@amaster.ai/admin-sdk 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/README.md +262 -0
  2. package/dist/index.cjs +9 -7
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.d.cts +30 -13
  5. package/dist/index.d.ts +30 -13
  6. package/dist/index.js +9 -7
  7. package/dist/index.js.map +1 -1
  8. package/package.json +1 -1
package/README.md ADDED
@@ -0,0 +1,262 @@
1
+ # @amaster.ai/admin-sdk
2
+
3
+ Server-side Admin SDK for the Amaster platform. Manages users, roles, permissions, and departments via the internal API. Designed for **Edge Functions** (Deno) and Node.js backends — uses native `fetch`, no browser APIs.
4
+
5
+ ## Edge Function 快速示例(AI 参考)
6
+
7
+ 在 AMaster edge-function 中,从 `env` 获取参数初始化 SDK:
8
+
9
+ ```typescript
10
+ import { AdminSDK } from "npm:@amaster.ai/admin-sdk";
11
+
12
+ export default async function (request: Request, env: Env): Promise<Response> {
13
+ const admin = new AdminSDK({
14
+ appId: env.appId,
15
+ env: env.appEnv,
16
+ serviceKey: env.vars["APP_SECRET"],
17
+ });
18
+
19
+ // 权限校验
20
+ const { allow } = await admin.auth.checkPermission("user-uid", {
21
+ resource: "page",
22
+ action: "access",
23
+ });
24
+ if (!allow) return Response.json({ error: "Forbidden" }, { status: 403 });
25
+
26
+ // 创建用户
27
+ const user = await admin.users.create({
28
+ email: "new@example.com",
29
+ password: "Secure@123",
30
+ displayName: "New User",
31
+ });
32
+
33
+ return Response.json({ user });
34
+ }
35
+ ```
36
+
37
+ **参数映射**:`env.appId` → appId,`env.appEnv` → env,`env.vars["APP_SECRET"]` → serviceKey。baseURL 有默认值,可不传。
38
+
39
+ ## Installation
40
+
41
+ ```bash
42
+ pnpm add @amaster.ai/admin-sdk
43
+ # or
44
+ npm install @amaster.ai/admin-sdk
45
+ ```
46
+
47
+ ## Quick Start
48
+
49
+ ```typescript
50
+ import { AdminSDK } from "@amaster.ai/admin-sdk";
51
+
52
+ const admin = new AdminSDK({
53
+ baseURL: process.env.RUNTIME_URL || "http://localhost:3000",
54
+ appId: process.env.APP_ID!,
55
+ env: process.env.ENV || "dev",
56
+ serviceKey: process.env.SERVICE_KEY, // Required for internal API calls
57
+ });
58
+
59
+ // Check if a user can access a resource
60
+ const result = await admin.auth.checkPermission("user-uid-here", {
61
+ resource: "page",
62
+ action: "access",
63
+ resourceId: "dashboard",
64
+ });
65
+ if (!result.allow) throw new Error("Forbidden");
66
+
67
+ // Create a user
68
+ const user = await admin.users.create({
69
+ email: "new@example.com",
70
+ password: "Secure@123",
71
+ displayName: "New User",
72
+ });
73
+
74
+ // Assign a role to the user (use uid, not numeric id)
75
+ await admin.roles.assign(roleId, {
76
+ assigneeType: "user",
77
+ assigneeUid: user.uid,
78
+ });
79
+ ```
80
+
81
+ ## Environment Variables
82
+
83
+ | Variable | Description | Example |
84
+ |----------------|--------------------------------------|----------------------------|
85
+ | `RUNTIME_URL` | Runtime service base URL | `http://runtime:3000` |
86
+ | `APP_ID` | Application ID (x-tenant-id) | `d9990247` |
87
+ | `ENV` | Environment (x-env) | `dev` \| `prod` |
88
+ | `SERVICE_KEY` | Service key for internal API auth | (from Amaster console) |
89
+
90
+ ## API Overview
91
+
92
+ ### `admin.auth` — Permission checks (no user token required)
93
+
94
+ | Method | Description |
95
+ |-------------------|--------------------------------------------------|
96
+ | `checkPermission(uid, { resource, action, resourceId? })` | Check if user has permission |
97
+ | `getRules(uid)` | Get full ACL rules (roles + permissions) for a user |
98
+
99
+ ```typescript
100
+ // Single permission check
101
+ const { allow, roles, permissions } = await admin.auth.checkPermission(uid, {
102
+ resource: "order",
103
+ action: "read",
104
+ resourceId: "123", // Optional, for scope validation
105
+ });
106
+
107
+ // Batch: fetch rules once, check locally
108
+ const rules = await admin.auth.getRules(uid);
109
+ const canExport = rules.permissions.some(
110
+ (p) => p.resource === "report" && p.action === "export"
111
+ );
112
+ ```
113
+
114
+ ### `admin.users` — User CRUD
115
+
116
+ | Method | Description |
117
+ |---------------------|--------------------------------|
118
+ | `list(params?)` | List users (pagination, search)|
119
+ | `get(uid)` | Get user by UID |
120
+ | `create(params)` | Create user |
121
+ | `update(uid, params)` | Update user |
122
+ | `delete(uid)` | Delete user |
123
+
124
+ ```typescript
125
+ const { list, total } = await admin.users.list({ query: "zhang", pageSize: 20 });
126
+ const user = await admin.users.get("abc-uid");
127
+ await admin.users.update(user.uid, { displayName: "New Name" });
128
+ ```
129
+
130
+ ### `admin.roles` — Role management
131
+
132
+ | Method | Description |
133
+ |---------------------------|--------------------------------------|
134
+ | `list()` | List all roles |
135
+ | `get(id)` | Get role by ID |
136
+ | `create(params)` | Create role |
137
+ | `update(id, params)` | Update role |
138
+ | `delete(id)` | Delete role (non-system only) |
139
+ | `assign(roleId, params)` | Assign role to user/dept/team |
140
+ | `unassign(roleId, params)`| Remove assignment |
141
+ | `listAssignees(roleId)` | List assignees of a role |
142
+ | `getUserRoles(uid)` | Get roles assigned to a user |
143
+
144
+ ```typescript
145
+ // Prefer assigneeUid for users
146
+ await admin.roles.assign(roleId, {
147
+ assigneeType: "user",
148
+ assigneeUid: user.uid,
149
+ });
150
+
151
+ // For department/team/role, use assigneeId
152
+ await admin.roles.assign(roleId, {
153
+ assigneeType: "department",
154
+ assigneeId: 5,
155
+ });
156
+
157
+ const roles = await admin.roles.getUserRoles(user.uid);
158
+ ```
159
+
160
+ ### `admin.permissions` — Permission definitions and assignments
161
+
162
+ | Method | Description |
163
+ |-------------------------------------|--------------------------------------|
164
+ | `list()` | List all permissions |
165
+ | `create(params)` | Create permission |
166
+ | `update(id, params)` | Update permission |
167
+ | `delete(id)` | Delete permission |
168
+ | `listForRole(roleId)` | List permissions for a role |
169
+ | `assignToRole(roleId, params)` | Assign permission to role |
170
+ | `removeFromRole(roleId, permId)` | Remove permission from role |
171
+ | `updateRolePermissionScope(...)` | Update role-permission scope |
172
+ | `assignToUser(uid, params)` | Direct user permission (exception) |
173
+ | `removeFromUser(uid, permId)` | Remove user permission |
174
+ | `listForUser(uid)` | List user permission exceptions |
175
+ | `updateUserPermissionScope(...)` | Update user permission scope |
176
+
177
+ ```typescript
178
+ const perm = await admin.permissions.create({
179
+ resource: "order",
180
+ action: "export",
181
+ name: "导出订单",
182
+ });
183
+
184
+ await admin.permissions.assignToRole(roleId, {
185
+ permissionId: perm.id,
186
+ scopeType: "department",
187
+ });
188
+
189
+ // User-level override (bypasses role)
190
+ await admin.permissions.assignToUser(uid, {
191
+ permissionId: perm.id,
192
+ scopeType: "custom",
193
+ scopeFilter: JSON.stringify({ id: [1, 2, 3] }),
194
+ });
195
+ ```
196
+
197
+ ### `admin.departments` — Department and membership
198
+
199
+ | Method | Description |
200
+ |---------------------------|--------------------------------------|
201
+ | `list()` | List all departments |
202
+ | `get(id)` | Get department by ID |
203
+ | `create(params)` | Create department |
204
+ | `update(id, params)` | Update department |
205
+ | `delete(id)` | Delete department |
206
+ | `listUsers(id, includeChildren?)` | List department members |
207
+ | `addUser(deptId, params)` | Add user to department (use userUid) |
208
+ | `removeUser(deptId, userUid)` | Remove user from department |
209
+
210
+ ```typescript
211
+ const dept = await admin.departments.create({ name: "技术部", parentId: 1 });
212
+ await admin.departments.addUser(dept.id, {
213
+ userUid: user.uid,
214
+ position: "工程师",
215
+ isPrimary: true,
216
+ });
217
+ await admin.departments.removeUser(dept.id, user.uid);
218
+ ```
219
+
220
+ ## Deno / Edge Functions
221
+
222
+ 在 edge-function 中通过 `npm:` 导入,参数从 `env` 获取(见顶部「Edge Function 快速示例」)。
223
+
224
+ ## Identifiers: UID vs numeric ID
225
+
226
+ - **UID** (string, e.g. `"abc-123-def"`): Primary user identifier. Use for `users.get/update/delete`, `roles.assign` (assigneeUid), `departments.addUser/removeUser`, `auth.checkPermission`, `permissions.assignToUser`.
227
+ - **Numeric ID** (number): Database ID. Used for roles, permissions, departments, and role-assignee lookups. Prefer UID when the API supports it.
228
+
229
+ ## Types (AI Reference)
230
+
231
+ All types are exported from the package. Key ones:
232
+
233
+ | Type | Use case |
234
+ |------|----------|
235
+ | `AdminSDKOptions` | Constructor options |
236
+ | `CheckPermissionParams`, `CheckPermissionResult` | `auth.checkPermission` |
237
+ | `CreateUserParams`, `CreateUserResult`, `UserDetail` | User CRUD |
238
+ | `RoleAssignParams`, `Role` | Role assignment (use `assigneeUid` for users) |
239
+ | `AssignPermissionToRoleParams`, `AssignPermissionToUserParams` | Permission assignment |
240
+ | `AddDepartmentMemberParams` | Department membership (use `userUid`) |
241
+
242
+ ```typescript
243
+ import type { AdminSDKOptions, CreateUserParams, RoleAssignParams } from "@amaster.ai/admin-sdk";
244
+ ```
245
+
246
+ ## Error Handling
247
+
248
+ ```typescript
249
+ import { AdminSDK, AdminSDKError } from "@amaster.ai/admin-sdk";
250
+
251
+ try {
252
+ await admin.users.get("invalid-uid");
253
+ } catch (err) {
254
+ if (err instanceof AdminSDKError) {
255
+ console.error(err.status, err.message); // 404, "user not found"
256
+ }
257
+ }
258
+ ```
259
+
260
+ ## License
261
+
262
+ MIT
package/dist/index.cjs CHANGED
@@ -216,8 +216,8 @@ function createDepartmentsModule(request) {
216
216
  *
217
217
  * @example
218
218
  * ```typescript
219
- * await admin.departments.addUser(1, {
220
- * userId: 123,
219
+ * await admin.departments.addUser(deptId, {
220
+ * userUid: user.uid,
221
221
  * isPrimary: true,
222
222
  * position: '高级工程师',
223
223
  * });
@@ -235,7 +235,7 @@ function createDepartmentsModule(request) {
235
235
  *
236
236
  * @example
237
237
  * ```typescript
238
- * await admin.departments.removeUser(1, 123);
238
+ * await admin.departments.removeUser(deptId, user.uid);
239
239
  * ```
240
240
  */
241
241
  async removeUser(deptId, userUid) {
@@ -538,11 +538,12 @@ function createRolesModule(request) {
538
538
  },
539
539
  /**
540
540
  * Assign a role to a user, department, team, or another role.
541
+ * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).
541
542
  *
542
543
  * @example
543
544
  * ```typescript
544
- * // Assign to a user
545
- * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });
545
+ * // Assign to a user (preferred: use uid)
546
+ * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
546
547
  *
547
548
  * // Assign to an entire department
548
549
  * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });
@@ -557,10 +558,11 @@ function createRolesModule(request) {
557
558
  },
558
559
  /**
559
560
  * Remove a role assignment.
561
+ * For users, prefer assigneeUid. For department/team/role, use assigneeId.
