@awsless/awsless 0.0.582 → 0.0.583

package/dist/bin.js

@@ -1155,7 +1155,24 @@ var RpcDefaultSchema = z22.record(
     geoRestrictions: z22.array(z22.string().length(2).toUpperCase()).default([]).describe("Specifies a blacklist of countries that should be blocked.")
   })
 ).describe(`Define the global RPC API's.`).optional();
-var RpcSchema = z22.record(ResourceIdSchema, z22.record(z22.string(), FunctionSchema).describe("The queries for your global RPC API.")).describe("Define the schema in your stack for your global RPC API.").optional();
+var PermissionsSchema2 = z22.union([
+  //
+  z22.string().transform((v) => [v]),
+  z22.string().array()
+]).default([]).describe(
+  "Specifies a list of permissions that can be used inside your custom authorizer function to determine if the user has access to this specific RPC function."
+);
+var EntrySchema = z22.union([
+  FunctionSchema.transform((props) => ({
+    function: props,
+    permissions: []
+  })),
+  z22.object({
+    function: FunctionSchema,
+    permissions: PermissionsSchema2
+  })
+]);
+var RpcSchema = z22.record(ResourceIdSchema, z22.record(z22.string(), EntrySchema).describe("The queries for your global RPC API.")).describe("Define the schema in your stack for your global RPC API.").optional();
 
 // src/feature/instance/schema.ts
 import { days as days3, toDays as toDays2 } from "@awsless/duration";
@@ -1227,7 +1244,7 @@ var PermissionSchema2 = z23.object({
   actions: ActionsSchema2,
   resources: ResourcesSchema2
 });
-var PermissionsSchema2 = z23.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
+var PermissionsSchema3 = z23.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
 var DescriptionSchema2 = z23.string().describe("A description of the instance.");
 var ImageSchema = z23.string().optional().describe("The URL of the container image to use.");
 var validLogRetentionDays2 = [
@@ -1269,7 +1286,7 @@ var ISchema = z23.object({
   memorySize: MemorySizeSchema2.optional(),
   architecture: ArchitectureSchema3.optional(),
   environment: EnvironmentSchema2.optional(),
-  permissions: PermissionsSchema2.optional(),
+  permissions: PermissionsSchema3.optional(),
   healthCheck: HealthCheckSchema.optional()
   // restartPolicy: RestartPolicySchema.optional(),
 });
@@ -1286,7 +1303,7 @@ var InstanceDefaultSchema = z23.object({
   memorySize: MemorySizeSchema2.default("512 MB"),
   architecture: ArchitectureSchema3.default("arm64"),
   environment: EnvironmentSchema2.optional(),
-  permissions: PermissionsSchema2.optional(),
+  permissions: PermissionsSchema3.optional(),
   healthCheck: HealthCheckSchema.optional(),
   // restartPolicy: RestartPolicySchema.default({ enabled: true }),
   log: LogSchema2.default(true).transform((log26) => ({
@@ -2492,7 +2509,6 @@ var authFeature = defineFeature({
         resourceType: "auth",
         resourceName: id
       });
-      props.username;
       const userPool = new $.aws.cognito.UserPool(
         group,
         "user-pool",
@@ -4531,8 +4547,8 @@ var rpcFeature = defineFeature({
       const schema = new TypeObject(2);
       for (const stack of ctx.stackConfigs) {
         for (const [name, props] of Object.entries(stack.rpc?.[id] ?? {})) {
-          if ("file" in props.code) {
-            const relFile = relative5(directories.types, props.code.file);
+          if ("file" in props.function.code) {
+            const relFile = relative5(directories.types, props.function.code.file);
             const varName = camelCase5(`${stack.name}-${name}`);
             types2.addImport(varName, relFile);
             schema.addType(name, `Handle<typeof ${varName}>`);
@@ -4561,7 +4577,7 @@ var rpcFeature = defineFeature({
           } else {
             list3.add(name);
           }
-          const timeout = toSeconds5(props.timeout ?? ctx.appConfig.defaults.function.timeout);
+          const timeout = toSeconds5(props.function.timeout ?? ctx.appConfig.defaults.function.timeout);
           const maxTimeout = toSeconds5(ctx.appConfig.defaults.rpc[id].timeout) * 0.8;
           if (timeout > maxTimeout) {
             throw new FileError(
@@ -4787,7 +4803,7 @@ var rpcFeature = defineFeature({
         const queryGroup = new Group13(group, "query", name);
         const entryId = kebabCase6(`${id}-${shortId(name)}`);
         createLambdaFunction(queryGroup, ctx, `rpc`, entryId, {
-          ...props,
+          ...props.function,
           description: `${id} ${name}`
         });
         new $13.aws.dynamodb.TableItem(queryGroup, "query", {
@@ -4803,6 +4819,11 @@ var rpcFeature = defineFeature({
                 resourceType: "rpc",
                 resourceName: entryId
               })
+            },
+            permissions: {
+              L: props.permissions.map((permission) => ({
+                S: permission
+              }))
             }
           })
         });

