{
  "version": 3,
  "sources": ["../ui/app/components/mn_permissions.js"],
  "sourcesContent": ["/*\nCopyright 2016-Present Couchbase, Inc.\n\nUse of this software is governed by the Business Source License included in\nthe file licenses/BSL-Couchbase.txt.  As of the Change Date specified in that\nfile, in accordance with the Business Source License, use of this software will\nbe governed by the Apache License, Version 2.0, included in the file\nlicenses/APL2.txt.\n*/\n\nimport angular from 'angular';\nimport _ from 'lodash';\nimport {BehaviorSubject} from 'rxjs';\n\nimport mnBucketsService from '../mn_admin/mn_buckets_service.js';\n\nexport default \"mnPermissions\";\n\nangular\n  .module(\"mnPermissions\", [mnBucketsService])\n  .provider(\"mnPermissions\", mnPermissionsProvider);\n\nfunction mnPermissionsProvider() {\n  this.$get = [\"$http\", \"$timeout\", \"$q\", \"$rootScope\", \"mnBucketsService\", \"$parse\", mnPermissionsFacatory];\n  this.set = set;\n  this.setBucketSpecific = setBucketSpecific;\n\n  var bucketSpecificPermissions = [function (name, buckets) {\n    var basePermissions = [\n      \"cluster.bucket[\" + name + \"].settings!write\",\n      \"cluster.bucket[\" + name + \"].settings!read\",\n      \"cluster.bucket[\" + name + \"].recovery!write\",\n      \"cluster.bucket[\" + name + \"].recovery!read\",\n      \"cluster.bucket[\" + name + \"].stats!read\",\n      \"cluster.bucket[\" + name + \"]!flush\",\n      \"cluster.bucket[\" + name + \"]!delete\",\n      \"cluster.bucket[\" + name + \"]!compact\",\n      \"cluster.bucket[\" + name + \"].xdcr!read\",\n      \"cluster.bucket[\" + name + \"].xdcr!write\",\n      \"cluster.bucket[\" + name + \"].xdcr!execute\",\n      \"cluster.bucket[\" + name + \"].n1ql.select!execute\",\n      \"cluster.bucket[\" + name + \"].n1ql.index!read\",\n      \"cluster.bucket[\" + name + \"].n1ql.index!write\",\n      \"cluster.bucket[\" + name + \"].collections!read\",\n      \"cluster.bucket[\" + name + \"].collections!write\",\n      \"cluster.collection[\" + name + \":.:.].stats!read\",\n      \"cluster.collection[\" + name + \":.:.].collections!read\",\n      \"cluster.collection[\" + name + \":.:.].collections!write\"\n    ];\n    if (name === \".\" || buckets.byName[name].isMembase) {\n      basePermissions = basePermissions.concat([\n        \"cluster.bucket[\" + name + \"].views!read\",\n        \"cluster.bucket[\" + name + \"].views!write\",\n        \"cluster.bucket[\" + name + \"].views!compact\"\n      ]);\n    }\n    if (name === \".\" || !buckets.byName[name].isMemcached) {\n      basePermissions = basePermissions.concat([\n        \"cluster.bucket[\" + name + \"].data!write\",\n        \"cluster.bucket[\" + name + \"].data!read\",\n        \"cluster.bucket[\" + name + \"].data.docs!read\",\n        \"cluster.bucket[\" + name + \"].data.docs!write\",\n        \"cluster.bucket[\" + name + \"].data.docs!upsert\",\n        \"cluster.bucket[\" + name + \"].n1ql.index!read\",\n        \"cluster.collection[\" + name + \":.:.].data.docs!read\",\n        \"cluster.collection[\" + name + \":.:.].data.docs!write\",\n        \"cluster.collection[\" + name + \":.:.].data.docs!upsert\",\n        \"cluster.collection[\" + name + \":.:.].n1ql.index!read\",\n        \"cluster.collection[\" + name + \":.:.].n1ql.index!write\",\n        \"cluster.collection[\" + name + \":.:.].n1ql.select!execute\"\n      ]);\n    }\n\n    return basePermissions\n  }];\n\n  var interestingPermissions = [\n    \"cluster.buckets!create\",\n    \"cluster.backup!all\",\n    \"cluster.nodes!write\",\n    \"cluster.pools!read\",\n    \"cluster.server_groups!read\",\n    \"cluster.server_groups!write\",\n    \"cluster.settings!read\",\n    \"cluster.settings!write\",\n    \"cluster.settings.metrics!read\",\n    \"cluster.settings.metrics!write\",\n    \"cluster.stats!read\",\n    \"cluster.tasks!read\",\n    \"cluster.settings.indexes!read\",\n    \"cluster.admin.internal!all\",\n    \"cluster.xdcr.settings!read\",\n    \"cluster.xdcr.settings!write\",\n    \"cluster.xdcr.remote_clusters!read\",\n    \"cluster.xdcr.remote_clusters!write\",\n    \"cluster.admin.security!read\",\n    \"cluster.admin.logs!read\",\n    \"cluster.admin.settings!read\",\n    \"cluster.admin.settings!write\",\n    \"cluster.logs!read\",\n    \"cluster.pools!write\",\n    \"cluster.settings.indexes!write\",\n    \"cluster.admin.security!write\",\n    \"cluster.admin.security.admin!write\",\n    \"cluster.admin.security.admin!read\",\n    \"cluster.admin.security.external!write\",\n    \"cluster.admin.security.external!read\",\n    \"cluster.admin.security.local!read\",\n    \"cluster.admin.security.local!write\",\n    \"cluster.samples!read\",\n    \"cluster.nodes!read\",\n    \"cluster.admin.memcached!read\",\n    \"cluster.admin.memcached!write\",\n    \"cluster.eventing.functions!manage\",\n    \"cluster.settings.autocompaction!read\",\n    \"cluster.settings.autocompaction!write\"\n  ];\n\n  function getAll() {\n    return _.clone(interestingPermissions);\n  }\n\n  function set(permission) {\n    if (!_.contains(interestingPermissions, permission)) {\n      interestingPermissions.push(permission);\n    }\n    return this;\n  }\n\n  function remove(permission) {\n    let index = interestingPermissions.indexOf(permission);\n    if (index > 0) {\n      interestingPermissions.splice(index, 1);\n    }\n    return this;\n  }\n\n  function setBucketSpecific(func) {\n    if (angular.isFunction(func)) {\n      bucketSpecificPermissions.push(func);\n    }\n    return this;\n  }\n\n  function generateBucketPermissions(bucketName, buckets) {\n    return bucketSpecificPermissions.reduce(function (acc, getChunk) {\n      return acc.concat(getChunk(bucketName, buckets));\n    }, []);\n  }\n\n  function mnPermissionsFacatory($http, $timeout, $q, $rootScope, mnBucketsService, $parse) {\n    var mnPermissions = {\n      clear: clear,\n      get: doCheck,\n      check: check,\n      set: set,\n      stream: new BehaviorSubject(),\n      