560
562
  *
561
563
  * @example
562
564
  * ```typescript
563
- * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });
565
+ * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
564
566
  * ```
565
567
  */
566
568
  async unassign(roleId, params) {
@@ -706,7 +708,7 @@ function createUsersModule(request) {
706
708
  // src/admin-sdk.ts
707
709
  var AdminSDK = class {
708
710
  constructor(options) {
709
- const { baseURL, appId, env = "dev", serviceKey } = options;
711
+ const { baseURL = "http://runtime:3000", appId, env = "dev", serviceKey } = options;
710
712
  const headers = {
711
713
  "x-tenant-id": appId,
712
714
  "x-env": env
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/error.ts","../src/http.ts","../src/modules/auth.ts","../src/modules/departments.ts","../src/modules/permissions.ts","../src/modules/roles.ts","../src/modules/users.ts","../src/admin-sdk.ts"],"names":[],"mappings":";;;AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,WAAA,CACE,OAAA,EACgB,UAAA,EACA,QAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAHG,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AAAA,EACd;AACF;;;ACgBO,SAAS,gBAAA,CACd,SACA,aAAA,EACW;AACX,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AAEhD,EAAA,OAAO,eAAe,QAAW,OAAA,EAAqC;AACpE,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,IAAA,EAAM,OAAM,GAAI,OAAA;AAEtC,IAAA,IAAI,MAAM,cAAA,GAAiB,IAAA;AAE3B,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAChD,QAAA,IAAI,UAAU,MAAA,EAAW;AACvB,UAAA,MAAA,CAAO,GAAA,CAAI,GAAA,EAAK,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,QAC/B;AAAA,MACF;AACA,MAAA,MAAM,EAAA,GAAK,OAAO,QAAA,EAAS;AAC3B,MAAA,IAAI,EAAA,SAAW,GAAA,GAAM,EAAA;AAAA,IACvB;AAEA,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,EAAK;AAAA,MAC3B,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAM,IAAA,KAAS,MAAA,GAAY,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,GAAI;AAAA,KACnD,CAAA;AAED,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,IAAI,IAAA,EAAK;AAAA,IACxB,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,CAAA,8BAAA,EAAiC,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,QAC/C,GAAA,CAAI;AAAA,OACN;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,GAAA,EAAK,OAAA,IAAW,CAAA,2BAAA,EAA8B,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,QACxD,GAAA,CAAI,MAAA;AAAA,QACJ;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAQ,IAAA,CAA4B,IAAA;AAAA,EACtC,CAAA;AACF;;;ACxEO,SAAS,iBAAiB,OAAA,EAAoB;AACnD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAkBL,MAAM,eAAA,CACJ,GAAA,EACA,MAAA,EACgC;AAChC,MAAA,OAAO,OAAA,CAA+B;AAAA,QACpC,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,6BAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAA,EAAK,GAAG,MAAA;AAAO,OACxB,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAsBA,MAAM,SAAS,GAAA,EAAgC;AAC7C,MAAA,OAAO,OAAA,CAAkB;AAAA,QACvB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,yBAAA;AAAA,QACN,KAAA,EAAO,EAAE,GAAA;AAAI,OACd,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxDO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAAiC;AACzC,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,+BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,CAAA;AAAA,QACzC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,SAAA,CACJ,EAAA,EACA,eAAA,GAAkB,KAAA,EACW;AAC7B,MAAA,OAAO,OAAA,CAA4B;AAAA,QACjC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,MAAA,CAAA;AAAA,QACzC,KAAA,EAAO,EAAE,gBAAA,EAAkB,eAAA;AAAgB,OAC5C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,MAAM,CAAA,MAAA,CAAA;AAAA,QAC7C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,UAAA,CAAW,MAAA,EAAgB,OAAA,EAAgC;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,8BAAA,EAAiC,MAAM,CAAA,OAAA,EAAU,OAAO,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7IO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,gCAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA,CAAA;AAAA,QAC1C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA;AAAA,OAC3C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,MAAA,EAA2C;AAC3D,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAqBA,MAAM,YAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,MAAA,EAAgB,MAAA,EAA+B;AAClE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAYA,MAAM,yBAAA,CACJ,MAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC9D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAgBA,MAAM,YAAA,CACJ,GAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA,CAAA;AAAA,QACrC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,GAAA,EAAa,MAAA,EAA+B;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC5D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,GAAA,EAAiD;AACjE,MAAA,OAAO,OAAA,CAAmC;AAAA,QACxC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA;AAAA,OACtC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,yBAAA,CACJ,GAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC3D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxOO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAAwB;AAC5B,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAA2B;AACnC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAyC;AACpD,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,0BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAAyC;AAChE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA,CAAA;AAAA,QACpC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,MAAA,EAAgB,MAAA,EAAyC;AACpE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,OAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,QAAA,CAAS,MAAA,EAAgB,MAAA,EAAyC;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,SAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,cAAc,MAAA,EAAyC;AAC3D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,UAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,aAAa,GAAA,EAA8B;AAC/C,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,MAAA;AAAA,OACtC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC3JO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaL,MAAM,IAAA,CAAK,MAAA,GAAyB,EAAC,EAA4B;AAC/D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,MAAM,MAAA,CAAO,IAAA;AAAA,UACb,UAAU,MAAA,CAAO,QAAA;AAAA,UACjB,OAAO,MAAA,CAAO;AAAA;AAChB,OACD,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,IAAI,GAAA,EAAkC;AAC1C,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,GAAA,EAAa,MAAA,EAAqD;AAC7E,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA,CAAA;AAAA,QAChC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,GAAA,EAA4B;AACvC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACrGO,IAAM,WAAN,MAAe;AAAA,EAYpB,YAAY,OAAA,EAA0B;AACpC,IAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAO,GAAA,GAAM,KAAA,EAAO,YAAW,GAAI,OAAA;AAEpD,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAAS;AAAA,KACX;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,UAAA;AAC3B,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,MAAA;AAAA,IAC7B;AAEA,IAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,EAAS,OAAO,CAAA;AAEjD,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAiB,OAAO,CAAA;AACpC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAClD,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAAA,EACpD;AACF","file":"index.cjs","sourcesContent":["export class AdminSDKError extends Error {\n constructor(\n message: string,\n public readonly statusCode: number,\n public readonly response?: unknown,\n ) {\n super(message);\n this.name = \"AdminSDKError\";\n }\n}\n","import { AdminSDKError } from \"./error\";\n\nexport interface RequestOptions {\n method: \"GET\" | \"POST\" | \"PUT\" | \"DELETE\" | \"PATCH\";\n path: string;\n body?: unknown;\n query?: Record<string, string | number | boolean | undefined>;\n}\n\nexport type RequestFn = <T>(options: RequestOptions) => Promise<T>;\n\n/** Runtime response envelope: { data, statusCode, message } */\ninterface RuntimeEnvelope<T> {\n data: T;\n statusCode: number;\n message?: string;\n}\n\n/** Runtime error envelope */\ninterface RuntimeError {\n statusCode: number;\n message: string;\n error?: string;\n}\n\nexport function createHttpClient(\n baseURL: string,\n commonHeaders: Record<string, string>,\n): RequestFn {\n const normalizedBase = baseURL.replace(/\\/$/, \"\");\n\n return async function request<T>(options: RequestOptions): Promise<T> {\n const { method, path, body, query } = options;\n\n let url = normalizedBase + path;\n\n if (query) {\n const params = new URLSearchParams();\n for (const [key, value] of Object.entries(query)) {\n if (value !== undefined) {\n params.set(key, String(value));\n }\n }\n const qs = params.toString();\n if (qs) url += \"?\" + qs;\n }\n\n const headers: Record<string, string> = {\n \"Content-Type\": \"application/json\",\n ...commonHeaders,\n };\n\n const res = await fetch(url, {\n method,\n headers,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n let json: unknown;\n try {\n json = await res.json();\n } catch {\n throw new AdminSDKError(\n `Failed to parse response from ${method} ${path}`,\n res.status,\n );\n }\n\n if (!res.ok) {\n const err = json as RuntimeError;\n throw new AdminSDKError(\n err?.message ?? `Request failed with status ${res.status}`,\n res.status,\n json,\n );\n }\n\n return (json as RuntimeEnvelope<T>).data;\n };\n}\n","import type { RequestFn } from \"../http\";\nimport type {\n AclRules,\n CheckPermissionParams,\n CheckPermissionResult,\n} from \"../types\";\n\nexport function createAuthModule(request: RequestFn) {\n return {\n /**\n * Check whether a user has a specific permission.\n *\n * Uses the Service Key to query on behalf of any user by UID —\n * no user token required.\n *\n * @example\n * ```typescript\n * // Check if user can access the dashboard page\n * const result = await admin.auth.checkPermission('u-123456', {\n * resource: 'page',\n * action: 'access',\n * resourceId: 'dashboard',\n * });\n * if (!result.allow) throw new Error('Forbidden');\n * ```\n */\n async checkPermission(\n uid: string,\n params: CheckPermissionParams,\n ): Promise<CheckPermissionResult> {\n return request<CheckPermissionResult>({\n method: \"POST\",\n path: \"/api/internal/acl/authorize\",\n body: { uid, ...params },\n });\n },\n\n /**\n * Get all ACL rules for a user.\n *\n * Returns the full set of permissions and roles. Useful when you need\n * to perform multiple permission checks locally without making repeated\n * network calls.\n *\n * @example\n * ```typescript\n * const rules = await admin.auth.getRules('u-123456');\n *\n * // Check roles\n * if (rules.roles.includes('admin')) { ... }\n *\n * // Check multiple permissions locally\n * const canRead = rules.permissions.some(\n * p => p.resource === 'order' && p.action === 'read'\n * );\n * ```\n */\n async getRules(uid: string): Promise<AclRules> {\n return request<AclRules>({\n method: \"GET\",\n path: \"/api/internal/acl/rules\",\n query: { uid },\n });\n },\n };\n}\n\nexport type AuthModule = ReturnType<typeof createAuthModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AddDepartmentMemberParams,\n CreateDepartmentParams,\n Department,\n DepartmentMember,\n UpdateDepartmentParams,\n} from \"../types\";\n\nexport function createDepartmentsModule(request: RequestFn) {\n return {\n /**\n * List all departments (flat list).\n *\n * @example\n * ```typescript\n * const depts = await admin.departments.list();\n * const techDept = depts.find(d => d.name === '技术部');\n * ```\n */\n async list(): Promise<Department[]> {\n return request<Department[]>({\n method: \"GET\",\n path: \"/api/internal/org/departments\",\n });\n },\n\n /**\n * Get a single department by ID.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.get(1);\n * ```\n */\n async get(id: number): Promise<Department> {\n return request<Department>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * Create a new department.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.create({\n * name: '测试组',\n * parentId: 1,\n * });\n * ```\n */\n async create(params: CreateDepartmentParams): Promise<Department> {\n return request<Department>({\n method: \"POST\",\n path: \"/api/internal/org/departments\",\n body: params,\n });\n },\n\n /**\n * Update a department.\n *\n * @example\n * ```typescript\n * await admin.departments.update(3, { name: '质量保证组' });\n * ```\n */\n async update(id: number, params: UpdateDepartmentParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/org/departments/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a department.\n * Note: departments with sub-departments or assigned users cannot be deleted directly.\n *\n * @example\n * ```typescript\n * await admin.departments.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * List members of a department.\n *\n * @param includeChildren - Whether to include members from sub-departments. Defaults to false.\n *\n * @example\n * ```typescript\n * const members = await admin.departments.listUsers(1);\n * const allMembers = await admin.departments.listUsers(1, true);\n * ```\n */\n async listUsers(\n id: number,\n includeChildren = false,\n ): Promise<DepartmentMember[]> {\n return request<DepartmentMember[]>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}/users`,\n query: { include_children: includeChildren },\n });\n },\n\n /**\n * Add a user to a department.\n *\n * @example\n * ```typescript\n * await admin.departments.addUser(1, {\n * userId: 123,\n * isPrimary: true,\n * position: '高级工程师',\n * });\n * ```\n */\n async addUser(\n deptId: number,\n params: AddDepartmentMemberParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/org/departments/${deptId}/users`,\n body: params,\n });\n },\n\n /**\n * Remove a user from a department.\n *\n * @example\n * ```typescript\n * await admin.departments.removeUser(1, 123);\n * ```\n */\n async removeUser(deptId: number, userUid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${deptId}/users/${userUid}`,\n });\n },\n };\n}\n\nexport type DepartmentsModule = ReturnType<typeof createDepartmentsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AssignPermissionToRoleParams,\n AssignPermissionToUserParams,\n CreatePermissionParams,\n Permission,\n RolePermission,\n UpdatePermissionParams,\n UpdatePermissionScopeParams,\n UserPermissionException,\n} from \"../types\";\n\nexport function createPermissionsModule(request: RequestFn) {\n return {\n /**\n * List all defined permissions.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.list();\n * const orderRead = perms.find(p => p.resource === 'order' && p.action === 'read');\n * ```\n */\n async list(): Promise<Permission[]> {\n return request<Permission[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/permissions\",\n });\n },\n\n /**\n * Create a new permission definition.\n *\n * @example\n * ```typescript\n * const perm = await admin.permissions.create({\n * resource: 'order',\n * action: 'export',\n * name: '导出订单',\n * });\n * ```\n */\n async create(params: CreatePermissionParams): Promise<Permission> {\n return request<Permission>({\n method: \"POST\",\n path: \"/api/internal/rbac/permissions\",\n body: params,\n });\n },\n\n /**\n * Update a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.update(10, { name: '导出报表' });\n * ```\n */\n async update(id: number, params: UpdatePermissionParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/permissions/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.delete(10);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/permissions/${id}`,\n });\n },\n\n /**\n * List all permissions assigned to a role.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.listForRole(roleId);\n * ```\n */\n async listForRole(roleId: number): Promise<RolePermission[]> {\n return request<RolePermission[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n });\n },\n\n /**\n * Assign a permission to a role with a data scope.\n *\n * @example\n * ```typescript\n * // Department-scoped permission\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n *\n * // Custom whitelist scope\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 20,\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [1, 2, 3] }),\n * });\n * ```\n */\n async assignToRole(\n roleId: number,\n params: AssignPermissionToRoleParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a permission from a role.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromRole(roleId, permId);\n * ```\n */\n async removeFromRole(roleId: number, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n });\n },\n\n /**\n * Update the data scope of a role–permission assignment.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateRolePermissionScope(roleId, permId, {\n * scopeType: 'all',\n * });\n * ```\n */\n async updateRolePermissionScope(\n roleId: number,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n body: params,\n });\n },\n\n /**\n * Assign a direct (user-level) permission exception to a user.\n *\n * This bypasses role-based assignment and gives the user a direct\n * data-scope override for the specified permission.\n *\n * @example\n * ```typescript\n * await admin.permissions.assignToUser('u-123456', {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n * ```\n */\n async assignToUser(\n uid: string,\n params: AssignPermissionToUserParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a direct permission exception from a user.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromUser('u-123456', permId);\n * ```\n */\n async removeFromUser(uid: string, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n });\n },\n\n /**\n * List permission exceptions for a specific user.