UNPKG

@mastra/core

Version:

Mastra is a framework for building AI-powered applications and agents with a modern TypeScript stack.

mastra.ai

mastra-ai/mastra

57 lines 2.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
/** * FGA enforcement utility for checking fine-grained authorization. * * @license Mastra Enterprise License - see ee/LICENSE */ import type { FGACheckContext, IFGAProvider } from './interfaces/fga.js'; import type { MastraFGAPermissionInput } from './interfaces/permissions.generated.js'; export interface CheckFGAOptions { fgaProvider: IFGAProvider | undefined; user: any; resource: { type: string; id: string; }; permission: MastraFGAPermissionInput | MastraFGAPermissionInput[]; context?: FGACheckContext; } export interface RequireFGAOptions extends CheckFGAOptions { requestContext?: FGACheckContext['requestContext']; metadata?: Record<string, unknown>; } export declare function getAgentFGAResourceId(agentId: string): string; export declare function getWorkflowFGAResourceId(workflowId: string): string; export declare function getStandaloneToolFGAResourceId(toolName: string): string; export declare function getAgentToolFGAResourceId(agentId: string, toolName: string): string; export declare function getMCPToolFGAResourceId(serverName: string, toolName: string): string; /** * Check fine-grained authorization for a resource. * * No-op if no FGA provider is configured (backward compatibility). * Delegates to fgaProvider.require() which throws FGADeniedError if denied. */ export declare function checkFGA(options: CheckFGAOptions): Promise<void>; /** * Require fine-grained authorization for a resource. * * No-op if no FGA provider is configured. When FGA is configured, a missing * user fails closed. */ export declare function requireFGA(options: RequireFGAOptions): Promise<void>; /** * Error thrown when an FGA authorization check is denied. */ export declare class FGADeniedError extends Error { readonly user: any; readonly resource: { type: string; id: string; }; readonly permission: MastraFGAPermissionInput | MastraFGAPermissionInput[]; readonly status: number; constructor(user: any, resource: { type: string; id: string; }, permission: MastraFGAPermissionInput | MastraFGAPermissionInput[], reason?: string); } //# sourceMappingURL=fga-check.d.ts.map