remove: remove,\n      throttledCheck: _.debounce(getFresh, 200),\n      getFresh: getFresh,\n      getBucketPermissions: getBucketPermissions,\n      getPerScopePermissions: getPerScopePermissions,\n      getPerCollectionPermissions: getPerCollectionPermissions,\n      export: {\n        data: {},\n        cluster: {},\n        default: {\n          all: undefined,\n          membase: undefined\n        }\n      }\n    };\n\n    var cache;\n\n    interestingPermissions.push(generateBucketPermissions(\".\"));\n\n    return mnPermissions;\n\n    function getPerScopePermissions(bucketName, scopeName) {\n      let any = bucketName + \":\" + scopeName + \":.\";\n      let all = bucketName + \":\" + scopeName + \":*\"\n      return [\"cluster.collection[\" + any + \"].data.docs!read\",\n              \"cluster.collection[\" + all + \"].collections!write\",\n              \"cluster.collection[\" + any + \"].n1ql.select!execute\"];\n    }\n    function getPerCollectionPermissions(bucketName, scopeName, collectionName) {\n      let params = bucketName + \":\" + scopeName + \":\" + collectionName;\n      return [\"cluster.collection[\" + params + \"].data.docs!read\",\n              \"cluster.collection[\" + params + \"].n1ql.select!execute\"];\n    }\n\n    function clear() {\n      delete $rootScope.rbac;\n      mnPermissions.export.cluster = {};\n      mnPermissions.export.data = {};\n      clearCache();\n    }\n\n    function clearCache() {\n      cache = null;\n    }\n\n    function getFresh() {\n      clearCache();\n      return mnPermissions.check();\n    }\n\n    function getBucketPermissions(bucketName) {\n      return mnBucketsService.getBucketsByType().then(function (bucketsDetails) {\n        return generateBucketPermissions(bucketName, bucketsDetails);\n      });\n    }\n\n    function check() {\n      if (cache) {\n        return $q.when(mnPermissions.export);\n      }\n\n      return doCheck([\"cluster.bucket[.].settings!read\"]).then(function (resp) {\n        var permissions = getAll();\n        if (resp.data[\"cluster.bucket[.].settings!read\"]) {\n          return mnBucketsService.getBucketsByType().then(function (bucketsDetails) {\n            if (bucketsDetails.length) {\n              angular.forEach(bucketsDetails, function (bucket) {\n                permissions = permissions.concat(generateBucketPermissions(bucket.name, bucketsDetails));\n              });\n            }\n            return doCheck(permissions).then(function (resp) {\n              var bucketNamesByPermission = {};\n              var bucketCollectionsNames = {};\n              var permissions = resp.data;\n              angular.forEach(bucketsDetails, function (bucket) {\n                var interesting = generateBucketPermissions(bucket.name, bucketsDetails);\n                angular.forEach(interesting, function (permission) {\n                  var bucketPermission = permission.split(\"[\" + bucket.name + \"]\")[1];\n                  var collectionPermission = permission.split(\"[\" + bucket.name + \":.:.]