\n *\n * @example\n * ```typescript\n * const exceptions = await admin.permissions.listForUser('u-123456');\n * ```\n */\n async listForUser(uid: string): Promise<UserPermissionException[]> {\n return request<UserPermissionException[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n });\n },\n\n /**\n * Update the data scope of a user-level permission exception.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateUserPermissionScope('u-123456', permId, {\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [10, 20] }),\n * });\n * ```\n */\n async updateUserPermissionScope(\n uid: string,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n body: params,\n });\n },\n };\n}\n\nexport type PermissionsModule = ReturnType<typeof createPermissionsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateRoleParams,\n Role,\n RoleAssignee,\n RoleAssignParams,\n UpdateRoleParams,\n} from \"../types\";\n\nexport function createRolesModule(request: RequestFn) {\n return {\n /**\n * List all roles.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.list();\n * const managerRole = roles.find(r => r.code === 'manager');\n * ```\n */\n async list(): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/roles\",\n });\n },\n\n /**\n * Get a role by its numeric ID.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.get(1);\n * ```\n */\n async get(id: number): Promise<Role> {\n return request<Role>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Create a new role.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.create({\n * code: 'editor',\n * displayName: '编辑',\n * description: '负责内容编辑',\n * });\n * ```\n */\n async create(params: CreateRoleParams): Promise<Role> {\n return request<Role>({\n method: \"POST\",\n path: \"/api/internal/rbac/roles\",\n body: params,\n });\n },\n\n /**\n * Update a role.\n * Note: system roles (isSystem=true) cannot be modified.\n *\n * @example\n * ```typescript\n * await admin.roles.update(3, { displayName: '高级编辑' });\n * ```\n */\n async update(id: number, params: UpdateRoleParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a role.\n * Note: system roles cannot be deleted.\n *\n * @example\n * ```typescript\n * await admin.roles.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Assign a role to a user, department, team, or another role.\n *\n * @example\n * ```typescript\n * // Assign to a user\n * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });\n *\n * // Assign to an entire department\n * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });\n * ```\n */\n async assign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/assign`,\n body: params,\n });\n },\n\n /**\n * Remove a role assignment.\n *\n * @example\n * ```typescript\n * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });\n * ```\n */\n async unassign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/unassign`,\n body: params,\n });\n },\n\n /**\n * List all assignees (users, departments, etc.) for a role.\n *\n * @example\n * ```typescript\n * const assignees = await admin.roles.listAssignees(roleId);\n * const users = assignees.filter(a => a.assigneeType === 'user');\n * ```\n */\n async listAssignees(roleId: number): Promise<RoleAssignee[]> {\n return request<RoleAssignee[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/assignees`,\n });\n },\n\n /**\n * Get all roles assigned to a user (by UID).\n *\n * Useful in Edge Functions to check what roles a user currently holds\n * without making a full ACL check.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.getUserRoles('u-123456');\n * if (roles.some(r => r.code === 'admin')) { ... }\n * ```\n */\n async getUserRoles(uid: string): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/roles`,\n });\n },\n };\n}\n\nexport type RolesModule = ReturnType<typeof createRolesModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateUserParams,\n CreateUserResult,\n UpdateUserParams,\n UpdateUserResult,\n UserDetail,\n UserListParams,\n UserListResult,\n} from \"../types\";\n\nexport function createUsersModule(request: RequestFn) {\n return {\n /**\n * List users with optional search and pagination.\n *\n * @example\n * ```typescript\n * const result = await admin.users.list({ query: 'zhang', pageSize: 50 });\n * console.log(`Total: ${result.total}`);\n * for (const user of result.list) {\n * console.log(user.email);\n * }\n * ```\n */\n async list(params: UserListParams = {}): Promise<UserListResult> {\n return request<UserListResult>({\n method: \"GET\",\n path: \"/api/internal/users\",\n query: {\n page: params.page,\n pageSize: params.pageSize,\n query: params.query,\n },\n });\n },\n\n /**\n * Get a single user by UID.\n *\n * @example\n * ```typescript\n * const user = await admin.users.get('u-123456');\n * console.log(user.email);\n * ```\n */\n async get(uid: string): Promise<UserDetail> {\n return request<UserDetail>({\n method: \"GET\",\n path: `/api/internal/users/${uid}`,\n });\n },\n\n /**\n * Create a new user.\n * At least one of username / email / phone must be provided.\n *\n * @example\n * ```typescript\n * const user = await admin.users.create({\n * email: 'user@example.com',\n * password: 'Secure@123',\n * displayName: '张三',\n * });\n * ```\n */\n async create(params: CreateUserParams): Promise<CreateUserResult> {\n return request<CreateUserResult>({\n method: \"POST\",\n path: \"/api/internal/users\",\n body: params,\n });\n },\n\n /**\n * Update an existing user.\n *\n * @example\n * ```typescript\n * // Reset password\n * await admin.users.update('u-123456', { password: 'NewSecure@456' });\n *\n * // Grant super admin\n * await admin.users.update('u-123456', { isSuperAdmin: true });\n * ```\n */\n async update(uid: string, params: UpdateUserParams): Promise<UpdateUserResult> {\n return request<UpdateUserResult>({\n method: \"PUT\",\n path: `/api/internal/users/${uid}`,\n body: params,\n });\n },\n\n /**\n * Delete a user.\n *\n * @example\n * ```typescript\n * await admin.users.delete('u-123456');\n * ```\n */\n async delete(uid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/users/${uid}`,\n });\n },\n };\n}\n\nexport type UsersModule = ReturnType<typeof createUsersModule>;\n","import { createHttpClient } from \"./http\";\nimport { createAuthModule } from \"./modules/auth\";\nimport { createDepartmentsModule } from \"./modules/departments\";\nimport { createPermissionsModule } from \"./modules/permissions\";\nimport { createRolesModule } from \"./modules/roles\";\nimport { createUsersModule } from \"./modules/users\";\nimport type { AdminSDKOptions } from \"./types\";\n\nexport class AdminSDK {\n /** Check and query user permissions without requiring a user token */\n readonly auth: ReturnType<typeof createAuthModule>;\n /** User CRUD operations */\n readonly users: ReturnType<typeof createUsersModule>;\n /** Role management and assignment */\n readonly roles: ReturnType<typeof createRolesModule>;\n /** Permission definitions and role/user permission scopes */\n readonly permissions: ReturnType<typeof createPermissionsModule>;\n /** Department management and membership */\n readonly departments: ReturnType<typeof createDepartmentsModule>;\n\n constructor(options: AdminSDKOptions) {\n const { baseURL, appId, env = \"dev\", serviceKey } = options;\n\n const headers: Record<string, string> = {\n \"x-tenant-id\": appId,\n \"x-env\": env,\n };\n\n if (serviceKey) {\n headers[\"X-Service-Key\"] = serviceKey;\n headers[\"X-Bypass-Auth\"] = \"true\";\n }\n\n const request = createHttpClient(baseURL, headers);\n\n this.auth = createAuthModule(request);\n this.users = createUsersModule(request);\n this.roles = createRolesModule(request);\n this.permissions = createPermissionsModule(request);\n this.departments = createDepartmentsModule(request);\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/error.ts","../src/http.ts","../src/modules/auth.ts","../src/modules/departments.ts","../src/modules/permissions.ts","../src/modules/roles.ts","../src/modules/users.ts","../src/admin-sdk.ts"],"names":[],"mappings":";;;AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,WAAA,CACE,OAAA,EACgB,UAAA,EACA,QAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAHG,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AAAA,EACd;AACF;;;ACgBO,SAAS,gBAAA,CACd,SACA,aAAA,EACW;AACX,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AAEhD,EAAA,OAAO,eAAe,QAAW,OAAA,EAAqC;AACpE,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,IAAA,EAAM,OAAM,GAAI,OAAA;AAEtC,IAAA,IAAI,MAAM,cAAA,GAAiB,IAAA;AAE3B,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAChD,QAAA,IAAI,UAAU,MAAA,EAAW;AACvB,UAAA,MAAA,CAAO,GAAA,CAAI,GAAA,EAAK,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,QAC/B;AAAA,MACF;AACA,MAAA,MAAM,EAAA,GAAK,OAAO,QAAA,EAAS;AAC3B,MAAA,IAAI,EAAA,SAAW,GAAA,GAAM,EAAA;AAAA,IACvB;AAEA,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,EAAK;AAAA,MAC3B,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAM,IAAA,KAAS,MAAA,GAAY,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,GAAI;AAAA,KACnD,CAAA;AAED,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,IAAI,IAAA,EAAK;AAAA,IACxB,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,CAAA,8BAAA,EAAiC,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,QAC/C,GAAA,CAAI;AAAA,OACN;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,GAAA,EAAK,OAAA,IAAW,CAAA,2BAAA,EAA8B,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,QACxD,GAAA,CAAI,MAAA;AAAA,QACJ;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAQ,IAAA,CAA4B,IAAA;AAAA,EACtC,CAAA;AACF;;;ACxEO,SAAS,iBAAiB,OAAA,EAAoB;AACnD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAkBL,MAAM,eAAA,CACJ,GAAA,EACA,MAAA,EACgC;AAChC,MAAA,OAAO,OAAA,CAA+B;AAAA,QACpC,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,6BAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAA,EAAK,GAAG,MAAA;AAAO,OACxB,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAsBA,MAAM,SAAS,GAAA,EAAgC;AAC7C,MAAA,OAAO,OAAA,CAAkB;AAAA,QACvB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,yBAAA;AAAA,QACN,KAAA,EAAO,EAAE,GAAA;AAAI,OACd,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxDO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAAiC;AACzC,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,+BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,CAAA;AAAA,QACzC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,SAAA,CACJ,EAAA,EACA,eAAA,GAAkB,KAAA,EACW;AAC7B,MAAA,OAAO,OAAA,CAA4B;AAAA,QACjC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,MAAA,CAAA;AAAA,QACzC,KAAA,EAAO,EAAE,gBAAA,EAAkB,eAAA;AAAgB,OAC5C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,MAAM,CAAA,MAAA,CAAA;AAAA,QAC7C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,UAAA,CAAW,MAAA,EAAgB,OAAA,EAAgC;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,8BAAA,EAAiC,MAAM,CAAA,OAAA,EAAU,OAAO,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7IO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,gCAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA,CAAA;AAAA,QAC1C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA;AAAA,OAC3C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,MAAA,EAA2C;AAC3D,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAqBA,MAAM,YAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,MAAA,EAAgB,MAAA,EAA+B;AAClE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAYA,MAAM,yBAAA,CACJ,MAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC9D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAgBA,MAAM,YAAA,CACJ,GAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA,CAAA;AAAA,QACrC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,GAAA,EAAa,MAAA,EAA+B;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC5D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,GAAA,EAAiD;AACjE,MAAA,OAAO,OAAA,CAAmC;AAAA,QACxC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA;AAAA,OACtC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,yBAAA,CACJ,GAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC3D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxOO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAAwB;AAC5B,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAA2B;AACnC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAyC;AACpD,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,0BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAAyC;AAChE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA,CAAA;AAAA,QACpC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,MAAA,CAAO,MAAA,EAAgB,MAAA,EAAyC;AACpE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,OAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,QAAA,CAAS,MAAA,EAAgB,MAAA,EAAyC;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,SAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,cAAc,MAAA,EAAyC;AAC3D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,UAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,aAAa,GAAA,EAA8B;AAC/C,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,MAAA;AAAA,OACtC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7JO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaL,MAAM,IAAA,CAAK,MAAA,GAAyB,EAAC,EAA4B;AAC/D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,MAAM,MAAA,CAAO,IAAA;AAAA,UACb,UAAU,MAAA,CAAO,QAAA;AAAA,UACjB,OAAO,MAAA,CAAO;AAAA;AAChB,OACD,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,IAAI,GAAA,EAAkC;AAC1C,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,GAAA,EAAa,MAAA,EAAqD;AAC7E,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA,CAAA;AAAA,QAChC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,GAAA,EAA4B;AACvC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACrGO,IAAM,WAAN,MAAe;AAAA,EAYpB,YAAY,OAAA,EAA0B;AACpC,IAAA,MAAM,EAAE,OAAA,GAAU,qBAAA,EAAuB,OAAO,GAAA,GAAM,KAAA,EAAO,YAAW,GAAI,OAAA;AAE5E,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAAS;AAAA,KACX;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,UAAA;AAC3B,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,MAAA;AAAA,IAC7B;AAEA,IAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,EAAS,OAAO,CAAA;AAEjD,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAiB,OAAO,CAAA;AACpC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAClD,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAAA,EACpD;AACF","file":"index.cjs","sourcesContent":["export class AdminSDKError extends Error {\n constructor(\n message: string,\n public readonly statusCode: number,\n public readonly response?: unknown,\n ) {\n super(message);\n this.name = \"AdminSDKError\";\n }\n}\n","import { AdminSDKError } from \"./error\";\n\nexport interface RequestOptions {\n method: \"GET\" | \"POST\" | \"PUT\" | \"DELETE\" | \"PATCH\";\n path: string;\n body?: unknown;\n query?: Record<string, string | number | boolean | undefined>;\n}\n\nexport type RequestFn = <T>(options: RequestOptions) => Promise<T>;\n\n/** Runtime response envelope: { data, statusCode, message } */\ninterface RuntimeEnvelope<T> {\n data: T;\n statusCode: number;\n message?: string;\n}\n\n/** Runtime error envelope */\ninterface RuntimeError {\n statusCode: number;\n message: string;\n error?: string;\n}\n\nexport function createHttpClient(\n baseURL: string,\n commonHeaders: Record<string, string>,\n): RequestFn {\n const normalizedBase = baseURL.replace(/\\/$/, \"\");\n\n return async function request<T>(options: RequestOptions): Promise<T> {\n const { method, path, body, query } = options;\n\n let url = normalizedBase + path;\n\n if (query) {\n const params = new URLSearchParams();\n for (const [key, value] of Object.entries(query)) {\n if (value !== undefined) {\n params.set(key, String(value));\n }\n }\n const qs = params.toString();\n if (qs) url += \"?\" + qs;\n }\n\n const headers: Record<string, string> = {\n \"Content-Type\": \"application/json\",\n ...commonHeaders,\n };\n\n const res = await fetch(url, {\n method,\n headers,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n let json: unknown;\n try {\n json = await res.json();\n } catch {\n throw new AdminSDKError(\n `Failed to parse response from ${method} ${path}`,\n res.status,\n );\n }\n\n if (!res.ok) {\n const err = json as RuntimeError;\n throw new AdminSDKError(\n err?.message ?? `Request failed with status ${res.status}`,\n res.status,\n json,\n );\n }\n\n return (json as RuntimeEnvelope<T>).data;\n };\n}\n","import type { RequestFn } from \"../http\";\nimport type {\n AclRules,\n CheckPermissionParams,\n CheckPermissionResult,\n} from \"../types\";\n\nexport function createAuthModule(request: RequestFn) {\n return {\n /**\n * Check whether a user has a specific permission.\n *\n * Uses the Service Key to query on behalf of any user by UID —\n * no user token required.\n *\n * @example\n * ```typescript\n * // Check if user can access the dashboard page\n * const result = await admin.auth.checkPermission('u-123456', {\n * resource: 'page',\n * action: 'access',\n * resourceId: 'dashboard',\n * });\n * if (!result.allow) throw new Error('Forbidden');\n * ```\n */\n async checkPermission(\n uid: string,\n params: CheckPermissionParams,\n ): Promise<CheckPermissionResult> {\n return request<CheckPermissionResult>({\n method: \"POST\",\n path: \"/api/internal/acl/authorize\",\n body: { uid, ...params },\n });\n },\n\n /**\n * Get all ACL rules for a user.\n *\n * Returns the full set of permissions and roles. Useful when you need\n * to perform multiple permission checks locally without making repeated\n * network calls.