{"version":3,"file":"snapIds.cjs","sourceRoot":"","sources":["../../../src/restricted/caveats/snapIds.ts"],"names":[],"mappings":";;;AAOA,qDAAiD;AAEjD,uDAAsE;AACtE,uDAA6C;AAE7C,2CAA4D;AAI5D;;;;;;;GAOG;AACH,SAAgB,mBAAmB,CACjC,KAAW;IAEX,OAAO;QACL,OAAO,EAAE;YACP;gBACE,IAAI,EAAE,4BAAc,CAAC,OAAO;gBAC5B,KAAK;aACN;SACF;KACF,CAAC;AACJ,CAAC;AAXD,kDAWC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CACnC,MAA2B;IAE3B,IAAA,oBAAY,EACV,MAAM,EACN,IAAA,kBAAI,EAAC;QACH,KAAK,EAAE,2BAAa;KACrB,CAAC,EACF,6EAA6E,EAC7E,sBAAS,CAAC,aAAa,CACxB,CAAC;AACJ,CAAC;AAXD,sDAWC;AAEY,QAAA,0BAA0B,GAGnC;IACF,CAAC,4BAAc,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;QACtC,IAAI,EAAE,4BAAc,CAAC,OAAO;QAC5B,SAAS,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,qBAAqB,CAAC,MAAM,CAAC;QACpD,SAAS,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE;YAC5B,OAAO,KAAK,EAAE,IAAI,EAAE,EAAE;gBACpB,MAAM,EACJ,MAAM,EACN,OAAO,EAAE,EAAE,MAAM,EAAE,GACpB,GAAwD,IAAI,CAAC;gBAC9D,MAAM,OAAO,GAAG,MAAM,CAAC,KAAgB,CAAC;gBACxC,MAAM,EAAE,MAAM,EAAE,GAAG,MAA0B,CAAC;gBAC9C,IAAI,CAAC,IAAA,mBAAW,EAAC,OAAO,EAAE,MAAM,CAAC,EAAE,CAAC;oBAClC,MAAM,IAAI,KAAK,CACb,GAAG,MAAM,uCAAuC,MAAM,QAAQ,CAC/D,CAAC;gBACJ,CAAC;gBACD,OAAO,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;YAC5B,CAAC,CAAC;QACJ,CAAC;KACF,CAAC;CACH,CAAC","sourcesContent":["import type {\n  Caveat,\n  RestrictedMethodOptions,\n  RestrictedMethodParameters,\n  RestrictedMethodCaveatSpecificationConstraint,\n  PermissionConstraint,\n} from '@metamask/permission-controller';\nimport { rpcErrors } from '@metamask/rpc-errors';\nimport type { SnapIds } from '@metamask/snaps-utils';\nimport { SnapCaveatType, SnapIdsStruct } from '@metamask/snaps-utils';\nimport { type } from '@metamask/superstruct';\nimport type { Json } from '@metamask/utils';\nimport { hasProperty, assertStruct } from '@metamask/utils';\n\nimport type { InvokeSnapParams } from '../invokeSnap';\n\n/**\n * Map a raw value from the `initialPermissions` to a caveat specification.\n * Note that this function does not do any validation, that's handled by the\n * PermissionsController when the permission is requested.\n *\n * @param value - The raw value from the `initialPermissions`.\n * @returns The caveat specification.\n */\nexport function snapIdsCaveatMapper(\n  value: Json,\n): Pick<PermissionConstraint, 'caveats'> {\n  return {\n    caveats: [\n      {\n        type: SnapCaveatType.SnapIds,\n        value,\n      },\n    ],\n  };\n}\n\n/**\n * Validates that the caveat value exists and is a non-empty object.\n *\n * @param caveat - The caveat to validate.\n * @throws If the caveat is invalid.\n */\nexport function validateSnapIdsCaveat(\n  caveat: Caveat<string, any>,\n): asserts caveat is Caveat<string, SnapIds> {\n  assertStruct(\n    caveat,\n    type({\n      value: SnapIdsStruct,\n    }),\n    'Expected caveat to have a value property of a non-empty object of snap IDs.',\n    rpcErrors.invalidParams,\n  );\n}\n\nexport const SnapIdsCaveatSpecification: Record<\n  SnapCaveatType.SnapIds,\n  RestrictedMethodCaveatSpecificationConstraint\n> = {\n  [SnapCaveatType.SnapIds]: Object.freeze({\n    type: SnapCaveatType.SnapIds,\n    validator: (caveat) => validateSnapIdsCaveat(caveat),\n    decorator: (method, caveat) => {\n      return async (args) => {\n        const {\n          params,\n          context: { origin },\n        }: RestrictedMethodOptions<RestrictedMethodParameters> = args;\n        const snapIds = caveat.value as SnapIds;\n        const { snapId } = params as InvokeSnapParams;\n        if (!hasProperty(snapIds, snapId)) {\n          throw new Error(\n            `${origin} does not have permission to invoke ${snapId} snap.`,\n          );\n        }\n        return await method(args);\n      };\n    },\n  }),\n};\n"]}