\")[1];\n\n                  bucketNamesByPermission[bucketPermission] =\n                    bucketNamesByPermission[bucketPermission] || [];\n\n                  bucketCollectionsNames[collectionPermission] =\n                    bucketCollectionsNames[collectionPermission] || [];\n\n                  if (bucketPermission && permissions[permission]) {\n                    bucketNamesByPermission[bucketPermission].push(bucket.name);\n                  }\n\n                  if (collectionPermission && permissions[permission]) {\n                    bucketCollectionsNames[collectionPermission].push(bucket.name);\n                  }\n                });\n              });\n              resp.bucketNames = bucketNamesByPermission;\n              resp.bucketCollectionsNames = bucketCollectionsNames;\n              return resp;\n            });\n          });\n        } else {\n          return doCheck(permissions);\n        }\n      }).then(function (resp) {\n        cache = convertIntoTree(resp.data);\n\n        mnPermissions.export.data = resp.data;\n        mnPermissions.export.cluster = cache.cluster;\n        mnPermissions.export.bucketNames = resp.bucketNames || {};\n        mnPermissions.export.bucketCollectionsNames = resp.bucketCollectionsNames || {};\n\n        mnPermissions.stream.next(mnPermissions.export);\n\n        return mnPermissions.export;\n      });\n    }\n\n    function convertIntoTree(permissions) {\n      var rv = {};\n      angular.forEach(permissions, function (value, key) {\n        var levels = key.split(/[[\\]]+/);\n        var regex = /[.:!]+/;\n        if (levels[1]) {\n          levels = _.compact(levels[0].split(regex).concat([levels[1]]).concat(levels[2].split(regex)))\n        } else {\n          levels = levels[0].split(regex);\n        }\n        var path = levels.shift() + \"['\" + levels.join(\"']['\") + \"']\"; //in order to properly handle bucket names\n        $parse(path).assign(rv, value);\n      });\n      return rv;\n    }\n\n    function doCheck(interestingPermissions) {\n      return $http({\n        method: \"POST\",\n        url: \"/pools/default/checkPermissions\",\n        data: interestingPermissions.join(',')\n      });\n    }\n  }\n}\n"],
  "mappings": "gPAgBA,GAAO,wBAAQ,gBAEf,UACG,OAAO,gBAAiB,CAAC,6BACzB,SAAS,gBAAiB,uBAE7B,gCAAiC,CAC/B,KAAK,KAAO,CAAC,QAAS,WAAY,KAAM,aAAc,mBAAoB,SAAU,uBACpF,KAAK,IAAM,IACX,KAAK,kBAAoB,kBAEzB,GAAI,2BAA4B,CAAC,SAAU,KAAM,QAAS,CACxD,GAAI,iBAAkB,CACpB,kBAAoB,KAAO,mBAC3B,kBAAoB,KAAO,kBAC3B,kBAAoB,KAAO,mBAC3B,kBAAoB,KAAO,kBAC3B,kBAAoB,KAAO,eAC3B,kBAAoB,KAAO,UAC3B,kBAAoB,KAAO,WAC3B,kBAAoB,KAAO,YAC3B,kBAAoB,KAAO,cAC3B,kBAAoB,KAAO,eAC3B,kBAAoB,KAAO,iBAC3B,kBAAoB,KAAO,wBAC3B,kBAAoB,KAAO,oBAC3B,kBAAoB,KAAO,qBAC3B,kBAAoB,KAAO,qBAC3B,kBAAoB,KAAO,sBAC3B,sBAAwB,KAAO,mBAC/B,sBAAwB,KAAO,yBAC/B,sBAAwB,KAAO,2BAEjC,MAAI,QAAS,KAAO,QAAQ,OAAO,MAAM,YACvC,iBAAkB,gBAAgB,OAAO,CACvC,kBAAoB,KAAO,eAC3B,kBAAoB,KAAO,gBAC3B,kBAAoB,KAAO,qBAG3B,QAAS,KAAO,CAAC,QAAQ,OAAO,MAAM,cACxC,iBAAkB,gBAAgB,OAAO,CACvC,kBAAoB,KAAO,eAC3B,kBAAoB,KAAO,cAC3B,kBAAoB,KAAO,mBAC3B,kBAAoB,KAAO,oBAC3B,kBAAoB,KAAO,qBAC3B,kBAAoB,KAAO,oBAC3B,sBAAwB,KAAO,uBAC/B,sBAAwB,KAAO,wBAC/B,sBAAwB,KAAO,yBAC/B,sBAAwB,KAAO,wBAC/B,sBAAwB,KAAO,yBAC/B,sBAAwB,KAAO,+BAI5B,kBAGL,uBAAyB,CAC3B,yBACA,qBACA,sBACA,qBACA,6BACA,8BACA,wBACA,yBACA,gCACA,iCACA,qBACA,qBACA,gCACA,6BACA,6BACA,8BACA,oCACA,qCACA,8BACA,0BACA,8BACA,+BACA,oBACA,sBACA,iCACA,+BACA,qCACA,oCACA,wCACA,uCACA,oCACA,qCACA,uBACA,qBACA,+BACA,gCACA,oCACA,uCACA,yCAGF,iBAAkB,CAChB,MAAO,gBAAE,MAAM,wBADR,wBAIT,aAAa,WAAY,CACvB,MAAK,gBAAE,SAAS,uBAAwB,aACtC,uBAAuB,KAAK,YAEvB,KAJA,kBAOT,gBAAgB,WAAY,CAC1B,GAAI,OAAQ,uBAAuB,QAAQ,YAC3C,MAAI,OAAQ,GACV,uBAAuB,OAAO,MAAO,GAEhC,KALA,wBAQT,2BAA2B,KAAM,CAC/B,MAAI,WAAQ,WAAW,OACrB,0BAA0B,KAAK,MAE1B,KAJA,8CAOT,mCAAmC,WAAY,QAAS,CACtD,MAAO,2BAA0B,OAAO,SAAU,IAAK,SAAU,CAC/D,MAAO,KAAI,OAAO,SAAS,WAAY,WACtC,IAHI,8DAMT,+BAA+B,MAAO,SAAU,GAAI,WAAY,iBAAkB,OAAQ,CACxF,GAAI,eAAgB,CAClB,MACA,IAAK,QACL,MACA,IACA,OAAQ,GAAI,iBACZ,OACA,eAAgB,eAAE,SAAS,SAAU,KACrC,SACA,qBACA,uBACA,4BACA,OAAQ,CACN,KAAM,GACN,QAAS,GACT,QAAS,CACP,IAAK,OACL,QAAS,UAKX,MAEJ,8BAAuB,KAAK,0BAA0B,MAE/C,cAEP,gCAAgC,WAAY,UAAW,CACrD,GAAI,KAAM,WAAa,IAAM,UAAY,KACrC,IAAM,WAAa,IAAM,UAAY,KACzC,MAAO,CAAC,sBAAwB,IAAM,mBAC9B,sBAAwB,IAAM,sBAC9B,sBAAwB,IAAM,yBAL/B,wDAOT,qCAAqC,WAAY,UAAW,eAAgB,CAC1E,GAAI,QAAS,WAAa,IAAM,UAAY,IAAM,eAClD,MAAO,CAAC,sBAAwB,OAAS,mBACjC,sBAAwB,OAAS,yBAHlC,kEAMT,gBAAiB,CACf,MAAO,YAAW,KAClB,cAAc,OAAO,QAAU,GAC/B,cAAc,OAAO,KAAO,GAC5B,aAJO,sBAOT,qBAAsB,CACpB,MAAQ,KADD,gCAIT,mBAAoB,CAClB,oBACO,cAAc,QAFd,4BAKT,8BAA8B,WAAY,CACxC,MAAO,kBAAiB,mBAAmB,KAAK,SAAU,eAAgB,CACxE,MAAO,2BAA0B,WAAY,kBAFxC,oDAMT,gBAAiB,CACf,MAAI,OACK,GAAG,KAAK,cAAc,QAGxB,QAAQ,CAAC,oCAAoC,KAAK,SAAU,KAAM,CACvE,GAAI,aAAc,SAClB,MAAI,MAAK,KAAK,mCACL,iBAAiB,mBAAmB,KAAK,SAAU,eAAgB,CACxE,MAAI,gBAAe,QACjB,UAAQ,QAAQ,eAAgB,SAAU,OAAQ,CAChD,YAAc,YAAY,OAAO,0BAA0B,OAAO,KAAM,mBAGrE,QAAQ,aAAa,KAAK,SAAU,MAAM,CAC/C,GAAI,yBAA0B,GAC1B,uBAAyB,GACzB,aAAc,MAAK,KACvB,iBAAQ,QAAQ,eAAgB,SAAU,OAAQ,CAChD,GAAI,aAAc,0BAA0B,OAAO,KAAM,gBACzD,UAAQ,QAAQ,YAAa,SAAU,WAAY,CACjD,GAAI,kBAAmB,WAAW,MAAM,IAAM,OAAO,KAAO,KAAK,GAC7D,qBAAuB,WAAW,MAAM,IAAM,OAAO,KAAO,SAAS,GAEzE,wBAAwB,kBACtB,wBAAwB,mBAAqB,GAE/C,uBAAuB,sBACrB,uBAAuB,uBAAyB,GAE9C,kBAAoB,aAAY,aAClC,wBAAwB,kBAAkB,KAAK,OAAO,MAGpD,sBAAwB,aAAY,aACtC,uBAAuB,sBAAsB,KAAK,OAAO,UAI/D,MAAK,YAAc,wBACnB,MAAK,uBAAyB,uBACvB,UAIJ,QAAQ,eAEhB,KAAK,SAAU,KAAM,CACtB,aAAQ,gBAAgB,KAAK,MAE7B,cAAc,OAAO,KAAO,KAAK,KACjC,cAAc,OAAO,QAAU,MAAM,QACrC,cAAc,OAAO,YAAc,KAAK,aAAe,GACvD,cAAc,OAAO,uBAAyB,KAAK,wBAA0B,GAE7E,cAAc,OAAO,KAAK,cAAc,QAEjC,cAAc,SAzDhB,sBA6DT,yBAAyB,YAAa,CACpC,GAAI,IAAK,GACT,iBAAQ,QAAQ,YAAa,SAAU,MAAO,IAAK,CACjD,GAAI,QAAS,IAAI,MAAM,UACnB,MAAQ,SACZ,AAAI,OAAO,GACT,OAAS,eAAE,QAAQ,OAAO,GAAG,MAAM,OAAO,OAAO,CAAC,OAAO,KAAK,OAAO,OAAO,GAAG,MAAM,SAErF,OAAS,OAAO,GAAG,MAAM,OAE3B,GAAI,MAAO,OAAO,QAAU,KAAO,OAAO,KAAK,QAAU,KACzD,OAAO,MAAM,OAAO,GAAI,SAEnB,GAbA,0CAgBT,iBAAiB,wBAAwB,CACvC,MAAO,OAAM,CACX,OAAQ,OACR,IAAK,kCACL,KAAM,wBAAuB,KAAK,OAJ7B,0BA7IF,sDAhIF",
  "names": []
}