gdb-p2p/dist/rbac.min.js

Distributed graph database (GraphDB/GDB) for real-time data modeling, scalable storage, and efficient querying of complex relationships.

function V(j){if(typeof j!=="object"||j===null)throw new Error("Los roles personalizados deben ser un objeto v\xE1lido.");B=j}function E(j,G,O=new Set){const q=B;if(!q[j])return!1;if(O.has(j))return!1;if(O.add(j),q[j].can.includes(G))return!0;if(q[j].inherits)return q[j].inherits.some((k)=>E(k,G,O));return!1}async function W(j,G,O,q=null){if(await j.ready,!B[O])throw new Error(`El rol '${O}' no existe.`);let k=`user:${G}`;const z=j.graph.get(k),$={role:O,expiresAt:q?new Date(q).toISOString():null};if(z)Object.assign(z.value,$);else j.graph.insert(k,$);await j.saveGraphToOPFS(),console.log(`Rol '${O}' asignado al usuario '${G}'${q?` con caducidad en ${q}`:""}.`)}var F=function(){const j=new Uint8Array(32);return window.crypto.getRandomValues(j),j},L=function(){const j=new Uint8Array(16);return window.crypto.getRandomValues(j),j};async function M(j,G){let O=`user:${G}`;const q=j.graph.get(O);if(!q)throw new Error("No tienes un rol asignado.");if(q.value.expiresAt&&new Date(q.value.expiresAt)<new Date)throw new Error("Tu rol ha caducado.");return q.value.role}async function Q(j,G,O){const q=await M(j,G);if(!E(q,O))throw new Error(`No tienes permiso para realizar la operaci\xF3n '${O}'.`)}async function X(j,G,O,q){return await S(j,G),await Q(j,G,O),G}async function S(j,G){let O=`user:${G}`,q=j.graph.get(O);if(!q){const k={storedCredential:null,isAuthenticated:!1};j.graph.insert(O,k),await j.saveGraphToOPFS(),q=j.graph.get(O)}if(!q.value.storedCredential)await T(j,G);else if(!q.value.isAuthenticated)await J(j,G);else console.log("Ya est\xE1s autenticado. Bot\xF3n desactivado.")}async function T(j,G){if(!window.PublicKeyCredential){alert("WebAuthn no es soportado en este navegador.");return}let O=`user:${G}`;const q=L(),z={challenge:F(),rp:{name:"RBAC System"},user:{id:q,name:G,displayName:G},pubKeyCredParams:[{type:"public-key",alg:-7}],authenticatorSelection:{authenticatorAttachment:"platform",userVerification:"required"},timeout:60000,attestation:"direct"};try{const $=await navigator.credentials.create({publicKey:z}),w=j.graph.get(O);if(!w){console.error("\xA1Error! El nodo de usuario desapareci\xF3 durante el registro.");return}w.value.storedCredential={id:$.id,type:$.type,rawId:Array.from(new Uint8Array($.rawId)),response:{attestationObject:Array.from(new Uint8Array($.response.attestationObject)),clientDataJSON:Array.from(new Uint8Array($.response.clientDataJSON))}},w.value.isAuthenticated=!0,await j.saveGraphToOPFS(),console.log("Credencial registrada:",$),await J(j,G)}catch($){console.error("Error en registro",$)}}async function J(j,G){let O=`user:${G}`;const q=j.graph.get(O);if(!q){alert("No hay usuario registrado. Registra uno primero.");return}const k=q.value.storedCredential;if(!k){alert("No hay credenciales registradas. Registra una primero.");return}const $={challenge:F(),allowCredentials:[{id:k.id,type:"public-key"}],userVerification:"required",timeout:60000};try{const w=await navigator.credentials.get({publicKey:$});q.value.isAuthenticated=!0,await j.saveGraphToOPFS(),console.log("Autenticaci\xF3n exitosa:",w)}catch(w){console.error("Error en autenticaci\xF3n",w)}}var B={superadmin:{can:["assignRole"],inherits:["admin"]},admin:{can:["delete"],inherits:["manager"]},manager:{can:["publish"],inherits:["user"]},user:{can:["write"],inherits:["guest"]},guest:{can:["read"]}};export{V as setCustomRoles,X as executeWithPermission,E as can,W as assignRole};