set it is sent to the connectedDid
* @returns the status of the send grant request
*
* @beta
*/
send(target) {
return __awaiter(this, void 0, void 0, function* () {
target !== null && target !== void 0 ? target : (target = this._connectedDid);
const _a = this._message, { encodedData } = _a, rawMessage = __rest(_a, ["encodedData"]);
const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
const sendRequestOptions = {
messageType: DwnInterface.RecordsWrite,
author: this._connectedDid,
target: target,
dataStream,
rawMessage,
};
// Send the current/latest state to the target.
const { reply } = yield this.agent.sendDwnRequest(sendRequestOptions);
return reply;
});
}
/**
* Stores the current grant to the owner's DWN.
*
* @param importGrant - if true, the grant will signed by the owner before storing it to the owner's DWN. Defaults to false.
* @returns the status of the store request
*
* @beta
*/
store(importGrant = false) {
return __awaiter(this, void 0, void 0, function* () {
const _a = this.rawMessage, { encodedData } = _a, rawMessage = __rest(_a, ["encodedData"]);
const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
const { reply, message } = yield this.agent.processDwnRequest({
store: true,
author: this._connectedDid,
target: this._connectedDid,
messageType: DwnInterface.RecordsWrite,
signAsOwner: importGrant,
rawMessage,
dataStream,
});
this._message = Object.assign(Object.assign({}, message), { encodedData: encodedData });
return { status: reply.status };
});
}
/**
* Signs the current grant as the owner and optionally stores it to the owner's DWN.
* This is useful when importing a grant that was signed by someone else into your own DWN.
*
* @param store - if true, the grant will be stored to the owner's DWN after signing. Defaults to true.
* @returns the status of the import request
*
* @beta
*/
import(store = false) {
return __awaiter(this, void 0, void 0, function* () {
const _a = this.rawMessage, { encodedData } = _a, rawMessage = __rest(_a, ["encodedData"]);
const dataStream = new Blob([Convert.base64Url(encodedData).toUint8Array()]);
const { reply, message } = yield this.agent.processDwnRequest({
store,
author: this._connectedDid,
target: this._connectedDid,
messageType: DwnInterface.RecordsWrite,
signAsOwner: true,
rawMessage,
dataStream,
});
this._message = Object.assign(Object.assign({}, message), { encodedData: encodedData });
return { status: reply.status };
});
}
/**
* Revokes the grant and optionally stores the revocation to the owner's DWN.
*
* @param store - if true, the revocation will be stored to the owner's DWN. Defaults to true.
* @returns {PermissionGrantRevocation} the grant revocation object
*
* @beta
*/
revoke(store = true) {
return __awaiter(this, void 0, void 0, function* () {
const revocation = yield this._permissions.createRevocation({
store,
author: this._connectedDid,
grant: this._grant,
});
return PermissionGrantRevocation.parse({
connectedDid: this._connectedDid,
agent: this.agent,
message: revocation.message,
});
});
}
/**
* Checks if the grant has been revoked.
*
* @param remote - if true, the check will be made against the remote DWN. Defaults to false.
* @returns true if the grant has been revoked, false otherwise.
* @throws if there is an error checking the revocation status.
*
* @beta
*/
isRevoked(remote = false) {
return this._permissions.isGrantRevoked({
author: this._connectedDid,
target: this.grantor,
grantRecordId: this.id,
remote
});
}
/**
* @returns the JSON representation of the grant
*/
toJSON() {
return {
id: this.id,
grantor: this.grantor,
grantee: this.grantee,
dateGranted: this.dateGranted,
description: this.description,
requestId: this.requestId,
dateExpires: this.dateExpires,
delegated: this.delegated,
scope: this.scope,
conditions: this.conditions
};
}
}
//# sourceMappingURL=permission-grant.js.map