package/dist/build-json-schema.js

@@ -550,7 +550,24 @@ var RpcDefaultSchema = z19.record(
     geoRestrictions: z19.array(z19.string().length(2).toUpperCase()).default([]).describe("Specifies a blacklist of countries that should be blocked.")
   })
 ).describe(`Define the global RPC API's.`).optional();
-var RpcSchema = z19.record(ResourceIdSchema, z19.record(z19.string(), FunctionSchema).describe("The queries for your global RPC API.")).describe("Define the schema in your stack for your global RPC API.").optional();
+var PermissionsSchema2 = z19.union([
+  //
+  z19.string().transform((v) => [v]),
+  z19.string().array()
+]).default([]).describe(
+  "Specifies a list of permissions that can be used inside your custom authorizer function to determine if the user has access to this specific RPC function."
+);
+var EntrySchema = z19.union([
+  FunctionSchema.transform((props) => ({
+    function: props,
+    permissions: []
+  })),
+  z19.object({
+    function: FunctionSchema,
+    permissions: PermissionsSchema2
+  })
+]);
+var RpcSchema = z19.record(ResourceIdSchema, z19.record(z19.string(), EntrySchema).describe("The queries for your global RPC API.")).describe("Define the schema in your stack for your global RPC API.").optional();
 
 // src/feature/instance/schema.ts
 import { days as days3, toDays as toDays2 } from "@awsless/duration";
@@ -622,7 +639,7 @@ var PermissionSchema2 = z20.object({
   actions: ActionsSchema2,
   resources: ResourcesSchema2
 });
-var PermissionsSchema2 = z20.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
+var PermissionsSchema3 = z20.union([PermissionSchema2.transform((v) => [v]), PermissionSchema2.array()]).describe("Add IAM permissions to your instance.");
 var DescriptionSchema2 = z20.string().describe("A description of the instance.");
 var ImageSchema = z20.string().optional().describe("The URL of the container image to use.");
 var validLogRetentionDays2 = [
@@ -664,7 +681,7 @@ var ISchema = z20.object({
   memorySize: MemorySizeSchema2.optional(),
   architecture: ArchitectureSchema3.optional(),
   environment: EnvironmentSchema2.optional(),
-  permissions: PermissionsSchema2.optional(),
+  permissions: PermissionsSchema3.optional(),
   healthCheck: HealthCheckSchema.optional()
   // restartPolicy: RestartPolicySchema.optional(),
 });
@@ -681,7 +698,7 @@ var InstanceDefaultSchema = z20.object({
   memorySize: MemorySizeSchema2.default("512 MB"),
   architecture: ArchitectureSchema3.default("arm64"),
   environment: EnvironmentSchema2.optional(),
-  permissions: PermissionsSchema2.optional(),
+  permissions: PermissionsSchema3.optional(),
   healthCheck: HealthCheckSchema.optional(),
   // restartPolicy: RestartPolicySchema.default({ enabled: true }),
   log: LogSchema2.default(true).transform((log) => ({

package/dist/prebuild/rpc/HASH

@@ -1 +1 @@
-f5dbbf3d9b5e37eda3a77bbec4453130ace93efd
+f25c05904c0f9349537dd7cb51577a1befa4c1af

package/dist/server.d.ts

@@ -131,6 +131,7 @@ type RpcAuthorizerResponse = {
     authorized: true;
     context?: unknown;
     lockKey?: string;
+    permissions?: string[];
     ttl: Duration;
 };