\n *\n * @example\n * ```typescript\n * const rules = await admin.auth.getRules('u-123456');\n *\n * // Check roles\n * if (rules.roles.includes('admin')) { ... }\n *\n * // Check multiple permissions locally\n * const canRead = rules.permissions.some(\n * p => p.resource === 'order' && p.action === 'read'\n * );\n * ```\n */\n async getRules(uid: string): Promise<AclRules> {\n return request<AclRules>({\n method: \"GET\",\n path: \"/api/internal/acl/rules\",\n query: { uid },\n });\n },\n };\n}\n\nexport type AuthModule = ReturnType<typeof createAuthModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AddDepartmentMemberParams,\n CreateDepartmentParams,\n Department,\n DepartmentMember,\n UpdateDepartmentParams,\n} from \"../types\";\n\nexport function createDepartmentsModule(request: RequestFn) {\n return {\n /**\n * List all departments (flat list).\n *\n * @example\n * ```typescript\n * const depts = await admin.departments.list();\n * const techDept = depts.find(d => d.name === '技术部');\n * ```\n */\n async list(): Promise<Department[]> {\n return request<Department[]>({\n method: \"GET\",\n path: \"/api/internal/org/departments\",\n });\n },\n\n /**\n * Get a single department by ID.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.get(1);\n * ```\n */\n async get(id: number): Promise<Department> {\n return request<Department>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * Create a new department.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.create({\n * name: '测试组',\n * parentId: 1,\n * });\n * ```\n */\n async create(params: CreateDepartmentParams): Promise<Department> {\n return request<Department>({\n method: \"POST\",\n path: \"/api/internal/org/departments\",\n body: params,\n });\n },\n\n /**\n * Update a department.\n *\n * @example\n * ```typescript\n * await admin.departments.update(3, { name: '质量保证组' });\n * ```\n */\n async update(id: number, params: UpdateDepartmentParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/org/departments/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a department.\n * Note: departments with sub-departments or assigned users cannot be deleted directly.\n *\n * @example\n * ```typescript\n * await admin.departments.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * List members of a department.\n *\n * @param includeChildren - Whether to include members from sub-departments. Defaults to false.\n *\n * @example\n * ```typescript\n * const members = await admin.departments.listUsers(1);\n * const allMembers = await admin.departments.listUsers(1, true);\n * ```\n */\n async listUsers(\n id: number,\n includeChildren = false,\n ): Promise<DepartmentMember[]> {\n return request<DepartmentMember[]>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}/users`,\n query: { include_children: includeChildren },\n });\n },\n\n /**\n * Add a user to a department.\n *\n * @example\n * ```typescript\n * await admin.departments.addUser(deptId, {\n * userUid: user.uid,\n * isPrimary: true,\n * position: '高级工程师',\n * });\n * ```\n */\n async addUser(\n deptId: number,\n params: AddDepartmentMemberParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/org/departments/${deptId}/users`,\n body: params,\n });\n },\n\n /**\n * Remove a user from a department.\n *\n * @example\n * ```typescript\n * await admin.departments.removeUser(deptId, user.uid);\n * ```\n */\n async removeUser(deptId: number, userUid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${deptId}/users/${userUid}`,\n });\n },\n };\n}\n\nexport type DepartmentsModule = ReturnType<typeof createDepartmentsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AssignPermissionToRoleParams,\n AssignPermissionToUserParams,\n CreatePermissionParams,\n Permission,\n RolePermission,\n UpdatePermissionParams,\n UpdatePermissionScopeParams,\n UserPermissionException,\n} from \"../types\";\n\nexport function createPermissionsModule(request: RequestFn) {\n return {\n /**\n * List all defined permissions.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.list();\n * const orderRead = perms.find(p => p.resource === 'order' && p.action === 'read');\n * ```\n */\n async list(): Promise<Permission[]> {\n return request<Permission[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/permissions\",\n });\n },\n\n /**\n * Create a new permission definition.\n *\n * @example\n * ```typescript\n * const perm = await admin.permissions.create({\n * resource: 'order',\n * action: 'export',\n * name: '导出订单',\n * });\n * ```\n */\n async create(params: CreatePermissionParams): Promise<Permission> {\n return request<Permission>({\n method: \"POST\",\n path: \"/api/internal/rbac/permissions\",\n body: params,\n });\n },\n\n /**\n * Update a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.update(10, { name: '导出报表' });\n * ```\n */\n async update(id: number, params: UpdatePermissionParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/permissions/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.delete(10);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/permissions/${id}`,\n });\n },\n\n /**\n * List all permissions assigned to a role.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.listForRole(roleId);\n * ```\n */\n async listForRole(roleId: number): Promise<RolePermission[]> {\n return request<RolePermission[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n });\n },\n\n /**\n * Assign a permission to a role with a data scope.\n *\n * @example\n * ```typescript\n * // Department-scoped permission\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n *\n * // Custom whitelist scope\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 20,\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [1, 2, 3] }),\n * });\n * ```\n */\n async assignToRole(\n roleId: number,\n params: AssignPermissionToRoleParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a permission from a role.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromRole(roleId, permId);\n * ```\n */\n async removeFromRole(roleId: number, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n });\n },\n\n /**\n * Update the data scope of a role–permission assignment.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateRolePermissionScope(roleId, permId, {\n * scopeType: 'all',\n * });\n * ```\n */\n async updateRolePermissionScope(\n roleId: number,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n body: params,\n });\n },\n\n /**\n * Assign a direct (user-level) permission exception to a user.\n *\n * This bypasses role-based assignment and gives the user a direct\n * data-scope override for the specified permission.\n *\n * @example\n * ```typescript\n * await admin.permissions.assignToUser('u-123456', {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n * ```\n */\n async assignToUser(\n uid: string,\n params: AssignPermissionToUserParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a direct permission exception from a user.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromUser('u-123456', permId);\n * ```\n */\n async removeFromUser(uid: string, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n });\n },\n\n /**\n * List permission exceptions for a specific user.\n *\n * @example\n * ```typescript\n * const exceptions = await admin.permissions.listForUser('u-123456');\n * ```\n */\n async listForUser(uid: string): Promise<UserPermissionException[]> {\n return request<UserPermissionException[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n });\n },\n\n /**\n * Update the data scope of a user-level permission exception.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateUserPermissionScope('u-123456', permId, {\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [10, 20] }),\n * });\n * ```\n */\n async updateUserPermissionScope(\n uid: string,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n body: params,\n });\n },\n };\n}\n\nexport type PermissionsModule = ReturnType<typeof createPermissionsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateRoleParams,\n Role,\n RoleAssignee,\n RoleAssignParams,\n UpdateRoleParams,\n} from \"../types\";\n\nexport function createRolesModule(request: RequestFn) {\n return {\n /**\n * List all roles.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.list();\n * const managerRole = roles.find(r => r.code === 'manager');\n * ```\n */\n async list(): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/roles\",\n });\n },\n\n /**\n * Get a role by its numeric ID.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.get(1);\n * ```\n */\n async get(id: number): Promise<Role> {\n return request<Role>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Create a new role.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.create({\n * code: 'editor',\n * displayName: '编辑',\n * description: '负责内容编辑',\n * });\n * ```\n */\n async create(params: CreateRoleParams): Promise<Role> {\n return request<Role>({\n method: \"POST\",\n path: \"/api/internal/rbac/roles\",\n body: params,\n });\n },\n\n /**\n * Update a role.\n * Note: system roles (isSystem=true) cannot be modified.\n *\n * @example\n * ```typescript\n * await admin.roles.update(3, { displayName: '高级编辑' });\n * ```\n */\n async update(id: number, params: UpdateRoleParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a role.\n * Note: system roles cannot be deleted.\n *\n * @example\n * ```typescript\n * await admin.roles.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Assign a role to a user, department, team, or another role.\n * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).\n *\n * @example\n * ```typescript\n * // Assign to a user (preferred: use uid)\n * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });\n *\n * // Assign to an entire department\n * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });\n * ```\n */\n async assign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/assign`,\n body: params,\n });\n },\n\n /**\n * Remove a role assignment.\n * For users, prefer assigneeUid. For department/team/role, use assigneeId.\n *\n * @example\n * ```typescript\n * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });\n * ```\n */\n async unassign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/unassign`,\n body: params,\n });\n },\n\n /**\n * List all assignees (users, departments, etc.) for a role.\n *\n * @example\n * ```typescript\n * const assignees = await admin.roles.listAssignees(roleId);\n * const users = assignees.filter(a => a.assigneeType === 'user');\n * ```\n */\n async listAssignees(roleId: number): Promise<RoleAssignee[]> {\n return request<RoleAssignee[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/assignees`,\n });\n },\n\n /**\n * Get all roles assigned to a user (by UID).\n *\n * Useful in Edge Functions to check what roles a user currently holds\n * without making a full ACL check.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.getUserRoles('u-123456');\n * if (roles.some(r => r.code === 'admin')) { ... }\n * ```\n */\n async getUserRoles(uid: string): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/roles`,\n });\n },\n };\n}\n\nexport type RolesModule = ReturnType<typeof createRolesModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateUserParams,\n CreateUserResult,\n UpdateUserParams,\n UpdateUserResult,\n UserDetail,\n UserListParams,\n UserListResult,\n} from \"../types\";\n\nexport function createUsersModule(request: RequestFn) {\n return {\n /**\n * List users with optional search and pagination.\n *\n * @example\n * ```typescript\n * const result = await admin.users.list({ query: 'zhang', pageSize: 50 });\n * console.log(`Total: ${result.total}`);\n * for (const user of result.list) {\n * console.log(user.email);\n * }\n * ```\n */\n async list(params: UserListParams = {}): Promise<UserListResult> {\n return request<UserListResult>({\n method: \"GET\",\n path: \"/api/internal/users\",\n query: {\n page: params.page,\n pageSize: params.pageSize,\n query: params.query,\n },\n });\n },\n\n /**\n * Get a single user by UID.\n *\n * @example\n * ```typescript\n * const user = await admin.users.get('u-123456');\n * console.log(user.email);\n * ```\n */\n async get(uid: string): Promise<UserDetail> {\n return request<UserDetail>({\n method: \"GET\",\n path: `/api/internal/users/${uid}`,\n });\n },\n\n /**\n * Create a new user.\n * At least one of username / email / phone must be provided.\n *\n * @example\n * ```typescript\n * const user = await admin.users.create({\n * email: 'user@example.com',\n * password: 'Secure@123',\n * displayName: '张三',\n * });\n * ```\n */\n async create(params: CreateUserParams): Promise<CreateUserResult> {\n return request<CreateUserResult>({\n method: \"POST\",\n path: \"/api/internal/users\",\n body: params,\n });\n },\n\n /**\n * Update an existing user.\n *\n * @example\n * ```typescript\n * // Reset password\n * await admin.users.update('u-123456', { password: 'NewSecure@456' });\n *\n * // Grant super admin\n * await admin.users.update('u-123456', { isSuperAdmin: true });\n * ```\n */\n async update(uid: string, params: UpdateUserParams): Promise<UpdateUserResult> {\n return request<UpdateUserResult>({\n method: \"PUT\",\n path: `/api/internal/users/${uid}`,\n body: params,\n });\n },\n\n /**\n * Delete a user.\n *\n * @example\n * ```typescript\n * await admin.users.delete('u-123456');\n * ```\n */\n async delete(uid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/users/${uid}`,\n });\n },\n };\n}\n\nexport type UsersModule = ReturnType<typeof createUsersModule>;\n","import { createHttpClient } from \"./http\";\nimport { createAuthModule } from \"./modules/auth\";\nimport { createDepartmentsModule } from \"./modules/departments\";\nimport { createPermissionsModule } from \"./modules/permissions\";\nimport { createRolesModule } from \"./modules/roles\";\nimport { createUsersModule } from \"./modules/users\";\nimport type { AdminSDKOptions } from \"./types\";\n\nexport class AdminSDK {\n /** Check and query user permissions without requiring a user token */\n readonly auth: ReturnType<typeof createAuthModule>;\n /** User CRUD operations */\n readonly users: ReturnType<typeof createUsersModule>;\n /** Role management and assignment */\n readonly roles: ReturnType<typeof createRolesModule>;\n /** Permission definitions and role/user permission scopes */\n readonly permissions: ReturnType<typeof createPermissionsModule>;\n /** Department management and membership */\n readonly departments: ReturnType<typeof createDepartmentsModule>;\n\n constructor(options: AdminSDKOptions) {\n const { baseURL = \"http://runtime:3000\", appId, env = \"dev\", serviceKey } = options;\n\n const headers: Record<string, string> = {\n \"x-tenant-id\": appId,\n \"x-env\": env,\n };\n\n if (serviceKey) {\n headers[\"X-Service-Key\"] = serviceKey;\n headers[\"X-Bypass-Auth\"] = \"true\";\n }\n\n const request = createHttpClient(baseURL, headers);\n\n this.auth = createAuthModule(request);\n this.users = createUsersModule(request);\n this.roles = createRolesModule(request);\n this.permissions = createPermissionsModule(request);\n this.departments = createDepartmentsModule(request);\n }\n}\n"]}
package/dist/index.d.cts CHANGED
@@ -6,9 +6,20 @@ interface RequestOptions {
6
6
  }
7
7
  type RequestFn = <T>(options: RequestOptions) => Promise<T>;
8
8
 
9
+ /**
10
+ * @packageDocumentation
11
+ * @module @amaster.ai/admin-sdk
12
+ *
13
+ * Type definitions for the Amaster Admin SDK.
14
+ *
15
+ * ## Identifiers (AI Quick Reference)
16
+ * - **uid** (string): Primary user identifier. Use for users.get/update/delete, roles.assign(assigneeUid),
17
+ * departments.addUser/removeUser, auth.checkPermission, permissions.assignToUser.
18
+ * - **id** (number): Database ID for roles, permissions, departments. Use for roles.get, permissions.listForRole, etc.
19
+ */
9
20
  interface AdminSDKOptions {
10
- /** Runtime service base URL, e.g. http://runtime:3000 */
11
- baseURL: string;
21
+ /** Runtime service base URL. Defaults to http://runtime:3000 in edge-function */
22
+ baseURL?: string;
12
23
  /** Application ID, sent as x-tenant-id header */
13
24
  appId: string;
14
25
  /** Environment identifier, sent as x-env header. Defaults to "dev" */
@@ -120,8 +131,10 @@ interface UpdateUserResult {
120
131
  interface Role {
121
132
  id: number;
122
133
  code: string;
123
- displayName: string;
124
- description: string;
134
+ /** May be null if not set */
135
+ displayName: string | null;
136
+ /** May be null if not set */
137
+ description: string | null;
125
138
  isSystem: boolean;
126
139
  createdAt: string;
127
140
  }
@@ -167,10 +180,12 @@ interface RoleAssignee {
167
180
  }
168
181
  interface Permission {
169
182
  id: number;
170
- name: string;
183
+ /** May be null if not set */
184
+ name: string | null;
171
185
  resource: string;
172
186
  action: string;
173
- description: string;
187
+ /** May be null if not set */
188
+ description: string | null;
174
189
  sourceType: string;
175
190
  createdAt: string;
176
191
  }
@@ -377,8 +392,8 @@ declare function createDepartmentsModule(request: RequestFn): {
377
392
  *
378
393
  * @example
379
394
  * ```typescript
380
- * await admin.departments.addUser(1, {
381
- * userId: 123,
395
+ * await admin.departments.addUser(deptId, {
396
+ * userUid: user.uid,
382
397
  * isPrimary: true,
383
398
  * position: '高级工程师',
384
399
  * });
@@ -390,7 +405,7 @@ declare function createDepartmentsModule(request: RequestFn): {
390
405
  *
391
406
  * @example
392
407
  * ```typescript
393
- * await admin.departments.removeUser(1, 123);
408
+ * await admin.departments.removeUser(deptId, user.uid);
394
409
  * ```
395
410
  */
396
411
  removeUser(deptId: number, userUid: string): Promise<void>;
@@ -589,11 +604,12 @@ declare function createRolesModule(request: RequestFn): {
589
604
  delete(id: number): Promise<void>;
590
605
  /**
591
606
  * Assign a role to a user, department, team, or another role.
607
+ * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).
