Interface CapabilityParser<M>

Type Parameters

Hierarchy

Methods

and derive match or select

Methods

and

  • Combines this capability and the other into a capability group. This allows you to define right amplifications e.g file/read+write could be derived from file/read and file/write.

    Type Parameters

    Parameters

    Returns CapabilitiesParser<[M, W]>

    Example

    const read = capability({
      can: "file/read",
      with: URI({ protocol: "file:" }),
      derives: (claimed, delegated) =>
      claimed.with.pathname.startsWith(delegated.with.pathname)
       ? { ok: {} }
       : { error: new Failure(`'${claimed.with.href}' is not contained in '${delegated.with.href}'`) }
    })

    const write = capability({
      can: "file/write",
      with: URI({ protocol: "file:" }),
      derives: (claimed, delegated) =>
        claimed.with.pathname.startsWith(delegated.with.pathname)
        ? { ok: {} }
        : { error: new Failure(`'${claimed.with.href}' is not contained in '${delegated.with.href}'`) }
    })

    const readwrite = read.and(write).derive({
      to: capability({
        can: "file/read+write",
        with: URI({ protocol: "file:" }),
        derives: (claimed, delegated) =>
          claimed.with.pathname.startsWith(delegated.with.pathname)
         ? { ok: {} }
         : { error: new Failure(`'${claimed.with.href}' is not contained in '${delegated.with.href}'`) }
        }),
      derives: (claimed, [read, write]) => {
        if (!claimed.with.pathname.startsWith(read.with.pathname)) {
          return { error: new Failure(`'${claimed.with.href}' is not contained in '${read.with.href}'`) }
        } else if (!claimed.with.pathname.startsWith(write.with.pathname)) {
          return { error: new Failure(`'${claimed.with.href}' is not contained in '${write.with.href}'`) }
        } else {
          return { ok: {} }
        }
      }
    })

derive

  • Defined a derived capability which can be delegated from this capability. For example if you define "account/validate" capability and derive "account/register" capability from it when validating claimed "account/register" capability it could be proved with either "account/register" delegation or "account/validate" delegation.

    // capability issued by account verification service on email validation
    const verify = capability({
      can: "account/verify",
      with: URI({ protocol: "mailto:" })
      derives: ({ with: url }, from) =>
        url.href.startsWith(from.with.href) ||
        new Failure(`${url.href} is not contained in ${from.with.href}`)
    })

    // derive registration capability from email verification
    const register = validate.derive({
      to: capability({
        can: "account/register",
        with: URI({ protocol: "mailto:" }),
        derives: ({ with: url }, from) =>
          url.href.startsWith(from.with.href) ||
          new Failure(`${url.href} is not contained in ${from.with.href}`)
      }),
      derives: (registered, verified) =>
        registered.with.href === verified.with.href ||
        new Failure(`Registration email ${registered.pathname} does not match verified email ${verified.with.pathname}`)
    })

    Type Parameters

    Parameters

    Returns TheCapabilityParser<DerivedMatch<T, M>>

match

  • Parameters

    Returns MatchResult<M>

or

  • Defines capability that is either this or the the given other. This allows you to compose multiple capabilities into one so that you could validate any of one of them without having to maintain list of supported capabilities. It is especially useful when dealing with derived capability chains when you might derive capability from either one or the other.

    Type Parameters

    Parameters

    Returns CapabilityParser<M | W>

select

  • Parameters

    Returns Select<M>

Settings

Member Visibility

Theme

On This Page

Generated using TypeDoc