permission-repository.ts raw

   1  import { IdentityId, PermissionId } from '../value-objects';
   2  import type { ExtensionMethod, Nip07MethodPolicy } from '../../models/nostr';
   3  
   4  // Re-export types from models for convenience
   5  // These are the canonical definitions used throughout the app
   6  export type { ExtensionMethod, Nip07MethodPolicy as PermissionPolicy } from '../../models/nostr';
   7  
   8  // Local type alias for cleaner code
   9  type PermissionPolicy = Nip07MethodPolicy;
  10  
  11  /**
  12   * Snapshot of a permission for persistence.
  13   */
  14  export interface PermissionSnapshot {
  15    id: string;
  16    identityId: string;
  17    host: string;
  18    method: ExtensionMethod;
  19    methodPolicy: PermissionPolicy;
  20    kind?: number; // For signEvent, filter by event kind
  21  }
  22  
  23  /**
  24   * Query criteria for finding permissions.
  25   */
  26  export interface PermissionQuery {
  27    identityId?: IdentityId;
  28    host?: string;
  29    method?: ExtensionMethod;
  30    kind?: number;
  31  }
  32  
  33  /**
  34   * Repository interface for Permission aggregate.
  35   */
  36  export interface PermissionRepository {
  37    /**
  38     * Find a permission by its ID.
  39     */
  40    findById(id: PermissionId): Promise<PermissionSnapshot | undefined>;
  41  
  42    /**
  43     * Find permissions matching the query criteria.
  44     */
  45    find(query: PermissionQuery): Promise<PermissionSnapshot[]>;
  46  
  47    /**
  48     * Find a specific permission for an identity, host, method, and optionally kind.
  49     * This is the most common lookup for checking if an action is allowed.
  50     */
  51    findExact(
  52      identityId: IdentityId,
  53      host: string,
  54      method: ExtensionMethod,
  55      kind?: number
  56    ): Promise<PermissionSnapshot | undefined>;
  57  
  58    /**
  59     * Get all permissions for an identity.
  60     */
  61    findByIdentity(identityId: IdentityId): Promise<PermissionSnapshot[]>;
  62  
  63    /**
  64     * Get all permissions.
  65     */
  66    findAll(): Promise<PermissionSnapshot[]>;
  67  
  68    /**
  69     * Save a new or updated permission.
  70     */
  71    save(permission: PermissionSnapshot): Promise<void>;
  72  
  73    /**
  74     * Delete a permission by its ID.
  75     */
  76    delete(id: PermissionId): Promise<boolean>;
  77  
  78    /**
  79     * Delete all permissions for an identity.
  80     * Used when deleting an identity (cascade delete).
  81     */
  82    deleteByIdentity(identityId: IdentityId): Promise<number>;
  83  
  84    /**
  85     * Count permissions matching the query.
  86     */
  87    count(query?: PermissionQuery): Promise<number>;
  88  }
  89  
  90  /**
  91   * Error thrown when a permission operation fails.
  92   */
  93  export class PermissionRepositoryError extends Error {
  94    constructor(
  95      message: string,
  96      public readonly code: PermissionErrorCode
  97    ) {
  98      super(message);
  99      this.name = 'PermissionRepositoryError';
 100    }
 101  }
 102  
 103  export enum PermissionErrorCode {
 104    NOT_FOUND = 'NOT_FOUND',
 105    ENCRYPTION_FAILED = 'ENCRYPTION_FAILED',
 106    DECRYPTION_FAILED = 'DECRYPTION_FAILED',
 107    STORAGE_FAILED = 'STORAGE_FAILED',
 108  }
 109