592
608
  *
593
609
  * @example
594
610
  * ```typescript
595
- * // Assign to a user
596
- * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });
611
+ * // Assign to a user (preferred: use uid)
612
+ * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
597
613
  *
598
614
  * // Assign to an entire department
599
615
  * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });
@@ -602,10 +618,11 @@ declare function createRolesModule(request: RequestFn): {
602
618
  assign(roleId: number, params: RoleAssignParams): Promise<void>;
603
619
  /**
604
620
  * Remove a role assignment.
621
+ * For users, prefer assigneeUid. For department/team/role, use assigneeId.
605
622
  *
606
623
  * @example
607
624
  * ```typescript
608
- * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });
625
+ * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
609
626
  * ```
610
627
  */
611
628
  unassign(roleId: number, params: RoleAssignParams): Promise<void>;
@@ -716,4 +733,4 @@ declare class AdminSDKError extends Error {
716
733
  constructor(message: string, statusCode: number, response?: unknown | undefined);
717
734
  }
718
735
 
719
- export { type AclRules, type AddDepartmentMemberParams, AdminSDK, AdminSDKError, type AdminSDKOptions, type AssignPermissionToRoleParams, type AssigneeType, type CheckPermissionParams, type CheckPermissionResult, type CreateDepartmentParams, type CreatePermissionParams, type CreateRoleParams, type CreateUserParams, type CreateUserResult, type Department, type DepartmentMember, type Permission, type Role, type RoleAssignParams, type RoleAssignee, type RolePermission, type ScopeType, type UpdateDepartmentParams, type UpdatePermissionParams, type UpdatePermissionScopeParams, type UpdateRoleParams, type UpdateUserParams, type UpdateUserResult, type UserDetail, type UserListItem, type UserListParams, type UserListResult, type UserPermissionException };
736
+ export { type AclRules, type AddDepartmentMemberParams, AdminSDK, AdminSDKError, type AdminSDKOptions, type AssignPermissionToRoleParams, type AssignPermissionToUserParams, type AssigneeType, type CheckPermissionParams, type CheckPermissionResult, type CreateDepartmentParams, type CreatePermissionParams, type CreateRoleParams, type CreateUserParams, type CreateUserResult, type Department, type DepartmentMember, type Permission, type Role, type RoleAssignParams, type RoleAssignee, type RolePermission, type ScopeType, type UpdateDepartmentParams, type UpdatePermissionParams, type UpdatePermissionScopeParams, type UpdateRoleParams, type UpdateUserParams, type UpdateUserResult, type UserDetail, type UserListItem, type UserListParams, type UserListResult, type UserPermissionException };
package/dist/index.d.ts CHANGED
@@ -6,9 +6,20 @@ interface RequestOptions {
6
6
  }
7
7
  type RequestFn = <T>(options: RequestOptions) => Promise<T>;
8
8
 
9
+ /**
10
+ * @packageDocumentation
11
+ * @module @amaster.ai/admin-sdk
12
+ *
13
+ * Type definitions for the Amaster Admin SDK.
14
+ *
15
+ * ## Identifiers (AI Quick Reference)
16
+ * - **uid** (string): Primary user identifier. Use for users.get/update/delete, roles.assign(assigneeUid),
17
+ * departments.addUser/removeUser, auth.checkPermission, permissions.assignToUser.
18
+ * - **id** (number): Database ID for roles, permissions, departments. Use for roles.get, permissions.listForRole, etc.
19
+ */
9
20
  interface AdminSDKOptions {
10
- /** Runtime service base URL, e.g. http://runtime:3000 */
11
- baseURL: string;
21
+ /** Runtime service base URL. Defaults to http://runtime:3000 in edge-function */
22
+ baseURL?: string;
12
23
  /** Application ID, sent as x-tenant-id header */
13
24
  appId: string;
14
25
  /** Environment identifier, sent as x-env header. Defaults to "dev" */
@@ -120,8 +131,10 @@ interface UpdateUserResult {
120
131
  interface Role {
121
132
  id: number;
122
133
  code: string;
123
- displayName: string;
124
- description: string;
134
+ /** May be null if not set */
135
+ displayName: string | null;
136
+ /** May be null if not set */
137
+ description: string | null;
125
138
  isSystem: boolean;
126
139
  createdAt: string;
127
140
  }
@@ -167,10 +180,12 @@ interface RoleAssignee {
167
180
  }
168
181
  interface Permission {
169
182
  id: number;
170
- name: string;
183
+ /** May be null if not set */
184
+ name: string | null;
171
185
  resource: string;
172
186
  action: string;
173
- description: string;
187
+ /** May be null if not set */
188
+ description: string | null;
174
189
  sourceType: string;
175
190
  createdAt: string;
176
191
  }
@@ -377,8 +392,8 @@ declare function createDepartmentsModule(request: RequestFn): {
377
392
  *
378
393
  * @example
379
394
  * ```typescript
380
- * await admin.departments.addUser(1, {
381
- * userId: 123,
395
+ * await admin.departments.addUser(deptId, {
396
+ * userUid: user.uid,
382
397
  * isPrimary: true,
383
398
  * position: '高级工程师',
384
399
  * });
@@ -390,7 +405,7 @@ declare function createDepartmentsModule(request: RequestFn): {
390
405
  *
391
406
  * @example
392
407
  * ```typescript
393
- * await admin.departments.removeUser(1, 123);
408
+ * await admin.departments.removeUser(deptId, user.uid);
394
409
  * ```
395
410
  */
396
411
  removeUser(deptId: number, userUid: string): Promise<void>;
@@ -589,11 +604,12 @@ declare function createRolesModule(request: RequestFn): {
589
604
  delete(id: number): Promise<void>;
590
605
  /**
591
606
  * Assign a role to a user, department, team, or another role.
607
+ * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).
592
608
  *
593
609
  * @example
594
610
  * ```typescript
595
- * // Assign to a user
596
- * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });
611
+ * // Assign to a user (preferred: use uid)
612
+ * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
597
613
  *
598
614
  * // Assign to an entire department
599
615
  * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });
@@ -602,10 +618,11 @@ declare function createRolesModule(request: RequestFn): {
602
618
  assign(roleId: number, params: RoleAssignParams): Promise<void>;
603
619
  /**
604
620
  * Remove a role assignment.
621
+ * For users, prefer assigneeUid. For department/team/role, use assigneeId.
605
622
  *
606
623
  * @example
607
624
  * ```typescript
608
- * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });
625
+ * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
609
626
  * ```
610
627
  */
611
628
  unassign(roleId: number, params: RoleAssignParams): Promise<void>;
@@ -716,4 +733,4 @@ declare class AdminSDKError extends Error {
716
733
  constructor(message: string, statusCode: number, response?: unknown | undefined);
717
734
  }
718
735
 
719
- export { type AclRules, type AddDepartmentMemberParams, AdminSDK, AdminSDKError, type AdminSDKOptions, type AssignPermissionToRoleParams, type AssigneeType, type CheckPermissionParams, type CheckPermissionResult, type CreateDepartmentParams, type CreatePermissionParams, type CreateRoleParams, type CreateUserParams, type CreateUserResult, type Department, type DepartmentMember, type Permission, type Role, type RoleAssignParams, type RoleAssignee, type RolePermission, type ScopeType, type UpdateDepartmentParams, type UpdatePermissionParams, type UpdatePermissionScopeParams, type UpdateRoleParams, type UpdateUserParams, type UpdateUserResult, type UserDetail, type UserListItem, type UserListParams, type UserListResult, type UserPermissionException };
736
+ export { type AclRules, type AddDepartmentMemberParams, AdminSDK, AdminSDKError, type AdminSDKOptions, type AssignPermissionToRoleParams, type AssignPermissionToUserParams, type AssigneeType, type CheckPermissionParams, type CheckPermissionResult, type CreateDepartmentParams, type CreatePermissionParams, type CreateRoleParams, type CreateUserParams, type CreateUserResult, type Department, type DepartmentMember, type Permission, type Role, type RoleAssignParams, type RoleAssignee, type RolePermission, type ScopeType, type UpdateDepartmentParams, type UpdatePermissionParams, type UpdatePermissionScopeParams, type UpdateRoleParams, type UpdateUserParams, type UpdateUserResult, type UserDetail, type UserListItem, type UserListParams, type UserListResult, type UserPermissionException };
package/dist/index.js CHANGED
@@ -214,8 +214,8 @@ function createDepartmentsModule(request) {
214
214
  *
215
215
  * @example
216
216
  * ```typescript
217
- * await admin.departments.addUser(1, {
218
- * userId: 123,
217
+ * await admin.departments.addUser(deptId, {
218
+ * userUid: user.uid,
219
219
  * isPrimary: true,
220
220
  * position: '高级工程师',
221
221
  * });
@@ -233,7 +233,7 @@ function createDepartmentsModule(request) {
233
233
  *
234
234
  * @example
235
235
  * ```typescript
236
- * await admin.departments.removeUser(1, 123);
236
+ * await admin.departments.removeUser(deptId, user.uid);
237
237
  * ```
238
238
  */
239
239
  async removeUser(deptId, userUid) {
@@ -536,11 +536,12 @@ function createRolesModule(request) {
536
536
  },
537
537
  /**
538
538
  * Assign a role to a user, department, team, or another role.
539
+ * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).
539
540
  *
540
541
  * @example
541
542
  * ```typescript
542
- * // Assign to a user
543
- * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });
543
+ * // Assign to a user (preferred: use uid)
544
+ * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
544
545
  *
545
546
  * // Assign to an entire department
546
547
  * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });
@@ -555,10 +556,11 @@ function createRolesModule(request) {
555
556
  },
556
557
  /**
557
558
  * Remove a role assignment.
559
+ * For users, prefer assigneeUid. For department/team/role, use assigneeId.
558
560
  *
559
561
  * @example
560
562
  * ```typescript
561
- * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });
563
+ * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });
562
564
  * ```
563
565
  */
564
566
  async unassign(roleId, params) {
@@ -704,7 +706,7 @@ function createUsersModule(request) {
704
706
  // src/admin-sdk.ts
705
707
  var AdminSDK = class {
706
708
  constructor(options) {
707
- const { baseURL, appId, env = "dev", serviceKey } = options;
709
+ const { baseURL = "http://runtime:3000", appId, env = "dev", serviceKey } = options;
708
710
  const headers = {
709
711
  "x-tenant-id": appId,
710
712
  "x-env": env
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/error.ts","../src/http.ts","../src/modules/auth.ts","../src/modules/departments.ts","../src/modules/permissions.ts","../src/modules/roles.ts","../src/modules/users.ts","../src/admin-sdk.ts"],"names":[],"mappings":";AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,WAAA,CACE,OAAA,EACgB,UAAA,EACA,QAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAHG,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AAAA,EACd;AACF;;;ACgBO,SAAS,gBAAA,CACd,SACA,aAAA,EACW;AACX,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AAEhD,EAAA,OAAO,eAAe,QAAW,OAAA,EAAqC;AACpE,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,IAAA,EAAM,OAAM,GAAI,OAAA;AAEtC,IAAA,IAAI,MAAM,cAAA,GAAiB,IAAA;AAE3B,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAChD,QAAA,IAAI,UAAU,MAAA,EAAW;AACvB,UAAA,MAAA,CAAO,GAAA,CAAI,GAAA,EAAK,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,QAC/B;AAAA,MACF;AACA,MAAA,MAAM,EAAA,GAAK,OAAO,QAAA,EAAS;AAC3B,MAAA,IAAI,EAAA,SAAW,GAAA,GAAM,EAAA;AAAA,IACvB;AAEA,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,EAAK;AAAA,MAC3B,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAM,IAAA,KAAS,MAAA,GAAY,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,GAAI;AAAA,KACnD,CAAA;AAED,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,IAAI,IAAA,EAAK;AAAA,IACxB,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,CAAA,8BAAA,EAAiC,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,QAC/C,GAAA,CAAI;AAAA,OACN;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,GAAA,EAAK,OAAA,IAAW,CAAA,2BAAA,EAA8B,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,QACxD,GAAA,CAAI,MAAA;AAAA,QACJ;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAQ,IAAA,CAA4B,IAAA;AAAA,EACtC,CAAA;AACF;;;ACxEO,SAAS,iBAAiB,OAAA,EAAoB;AACnD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAkBL,MAAM,eAAA,CACJ,GAAA,EACA,MAAA,EACgC;AAChC,MAAA,OAAO,OAAA,CAA+B;AAAA,QACpC,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,6BAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAA,EAAK,GAAG,MAAA;AAAO,OACxB,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAsBA,MAAM,SAAS,GAAA,EAAgC;AAC7C,MAAA,OAAO,OAAA,CAAkB;AAAA,QACvB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,yBAAA;AAAA,QACN,KAAA,EAAO,EAAE,GAAA;AAAI,OACd,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxDO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAAiC;AACzC,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,+BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,CAAA;AAAA,QACzC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,SAAA,CACJ,EAAA,EACA,eAAA,GAAkB,KAAA,EACW;AAC7B,MAAA,OAAO,OAAA,CAA4B;AAAA,QACjC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,MAAA,CAAA;AAAA,QACzC,KAAA,EAAO,EAAE,gBAAA,EAAkB,eAAA;AAAgB,OAC5C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,MAAM,CAAA,MAAA,CAAA;AAAA,QAC7C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,UAAA,CAAW,MAAA,EAAgB,OAAA,EAAgC;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,8BAAA,EAAiC,MAAM,CAAA,OAAA,EAAU,OAAO,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7IO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,gCAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA,CAAA;AAAA,QAC1C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA;AAAA,OAC3C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,MAAA,EAA2C;AAC3D,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAqBA,MAAM,YAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,MAAA,EAAgB,MAAA,EAA+B;AAClE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAYA,MAAM,yBAAA,CACJ,MAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC9D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAgBA,MAAM,YAAA,CACJ,GAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA,CAAA;AAAA,QACrC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,GAAA,EAAa,MAAA,EAA+B;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC5D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,GAAA,EAAiD;AACjE,MAAA,OAAO,OAAA,CAAmC;AAAA,QACxC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA;AAAA,OACtC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,yBAAA,CACJ,GAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC3D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxOO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAAwB;AAC5B,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAA2B;AACnC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAyC;AACpD,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,0BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAAyC;AAChE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA,CAAA;AAAA,QACpC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,MAAA,EAAgB,MAAA,EAAyC;AACpE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,OAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,QAAA,CAAS,MAAA,EAAgB,MAAA,EAAyC;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,SAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,cAAc,MAAA,EAAyC;AAC3D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,UAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,aAAa,GAAA,EAA8B;AAC/C,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,MAAA;AAAA,OACtC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC3JO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaL,MAAM,IAAA,CAAK,MAAA,GAAyB,EAAC,EAA4B;AAC/D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,MAAM,MAAA,CAAO,IAAA;AAAA,UACb,UAAU,MAAA,CAAO,QAAA;AAAA,UACjB,OAAO,MAAA,CAAO;AAAA;AAChB,OACD,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,IAAI,GAAA,EAAkC;AAC1C,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,GAAA,EAAa,MAAA,EAAqD;AAC7E,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA,CAAA;AAAA,QAChC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,GAAA,EAA4B;AACvC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACrGO,IAAM,WAAN,MAAe;AAAA,EAYpB,YAAY,OAAA,EAA0B;AACpC,IAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAO,GAAA,GAAM,KAAA,EAAO,YAAW,GAAI,OAAA;AAEpD,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAAS;AAAA,KACX;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,UAAA;AAC3B,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,MAAA;AAAA,IAC7B;AAEA,IAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,EAAS,OAAO,CAAA;AAEjD,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAiB,OAAO,CAAA;AACpC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAClD,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAAA,EACpD;AACF","file":"index.js","sourcesContent":["export class AdminSDKError extends Error {\n constructor(\n message: string,\n public readonly statusCode: number,\n public readonly response?: unknown,\n ) {\n super(message);\n this.name = \"AdminSDKError\";\n }\n}\n","import { AdminSDKError } from \"./error\";\n\nexport interface RequestOptions {\n method: \"GET\" | \"POST\" | \"PUT\" | \"DELETE\" | \"PATCH\";\n path: string;\n body?: unknown;\n query?: Record<string, string | number | boolean | undefined>;\n}\n\nexport type RequestFn = <T>(options: RequestOptions) => Promise<T>;\n\n/** Runtime response envelope: { data, statusCode, message } */\ninterface RuntimeEnvelope<T> {\n data: T;\n statusCode: number;\n message?: string;\n}\n\n/** Runtime error envelope */\ninterface RuntimeError {\n statusCode: number;\n message: string;\n error?: string;\n}\n\nexport function createHttpClient(\n baseURL: string,\n commonHeaders: Record<string, string>,\n): RequestFn {\n const normalizedBase = baseURL.replace(/\\/$/, \"\");\n\n return async function request<T>(options: RequestOptions): Promise<T> {\n const { method, path, body, query } = options;\n\n let url = normalizedBase + path;\n\n if (query) {\n const params = new URLSearchParams();\n for (const [key, value] of Object.entries(query)) {\n if (value !== undefined) {\n params.set(key, String(value));\n }\n }\n const qs = params.toString();\n if (qs) url += \"?\" + qs;\n }\n\n const headers: Record<string, string> = {\n \"Content-Type\": \"application/json\",\n ...commonHeaders,\n };\n\n const res = await fetch(url, {\n method,\n headers,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n let json: unknown;\n try {\n json = await res.json();\n } catch {\n throw new AdminSDKError(\n `Failed to parse response from ${method} ${path}`,\n res.status,\n );\n }\n\n if (!res.ok) {\n const err = json as RuntimeError;\n throw new AdminSDKError(\n err?.message ?? `Request failed with status ${res.status}`,\n res.status,\n json,\n );\n }\n\n return (json as RuntimeEnvelope<T>).data;\n };\n}\n","import type { RequestFn } from \"../http\";\nimport type {\n AclRules,\n CheckPermissionParams,\n CheckPermissionResult,\n} from \"../types\";\n\nexport function createAuthModule(request: RequestFn) {\n return {\n /**\n * Check whether a user has a specific permission.\n *\n * Uses the Service Key to query on behalf of any user by UID —\n * no user token required.\n *\n * @example\n * ```typescript\n * // Check if user can access the dashboard page\n * const result = await admin.auth.checkPermission('u-123456', {\n * resource: 'page',\n * action: 'access',\n * resourceId: 'dashboard',\n * });\n * if (!result.allow) throw new Error('Forbidden');\n * ```\n */\n async checkPermission(\n uid: string,\n params: CheckPermissionParams,\n ): Promise<CheckPermissionResult> {\n return request<CheckPermissionResult>({\n method: \"POST\",\n path: \"/api/internal/acl/authorize\",\n body: { uid, ...params },\n });\n },\n\n /**\n * Get all ACL rules for a user.\n *\n * Returns the full set of permissions and roles. Useful when you need\n * to perform multiple permission checks locally without making repeated\n * network calls.\n *\n * @example\n * ```typescript\n * const rules = await admin.auth.getRules('u-123456');\n *\n * // Check roles\n * if (rules.roles.includes('admin')) { ... }\n *\n * // Check multiple permissions locally\n * const canRead = rules.permissions.some(\n * p => p.resource === 'order' && p.action === 'read'\n * );\n * ```\n */\n async getRules(uid: string): Promise<AclRules> {\n return request<AclRules>({\n method: \"GET\",\n path: \"/api/internal/acl/rules\",\n query: { uid },\n });\n },\n };\n}\n\nexport type AuthModule = ReturnType<typeof createAuthModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AddDepartmentMemberParams,\n CreateDepartmentParams,\n Department,\n DepartmentMember,\n UpdateDepartmentParams,\n} from \"../types\";\n\nexport function createDepartmentsModule(request: RequestFn) {\n return {\n /**\n * List all departments (flat list).\n *\n * @example\n * ```typescript\n * const depts = await admin.departments.list();\n * const techDept = depts.find(d => d.name === '技术部');\n * ```\n */\n async list(): Promise<Department[]> {\n return request<Department[]>({\n method: \"GET\",\n path: \"/api/internal/org/departments\",\n });\n },\n\n /**\n * Get a single department by ID.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.get(1);\n * ```\n */\n async get(id: number): Promise<Department> {\n return request<Department>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * Create a new department.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.create({\n * name: '测试组',\n * parentId: 1,\n * });\n * ```\n */\n async create(params: CreateDepartmentParams): Promise<Department> {\n return request<Department>({\n method: \"POST\",\n path: \"/api/internal/org/departments\",\n body: params,\n });\n },\n\n /**\n * Update a department.\n *\n * @example\n * ```typescript\n * await admin.departments.update(3, { name: '质量保证组' });\n * ```\n */\n async update(id: number, params: UpdateDepartmentParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/org/departments/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a department.\n * Note: departments with sub-departments or assigned users cannot be deleted directly.\n *\n * @example\n * ```typescript\n * await admin.departments.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * List members of a department.\n *\n * @param includeChildren - Whether to include members from sub-departments. Defaults to false.\n *\n * @example\n * ```typescript\n * const members = await admin.departments.listUsers(1);\n * const allMembers = await admin.departments.listUsers(1, true);\n * ```\n */\n async listUsers(\n id: number,\n includeChildren = false,\n ): Promise<DepartmentMember[]> {\n return request<DepartmentMember[]>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}/users`,\n query: { include_children: includeChildren },\n });\n },\n\n /**\n * Add a user to a department.\n *\n * @example\n * ```typescript\n * await admin.departments.addUser(1, {\n * userId: 123,\n * isPrimary: true,\n * position: '高级工程师',\n * });\n * ```\n */\n async addUser(\n deptId: number,\n params: AddDepartmentMemberParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/org/departments/${deptId}/users`,\n body: params,\n });\n },\n\n /**\n * Remove a user from a department.\n *\n * @example\n * ```typescript\n * await admin.departments.removeUser(1, 123);\n * ```\n */\n async removeUser(deptId: number, userUid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${deptId}/users/${userUid}`,\n });\n },\n };\n}\n\nexport type DepartmentsModule = ReturnType<typeof createDepartmentsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AssignPermissionToRoleParams,\n AssignPermissionToUserParams,\n CreatePermissionParams,\n Permission,\n RolePermission,\n UpdatePermissionParams,\n UpdatePermissionScopeParams,\n UserPermissionException,\n} from \"../types\";\n\nexport function createPermissionsModule(request: RequestFn) {\n return {\n /**\n * List all defined permissions.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.list();\n * const orderRead = perms.find(p => p.resource === 'order' && p.action === 'read');\n * ```\n */\n async list(): Promise<Permission[]> {\n return request<Permission[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/permissions\",\n });\n },\n\n /**\n * Create a new permission definition.\n *\n * @example\n * ```typescript\n * const perm = await admin.permissions.create({\n * resource: 'order',\n * action: 'export',\n * name: '导出订单',\n * });\n * ```\n */\n async create(params: CreatePermissionParams): Promise<Permission> {\n return request<Permission>({\n method: \"POST\",\n path: \"/api/internal/rbac/permissions\",\n body: params,\n });\n },\n\n /**\n * Update a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.update(10, { name: '导出报表' });\n * ```\n */\n async update(id: number, params: UpdatePermissionParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/permissions/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.delete(10);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/permissions/${id}`,\n });\n },\n\n /**\n * List all permissions assigned to a role.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.listForRole(roleId);\n * ```\n */\n async listForRole(roleId: number): Promise<RolePermission[]> {\n return request<RolePermission[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n });\n },\n\n /**\n * Assign a permission to a role with a data scope.\n *\n * @example\n * ```typescript\n * // Department-scoped permission\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n *\n * // Custom whitelist scope\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 20,\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [1, 2, 3] }),\n * });\n * ```\n */\n async assignToRole(\n roleId: number,\n params: AssignPermissionToRoleParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a permission from a role.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromRole(roleId, permId);\n * ```\n */\n async removeFromRole(roleId: number, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n });\n },\n\n /**\n * Update the data scope of a role–permission assignment.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateRolePermissionScope(roleId, permId, {\n * scopeType: 'all',\n * });\n * ```\n */\n async updateRolePermissionScope(\n roleId: number,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n body: params,\n });\n },\n\n /**\n * Assign a direct (user-level) permission exception to a user.\n *\n * This bypasses role-based assignment and gives the user a direct\n * data-scope override for the specified permission.\n *\n * @example\n * ```typescript\n * await admin.permissions.assignToUser('u-123456', {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n * ```\n */\n async assignToUser(\n uid: string,\n params: AssignPermissionToUserParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a direct permission exception from a user.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromUser('u-123456', permId);\n * ```\n */\n async removeFromUser(uid: string, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n });\n },\n\n /**\n * List permission exceptions for a specific user.\n *\n * @example\n * ```typescript\n * const exceptions = await admin.permissions.listForUser('u-123456');\n * ```\n */\n async listForUser(uid: string): Promise<UserPermissionException[]> {\n return request<UserPermissionException[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n });\n },\n\n /**\n * Update the data scope of a user-level permission exception.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateUserPermissionScope('u-123456', permId, {\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [10, 20] }),\n * });\n * ```\n */\n async updateUserPermissionScope(\n uid: string,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n body: params,\n });\n },\n };\n}\n\nexport type PermissionsModule = ReturnType<typeof createPermissionsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateRoleParams,\n Role,\n RoleAssignee,\n RoleAssignParams,\n UpdateRoleParams,\n} from \"../types\";\n\nexport function createRolesModule(request: RequestFn) {\n return {\n /**\n * List all roles.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.list();\n * const managerRole = roles.find(r => r.code === 'manager');\n * ```\n */\n async list(): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/roles\",\n });\n },\n\n /**\n * Get a role by its numeric ID.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.get(1);\n * ```\n */\n async get(id: number): Promise<Role> {\n return request<Role>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Create a new role.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.create({\n * code: 'editor',\n * displayName: '编辑',\n * description: '负责内容编辑',\n * });\n * ```\n */\n async create(params: CreateRoleParams): Promise<Role> {\n return request<Role>({\n method: \"POST\",\n path: \"/api/internal/rbac/roles\",\n body: params,\n });\n },\n\n /**\n * Update a role.\n * Note: system roles (isSystem=true) cannot be modified.\n *\n * @example\n * ```typescript\n * await admin.roles.update(3, { displayName: '高级编辑' });\n * ```\n */\n async update(id: number, params: UpdateRoleParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a role.\n * Note: system roles cannot be deleted.\n *\n * @example\n * ```typescript\n * await admin.roles.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Assign a role to a user, department, team, or another role.\n *\n * @example\n * ```typescript\n * // Assign to a user\n * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeId: 123 });\n *\n * // Assign to an entire department\n * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });\n * ```\n */\n async assign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/assign`,\n body: params,\n });\n },\n\n /**\n * Remove a role assignment.\n *\n * @example\n * ```typescript\n * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeId: 123 });\n * ```\n */\n async unassign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/unassign`,\n body: params,\n });\n },\n\n /**\n * List all assignees (users, departments, etc.) for a role.\n *\n * @example\n * ```typescript\n * const assignees = await admin.roles.listAssignees(roleId);\n * const users = assignees.filter(a => a.assigneeType === 'user');\n * ```\n */\n async listAssignees(roleId: number): Promise<RoleAssignee[]> {\n return request<RoleAssignee[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/assignees`,\n });\n },\n\n /**\n * Get all roles assigned to a user (by UID).\n *\n * Useful in Edge Functions to check what roles a user currently holds\n * without making a full ACL check.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.getUserRoles('u-123456');\n * if (roles.some(r => r.code === 'admin')) { ... }\n * ```\n */\n async getUserRoles(uid: string): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/roles`,\n });\n },\n };\n}\n\nexport type RolesModule = ReturnType<typeof createRolesModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateUserParams,\n CreateUserResult,\n UpdateUserParams,\n UpdateUserResult,\n UserDetail,\n UserListParams,\n UserListResult,\n} from \"../types\";\n\nexport function createUsersModule(request: RequestFn) {\n return {\n /**\n * List users with optional search and pagination.\n *\n * @example\n * ```typescript\n * const result = await admin.users.list({ query: 'zhang', pageSize: 50 });\n * console.log(`Total: ${result.total}`);\n * for (const user of result.list) {\n * console.log(user.email);\n * }\n * ```\n */\n async list(params: UserListParams = {}): Promise<UserListResult> {\n return request<UserListResult>({\n method: \"GET\",\n path: \"/api/internal/users\",\n query: {\n page: params.page,\n pageSize: params.pageSize,\n query: params.query,\n },\n });\n },\n\n /**\n * Get a single user by UID.\n *\n * @example\n * ```typescript\n * const user = await admin.users.get('u-123456');\n * console.log(user.email);\n * ```\n */\n async get(uid: string): Promise<UserDetail> {\n return request<UserDetail>({\n method: \"GET\",\n path: `/api/internal/users/${uid}`,\n });\n },\n\n /**\n * Create a new user.\n * At least one of username / email / phone must be provided.\n *\n * @example\n * ```typescript\n * const user = await admin.users.create({\n * email: 'user@example.com',\n * password: 'Secure@123',\n * displayName: '张三',\n * });\n * ```\n */\n async create(params: CreateUserParams): Promise<CreateUserResult> {\n return request<CreateUserResult>({\n method: \"POST\",\n path: \"/api/internal/users\",\n body: params,\n });\n },\n\n /**\n * Update an existing user.\n *\n * @example\n * ```typescript\n * // Reset password\n * await admin.users.update('u-123456', { password: 'NewSecure@456' });\n *\n * // Grant super admin\n * await admin.users.update('u-123456', { isSuperAdmin: true });\n * ```\n */\n async update(uid: string, params: UpdateUserParams): Promise<UpdateUserResult> {\n return request<UpdateUserResult>({\n method: \"PUT\",\n path: `/api/internal/users/${uid}`,\n body: params,\n });\n },\n\n /**\n * Delete a user.\n *\n * @example\n * ```typescript\n * await admin.users.delete('u-123456');\n * ```\n */\n async delete(uid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/users/${uid}`,\n });\n },\n };\n}\n\nexport type UsersModule = ReturnType<typeof createUsersModule>;\n","import { createHttpClient } from \"./http\";\nimport { createAuthModule } from \"./modules/auth\";\nimport { createDepartmentsModule } from \"./modules/departments\";\nimport { createPermissionsModule } from \"./modules/permissions\";\nimport { createRolesModule } from \"./modules/roles\";\nimport { createUsersModule } from \"./modules/users\";\nimport type { AdminSDKOptions } from \"./types\";\n\nexport class AdminSDK {\n /** Check and query user permissions without requiring a user token */\n readonly auth: ReturnType<typeof createAuthModule>;\n /** User CRUD operations */\n readonly users: ReturnType<typeof createUsersModule>;\n /** Role management and assignment */\n readonly roles: ReturnType<typeof createRolesModule>;\n /** Permission definitions and role/user permission scopes */\n readonly permissions: ReturnType<typeof createPermissionsModule>;\n /** Department management and membership */\n readonly departments: ReturnType<typeof createDepartmentsModule>;\n\n constructor(options: AdminSDKOptions) {\n const { baseURL, appId, env = \"dev\", serviceKey } = options;\n\n const headers: Record<string, string> = {\n \"x-tenant-id\": appId,\n \"x-env\": env,\n };\n\n if (serviceKey) {\n headers[\"X-Service-Key\"] = serviceKey;\n headers[\"X-Bypass-Auth\"] = \"true\";\n }\n\n const request = createHttpClient(baseURL, headers);\n\n this.auth = createAuthModule(request);\n this.users = createUsersModule(request);\n this.roles = createRolesModule(request);\n this.permissions = createPermissionsModule(request);\n this.departments = createDepartmentsModule(request);\n }\n}\n"]}
1
+ {"version":3,"sources":["../src/error.ts","../src/http.ts","../src/modules/auth.ts","../src/modules/departments.ts","../src/modules/permissions.ts","../src/modules/roles.ts","../src/modules/users.ts","../src/admin-sdk.ts"],"names":[],"mappings":";AAAO,IAAM,aAAA,GAAN,cAA4B,KAAA,CAAM;AAAA,EACvC,WAAA,CACE,OAAA,EACgB,UAAA,EACA,QAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAHG,IAAA,IAAA,CAAA,UAAA,GAAA,UAAA;AACA,IAAA,IAAA,CAAA,QAAA,GAAA,QAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,eAAA;AAAA,EACd;AACF;;;ACgBO,SAAS,gBAAA,CACd,SACA,aAAA,EACW;AACX,EAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AAEhD,EAAA,OAAO,eAAe,QAAW,OAAA,EAAqC;AACpE,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,IAAA,EAAM,OAAM,GAAI,OAAA;AAEtC,IAAA,IAAI,MAAM,cAAA,GAAiB,IAAA;AAE3B,IAAA,IAAI,KAAA,EAAO;AACT,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,MAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AAChD,QAAA,IAAI,UAAU,MAAA,EAAW;AACvB,UAAA,MAAA,CAAO,GAAA,CAAI,GAAA,EAAK,MAAA,CAAO,KAAK,CAAC,CAAA;AAAA,QAC/B;AAAA,MACF;AACA,MAAA,MAAM,EAAA,GAAK,OAAO,QAAA,EAAS;AAC3B,MAAA,IAAI,EAAA,SAAW,GAAA,GAAM,EAAA;AAAA,IACvB;AAEA,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,EAAK;AAAA,MAC3B,MAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAM,IAAA,KAAS,MAAA,GAAY,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,GAAI;AAAA,KACnD,CAAA;AAED,IAAA,IAAI,IAAA;AACJ,IAAA,IAAI;AACF,MAAA,IAAA,GAAO,MAAM,IAAI,IAAA,EAAK;AAAA,IACxB,CAAA,CAAA,MAAQ;AACN,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,CAAA,8BAAA,EAAiC,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AAAA,QAC/C,GAAA,CAAI;AAAA,OACN;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,MAAA,MAAM,GAAA,GAAM,IAAA;AACZ,MAAA,MAAM,IAAI,aAAA;AAAA,QACR,GAAA,EAAK,OAAA,IAAW,CAAA,2BAAA,EAA8B,GAAA,CAAI,MAAM,CAAA,CAAA;AAAA,QACxD,GAAA,CAAI,MAAA;AAAA,QACJ;AAAA,OACF;AAAA,IACF;AAEA,IAAA,OAAQ,IAAA,CAA4B,IAAA;AAAA,EACtC,CAAA;AACF;;;ACxEO,SAAS,iBAAiB,OAAA,EAAoB;AACnD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAkBL,MAAM,eAAA,CACJ,GAAA,EACA,MAAA,EACgC;AAChC,MAAA,OAAO,OAAA,CAA+B;AAAA,QACpC,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,6BAAA;AAAA,QACN,IAAA,EAAM,EAAE,GAAA,EAAK,GAAG,MAAA;AAAO,OACxB,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAsBA,MAAM,SAAS,GAAA,EAAgC;AAC7C,MAAA,OAAO,OAAA,CAAkB;AAAA,QACvB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,yBAAA;AAAA,QACN,KAAA,EAAO,EAAE,GAAA;AAAI,OACd,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxDO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAAiC;AACzC,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,+BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,CAAA;AAAA,QACzC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA;AAAA,OAC1C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,SAAA,CACJ,EAAA,EACA,eAAA,GAAkB,KAAA,EACW;AAC7B,MAAA,OAAO,OAAA,CAA4B;AAAA,QACjC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,EAAE,CAAA,MAAA,CAAA;AAAA,QACzC,KAAA,EAAO,EAAE,gBAAA,EAAkB,eAAA;AAAgB,OAC5C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,iCAAiC,MAAM,CAAA,MAAA,CAAA;AAAA,QAC7C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,UAAA,CAAW,MAAA,EAAgB,OAAA,EAAgC;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,8BAAA,EAAiC,MAAM,CAAA,OAAA,EAAU,OAAO,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7IO,SAAS,wBAAwB,OAAA,EAAoB;AAC1D,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAA8B;AAClC,MAAA,OAAO,OAAA,CAAsB;AAAA,QAC3B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,gCAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAA+C;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA,CAAA;AAAA,QAC1C,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,kCAAkC,EAAE,CAAA;AAAA,OAC3C,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,MAAA,EAA2C;AAC3D,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAqBA,MAAM,YAAA,CACJ,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,YAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,MAAA,EAAgB,MAAA,EAA+B;AAClE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC/D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAYA,MAAM,yBAAA,CACJ,MAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,MAAM,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC9D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAgBA,MAAM,YAAA,CACJ,GAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA,CAAA;AAAA,QACrC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,cAAA,CAAe,GAAA,EAAa,MAAA,EAA+B;AAC/D,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA;AAAA,OAC5D,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,GAAA,EAAiD;AACjE,MAAA,OAAO,OAAA,CAAmC;AAAA,QACxC,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,YAAA;AAAA,OACtC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaA,MAAM,yBAAA,CACJ,GAAA,EACA,MAAA,EACA,MAAA,EACe;AACf,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,CAAA,yBAAA,EAA4B,GAAG,CAAA,aAAA,EAAgB,MAAM,CAAA,CAAA;AAAA,QAC3D,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACxOO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUL,MAAM,IAAA,GAAwB;AAC5B,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,IAAI,EAAA,EAA2B;AACnC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,OAAO,MAAA,EAAyC;AACpD,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,0BAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,MAAA,CAAO,EAAA,EAAY,MAAA,EAAyC;AAChE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA,CAAA;AAAA,QACpC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,OAAO,EAAA,EAA2B;AACtC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,EAAE,CAAA;AAAA,OACrC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,MAAA,CAAO,MAAA,EAAgB,MAAA,EAAyC;AACpE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,OAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,QAAA,CAAS,MAAA,EAAgB,MAAA,EAAyC;AACtE,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,SAAA,CAAA;AAAA,QACxC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,cAAc,MAAA,EAAyC;AAC3D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,MAAM,CAAA,UAAA;AAAA,OACzC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,aAAa,GAAA,EAA8B;AAC/C,MAAA,OAAO,OAAA,CAAgB;AAAA,QACrB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,4BAA4B,GAAG,CAAA,MAAA;AAAA,OACtC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;AC7JO,SAAS,kBAAkB,OAAA,EAAoB;AACpD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAaL,MAAM,IAAA,CAAK,MAAA,GAAyB,EAAC,EAA4B;AAC/D,MAAA,OAAO,OAAA,CAAwB;AAAA,QAC7B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,KAAA,EAAO;AAAA,UACL,MAAM,MAAA,CAAO,IAAA;AAAA,UACb,UAAU,MAAA,CAAO,QAAA;AAAA,UACjB,OAAO,MAAA,CAAO;AAAA;AAChB,OACD,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAWA,MAAM,IAAI,GAAA,EAAkC;AAC1C,MAAA,OAAO,OAAA,CAAoB;AAAA,QACzB,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAeA,MAAM,OAAO,MAAA,EAAqD;AAChE,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,MAAA;AAAA,QACR,IAAA,EAAM,qBAAA;AAAA,QACN,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,MAAA,CAAO,GAAA,EAAa,MAAA,EAAqD;AAC7E,MAAA,OAAO,OAAA,CAA0B;AAAA,QAC/B,MAAA,EAAQ,KAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA,CAAA;AAAA,QAChC,IAAA,EAAM;AAAA,OACP,CAAA;AAAA,IACH,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,OAAO,GAAA,EAA4B;AACvC,MAAA,OAAO,OAAA,CAAc;AAAA,QACnB,MAAA,EAAQ,QAAA;AAAA,QACR,IAAA,EAAM,uBAAuB,GAAG,CAAA;AAAA,OACjC,CAAA;AAAA,IACH;AAAA,GACF;AACF;;;ACrGO,IAAM,WAAN,MAAe;AAAA,EAYpB,YAAY,OAAA,EAA0B;AACpC,IAAA,MAAM,EAAE,OAAA,GAAU,qBAAA,EAAuB,OAAO,GAAA,GAAM,KAAA,EAAO,YAAW,GAAI,OAAA;AAE5E,IAAA,MAAM,OAAA,GAAkC;AAAA,MACtC,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAAS;AAAA,KACX;AAEA,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,UAAA;AAC3B,MAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,MAAA;AAAA,IAC7B;AAEA,IAAA,MAAM,OAAA,GAAU,gBAAA,CAAiB,OAAA,EAAS,OAAO,CAAA;AAEjD,IAAA,IAAA,CAAK,IAAA,GAAO,iBAAiB,OAAO,CAAA;AACpC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,KAAA,GAAQ,kBAAkB,OAAO,CAAA;AACtC,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAClD,IAAA,IAAA,CAAK,WAAA,GAAc,wBAAwB,OAAO,CAAA;AAAA,EACpD;AACF","file":"index.js","sourcesContent":["export class AdminSDKError extends Error {\n constructor(\n message: string,\n public readonly statusCode: number,\n public readonly response?: unknown,\n ) {\n super(message);\n this.name = \"AdminSDKError\";\n }\n}\n","import { AdminSDKError } from \"./error\";\n\nexport interface RequestOptions {\n method: \"GET\" | \"POST\" | \"PUT\" | \"DELETE\" | \"PATCH\";\n path: string;\n body?: unknown;\n query?: Record<string, string | number | boolean | undefined>;\n}\n\nexport type RequestFn = <T>(options: RequestOptions) => Promise<T>;\n\n/** Runtime response envelope: { data, statusCode, message } */\ninterface RuntimeEnvelope<T> {\n data: T;\n statusCode: number;\n message?: string;\n}\n\n/** Runtime error envelope */\ninterface RuntimeError {\n statusCode: number;\n message: string;\n error?: string;\n}\n\nexport function createHttpClient(\n baseURL: string,\n commonHeaders: Record<string, string>,\n): RequestFn {\n const normalizedBase = baseURL.replace(/\\/$/, \"\");\n\n return async function request<T>(options: RequestOptions): Promise<T> {\n const { method, path, body, query } = options;\n\n let url = normalizedBase + path;\n\n if (query) {\n const params = new URLSearchParams();\n for (const [key, value] of Object.entries(query)) {\n if (value !== undefined) {\n params.set(key, String(value));\n }\n }\n const qs = params.toString();\n if (qs) url += \"?\" + qs;\n }\n\n const headers: Record<string, string> = {\n \"Content-Type\": \"application/json\",\n ...commonHeaders,\n };\n\n const res = await fetch(url, {\n method,\n headers,\n body: body !== undefined ? JSON.stringify(body) : undefined,\n });\n\n let json: unknown;\n try {\n json = await res.json();\n } catch {\n throw new AdminSDKError(\n `Failed to parse response from ${method} ${path}`,\n res.status,\n );\n }\n\n if (!res.ok) {\n const err = json as RuntimeError;\n throw new AdminSDKError(\n err?.message ?? `Request failed with status ${res.status}`,\n res.status,\n json,\n );\n }\n\n return (json as RuntimeEnvelope<T>).data;\n };\n}\n","import type { RequestFn } from \"../http\";\nimport type {\n AclRules,\n CheckPermissionParams,\n CheckPermissionResult,\n} from \"../types\";\n\nexport function createAuthModule(request: RequestFn) {\n return {\n /**\n * Check whether a user has a specific permission.\n *\n * Uses the Service Key to query on behalf of any user by UID —\n * no user token required.\n *\n * @example\n * ```typescript\n * // Check if user can access the dashboard page\n * const result = await admin.auth.checkPermission('u-123456', {\n * resource: 'page',\n * action: 'access',\n * resourceId: 'dashboard',\n * });\n * if (!result.allow) throw new Error('Forbidden');\n * ```\n */\n async checkPermission(\n uid: string,\n params: CheckPermissionParams,\n ): Promise<CheckPermissionResult> {\n return request<CheckPermissionResult>({\n method: \"POST\",\n path: \"/api/internal/acl/authorize\",\n body: { uid, ...params },\n });\n },\n\n /**\n * Get all ACL rules for a user.\n *\n * Returns the full set of permissions and roles. Useful when you need\n * to perform multiple permission checks locally without making repeated\n * network calls.\n *\n * @example\n * ```typescript\n * const rules = await admin.auth.getRules('u-123456');\n *\n * // Check roles\n * if (rules.roles.includes('admin')) { ... }\n *\n * // Check multiple permissions locally\n * const canRead = rules.permissions.some(\n * p => p.resource === 'order' && p.action === 'read'\n * );\n * ```\n */\n async getRules(uid: string): Promise<AclRules> {\n return request<AclRules>({\n method: \"GET\",\n path: \"/api/internal/acl/rules\",\n query: { uid },\n });\n },\n };\n}\n\nexport type AuthModule = ReturnType<typeof createAuthModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AddDepartmentMemberParams,\n CreateDepartmentParams,\n Department,\n DepartmentMember,\n UpdateDepartmentParams,\n} from \"../types\";\n\nexport function createDepartmentsModule(request: RequestFn) {\n return {\n /**\n * List all departments (flat list).\n *\n * @example\n * ```typescript\n * const depts = await admin.departments.list();\n * const techDept = depts.find(d => d.name === '技术部');\n * ```\n */\n async list(): Promise<Department[]> {\n return request<Department[]>({\n method: \"GET\",\n path: \"/api/internal/org/departments\",\n });\n },\n\n /**\n * Get a single department by ID.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.get(1);\n * ```\n */\n async get(id: number): Promise<Department> {\n return request<Department>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * Create a new department.\n *\n * @example\n * ```typescript\n * const dept = await admin.departments.create({\n * name: '测试组',\n * parentId: 1,\n * });\n * ```\n */\n async create(params: CreateDepartmentParams): Promise<Department> {\n return request<Department>({\n method: \"POST\",\n path: \"/api/internal/org/departments\",\n body: params,\n });\n },\n\n /**\n * Update a department.\n *\n * @example\n * ```typescript\n * await admin.departments.update(3, { name: '质量保证组' });\n * ```\n */\n async update(id: number, params: UpdateDepartmentParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/org/departments/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a department.\n * Note: departments with sub-departments or assigned users cannot be deleted directly.\n *\n * @example\n * ```typescript\n * await admin.departments.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${id}`,\n });\n },\n\n /**\n * List members of a department.\n *\n * @param includeChildren - Whether to include members from sub-departments. Defaults to false.\n *\n * @example\n * ```typescript\n * const members = await admin.departments.listUsers(1);\n * const allMembers = await admin.departments.listUsers(1, true);\n * ```\n */\n async listUsers(\n id: number,\n includeChildren = false,\n ): Promise<DepartmentMember[]> {\n return request<DepartmentMember[]>({\n method: \"GET\",\n path: `/api/internal/org/departments/${id}/users`,\n query: { include_children: includeChildren },\n });\n },\n\n /**\n * Add a user to a department.\n *\n * @example\n * ```typescript\n * await admin.departments.addUser(deptId, {\n * userUid: user.uid,\n * isPrimary: true,\n * position: '高级工程师',\n * });\n * ```\n */\n async addUser(\n deptId: number,\n params: AddDepartmentMemberParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/org/departments/${deptId}/users`,\n body: params,\n });\n },\n\n /**\n * Remove a user from a department.\n *\n * @example\n * ```typescript\n * await admin.departments.removeUser(deptId, user.uid);\n * ```\n */\n async removeUser(deptId: number, userUid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/org/departments/${deptId}/users/${userUid}`,\n });\n },\n };\n}\n\nexport type DepartmentsModule = ReturnType<typeof createDepartmentsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n AssignPermissionToRoleParams,\n AssignPermissionToUserParams,\n CreatePermissionParams,\n Permission,\n RolePermission,\n UpdatePermissionParams,\n UpdatePermissionScopeParams,\n UserPermissionException,\n} from \"../types\";\n\nexport function createPermissionsModule(request: RequestFn) {\n return {\n /**\n * List all defined permissions.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.list();\n * const orderRead = perms.find(p => p.resource === 'order' && p.action === 'read');\n * ```\n */\n async list(): Promise<Permission[]> {\n return request<Permission[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/permissions\",\n });\n },\n\n /**\n * Create a new permission definition.\n *\n * @example\n * ```typescript\n * const perm = await admin.permissions.create({\n * resource: 'order',\n * action: 'export',\n * name: '导出订单',\n * });\n * ```\n */\n async create(params: CreatePermissionParams): Promise<Permission> {\n return request<Permission>({\n method: \"POST\",\n path: \"/api/internal/rbac/permissions\",\n body: params,\n });\n },\n\n /**\n * Update a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.update(10, { name: '导出报表' });\n * ```\n */\n async update(id: number, params: UpdatePermissionParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/permissions/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a permission definition.\n *\n * @example\n * ```typescript\n * await admin.permissions.delete(10);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/permissions/${id}`,\n });\n },\n\n /**\n * List all permissions assigned to a role.\n *\n * @example\n * ```typescript\n * const perms = await admin.permissions.listForRole(roleId);\n * ```\n */\n async listForRole(roleId: number): Promise<RolePermission[]> {\n return request<RolePermission[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n });\n },\n\n /**\n * Assign a permission to a role with a data scope.\n *\n * @example\n * ```typescript\n * // Department-scoped permission\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n *\n * // Custom whitelist scope\n * await admin.permissions.assignToRole(roleId, {\n * permissionId: 20,\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [1, 2, 3] }),\n * });\n * ```\n */\n async assignToRole(\n roleId: number,\n params: AssignPermissionToRoleParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a permission from a role.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromRole(roleId, permId);\n * ```\n */\n async removeFromRole(roleId: number, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n });\n },\n\n /**\n * Update the data scope of a role–permission assignment.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateRolePermissionScope(roleId, permId, {\n * scopeType: 'all',\n * });\n * ```\n */\n async updateRolePermissionScope(\n roleId: number,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${roleId}/permissions/${permId}`,\n body: params,\n });\n },\n\n /**\n * Assign a direct (user-level) permission exception to a user.\n *\n * This bypasses role-based assignment and gives the user a direct\n * data-scope override for the specified permission.\n *\n * @example\n * ```typescript\n * await admin.permissions.assignToUser('u-123456', {\n * permissionId: 10,\n * scopeType: 'department',\n * });\n * ```\n */\n async assignToUser(\n uid: string,\n params: AssignPermissionToUserParams,\n ): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n body: params,\n });\n },\n\n /**\n * Remove a direct permission exception from a user.\n *\n * @example\n * ```typescript\n * await admin.permissions.removeFromUser('u-123456', permId);\n * ```\n */\n async removeFromUser(uid: string, permId: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n });\n },\n\n /**\n * List permission exceptions for a specific user.\n *\n * @example\n * ```typescript\n * const exceptions = await admin.permissions.listForUser('u-123456');\n * ```\n */\n async listForUser(uid: string): Promise<UserPermissionException[]> {\n return request<UserPermissionException[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/permissions`,\n });\n },\n\n /**\n * Update the data scope of a user-level permission exception.\n *\n * @example\n * ```typescript\n * await admin.permissions.updateUserPermissionScope('u-123456', permId, {\n * scopeType: 'custom',\n * scopeFilter: JSON.stringify({ id: [10, 20] }),\n * });\n * ```\n */\n async updateUserPermissionScope(\n uid: string,\n permId: number,\n params: UpdatePermissionScopeParams,\n ): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/users/${uid}/permissions/${permId}`,\n body: params,\n });\n },\n };\n}\n\nexport type PermissionsModule = ReturnType<typeof createPermissionsModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateRoleParams,\n Role,\n RoleAssignee,\n RoleAssignParams,\n UpdateRoleParams,\n} from \"../types\";\n\nexport function createRolesModule(request: RequestFn) {\n return {\n /**\n * List all roles.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.list();\n * const managerRole = roles.find(r => r.code === 'manager');\n * ```\n */\n async list(): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: \"/api/internal/rbac/roles\",\n });\n },\n\n /**\n * Get a role by its numeric ID.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.get(1);\n * ```\n */\n async get(id: number): Promise<Role> {\n return request<Role>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Create a new role.\n *\n * @example\n * ```typescript\n * const role = await admin.roles.create({\n * code: 'editor',\n * displayName: '编辑',\n * description: '负责内容编辑',\n * });\n * ```\n */\n async create(params: CreateRoleParams): Promise<Role> {\n return request<Role>({\n method: \"POST\",\n path: \"/api/internal/rbac/roles\",\n body: params,\n });\n },\n\n /**\n * Update a role.\n * Note: system roles (isSystem=true) cannot be modified.\n *\n * @example\n * ```typescript\n * await admin.roles.update(3, { displayName: '高级编辑' });\n * ```\n */\n async update(id: number, params: UpdateRoleParams): Promise<void> {\n return request<void>({\n method: \"PUT\",\n path: `/api/internal/rbac/roles/${id}`,\n body: params,\n });\n },\n\n /**\n * Delete a role.\n * Note: system roles cannot be deleted.\n *\n * @example\n * ```typescript\n * await admin.roles.delete(3);\n * ```\n */\n async delete(id: number): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/rbac/roles/${id}`,\n });\n },\n\n /**\n * Assign a role to a user, department, team, or another role.\n * For users, prefer assigneeUid (string). For department/team/role, use assigneeId (number).\n *\n * @example\n * ```typescript\n * // Assign to a user (preferred: use uid)\n * await admin.roles.assign(roleId, { assigneeType: 'user', assigneeUid: user.uid });\n *\n * // Assign to an entire department\n * await admin.roles.assign(roleId, { assigneeType: 'department', assigneeId: 5 });\n * ```\n */\n async assign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/assign`,\n body: params,\n });\n },\n\n /**\n * Remove a role assignment.\n * For users, prefer assigneeUid. For department/team/role, use assigneeId.\n *\n * @example\n * ```typescript\n * await admin.roles.unassign(roleId, { assigneeType: 'user', assigneeUid: user.uid });\n * ```\n */\n async unassign(roleId: number, params: RoleAssignParams): Promise<void> {\n return request<void>({\n method: \"POST\",\n path: `/api/internal/rbac/roles/${roleId}/unassign`,\n body: params,\n });\n },\n\n /**\n * List all assignees (users, departments, etc.) for a role.\n *\n * @example\n * ```typescript\n * const assignees = await admin.roles.listAssignees(roleId);\n * const users = assignees.filter(a => a.assigneeType === 'user');\n * ```\n */\n async listAssignees(roleId: number): Promise<RoleAssignee[]> {\n return request<RoleAssignee[]>({\n method: \"GET\",\n path: `/api/internal/rbac/roles/${roleId}/assignees`,\n });\n },\n\n /**\n * Get all roles assigned to a user (by UID).\n *\n * Useful in Edge Functions to check what roles a user currently holds\n * without making a full ACL check.\n *\n * @example\n * ```typescript\n * const roles = await admin.roles.getUserRoles('u-123456');\n * if (roles.some(r => r.code === 'admin')) { ... }\n * ```\n */\n async getUserRoles(uid: string): Promise<Role[]> {\n return request<Role[]>({\n method: \"GET\",\n path: `/api/internal/rbac/users/${uid}/roles`,\n });\n },\n };\n}\n\nexport type RolesModule = ReturnType<typeof createRolesModule>;\n","import type { RequestFn } from \"../http\";\nimport type {\n CreateUserParams,\n CreateUserResult,\n UpdateUserParams,\n UpdateUserResult,\n UserDetail,\n UserListParams,\n UserListResult,\n} from \"../types\";\n\nexport function createUsersModule(request: RequestFn) {\n return {\n /**\n * List users with optional search and pagination.\n *\n * @example\n * ```typescript\n * const result = await admin.users.list({ query: 'zhang', pageSize: 50 });\n * console.log(`Total: ${result.total}`);\n * for (const user of result.list) {\n * console.log(user.email);\n * }\n * ```\n */\n async list(params: UserListParams = {}): Promise<UserListResult> {\n return request<UserListResult>({\n method: \"GET\",\n path: \"/api/internal/users\",\n query: {\n page: params.page,\n pageSize: params.pageSize,\n query: params.query,\n },\n });\n },\n\n /**\n * Get a single user by UID.\n *\n * @example\n * ```typescript\n * const user = await admin.users.get('u-123456');\n * console.log(user.email);\n * ```\n */\n async get(uid: string): Promise<UserDetail> {\n return request<UserDetail>({\n method: \"GET\",\n path: `/api/internal/users/${uid}`,\n });\n },\n\n /**\n * Create a new user.\n * At least one of username / email / phone must be provided.\n *\n * @example\n * ```typescript\n * const user = await admin.users.create({\n * email: 'user@example.com',\n * password: 'Secure@123',\n * displayName: '张三',\n * });\n * ```\n */\n async create(params: CreateUserParams): Promise<CreateUserResult> {\n return request<CreateUserResult>({\n method: \"POST\",\n path: \"/api/internal/users\",\n body: params,\n });\n },\n\n /**\n * Update an existing user.\n *\n * @example\n * ```typescript\n * // Reset password\n * await admin.users.update('u-123456', { password: 'NewSecure@456' });\n *\n * // Grant super admin\n * await admin.users.update('u-123456', { isSuperAdmin: true });\n * ```\n */\n async update(uid: string, params: UpdateUserParams): Promise<UpdateUserResult> {\n return request<UpdateUserResult>({\n method: \"PUT\",\n path: `/api/internal/users/${uid}`,\n body: params,\n });\n },\n\n /**\n * Delete a user.\n *\n * @example\n * ```typescript\n * await admin.users.delete('u-123456');\n * ```\n */\n async delete(uid: string): Promise<void> {\n return request<void>({\n method: \"DELETE\",\n path: `/api/internal/users/${uid}`,\n });\n },\n };\n}\n\nexport type UsersModule = ReturnType<typeof createUsersModule>;\n","import { createHttpClient } from \"./http\";\nimport { createAuthModule } from \"./modules/auth\";\nimport { createDepartmentsModule } from \"./modules/departments\";\nimport { createPermissionsModule } from \"./modules/permissions\";\nimport { createRolesModule } from \"./modules/roles\";\nimport { createUsersModule } from \"./modules/users\";\nimport type { AdminSDKOptions } from \"./types\";\n\nexport class AdminSDK {\n /** Check and query user permissions without requiring a user token */\n readonly auth: ReturnType<typeof createAuthModule>;\n /** User CRUD operations */\n readonly users: ReturnType<typeof createUsersModule>;\n /** Role management and assignment */\n readonly roles: ReturnType<typeof createRolesModule>;\n /** Permission definitions and role/user permission scopes */\n readonly permissions: ReturnType<typeof createPermissionsModule>;\n /** Department management and membership */\n readonly departments: ReturnType<typeof createDepartmentsModule>;\n\n constructor(options: AdminSDKOptions) {\n const { baseURL = \"http://runtime:3000\", appId, env = \"dev\", serviceKey } = options;\n\n const headers: Record<string, string> = {\n \"x-tenant-id\": appId,\n \"x-env\": env,\n };\n\n if (serviceKey) {\n headers[\"X-Service-Key\"] = serviceKey;\n headers[\"X-Bypass-Auth\"] = \"true\";\n }\n\n const request = createHttpClient(baseURL, headers);\n\n this.auth = createAuthModule(request);\n this.users = createUsersModule(request);\n this.roles = createRolesModule(request);\n this.permissions = createPermissionsModule(request);\n this.departments = createDepartmentsModule(request);\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@amaster.ai/admin-sdk",
3
- "version": "0.1.0",
3
+ "version": "0.1.2",
4
4
  "description": "Admin SDK for Amaster platform — server-side user, role, permission and org management",
5
5
  "type": "module",
6
6
  "main": "./dist/index.cjs",