@base44-preview/sdk 0.8.33-pr.207.0a378fa → 0.8.34-pr.187.548dd7e
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/client.d.ts +4 -4
- package/dist/client.js +6 -6
- package/dist/client.types.d.ts +2 -2
- package/dist/modules/agents.types.d.ts +1 -1
- package/dist/modules/entities.types.d.ts +2 -2
- package/dist/modules/functions.types.d.ts +1 -1
- package/dist/modules/integrations.types.d.ts +1 -1
- package/package.json +6 -6
package/dist/client.d.ts
CHANGED
|
@@ -12,12 +12,12 @@ export type { Base44Client, CreateClientConfig, CreateClientOptions };
|
|
|
12
12
|
* The client supports three authentication modes:
|
|
13
13
|
* - **Anonymous**: Access modules without authentication using `base44.moduleName`. Operations are scoped to public data and permissions.
|
|
14
14
|
* - **User authentication**: Access modules with user-level permissions using `base44.moduleName`. Operations are scoped to the authenticated user's data and permissions. Use `base44.auth.loginViaEmailPassword()` or other auth methods to get a token.
|
|
15
|
-
* - **Service role authentication**: Access modules with elevated permissions using `base44.asServiceRole.moduleName`. Operations
|
|
15
|
+
* - **Service role authentication**: Access modules with elevated permissions using `base44.asServiceRole.moduleName`. Operations bypass entity access rules and field-level security, giving full read and write access to all of the app's data. Only available in Base44-hosted backend functions. Create a client with service role authentication using {@linkcode createClientFromRequest | createClientFromRequest()}.
|
|
16
16
|
*
|
|
17
17
|
* For example, when using the {@linkcode EntitiesModule | entities} module:
|
|
18
18
|
* - **Anonymous**: Can only read public data.
|
|
19
19
|
* - **User authentication**: Can access the current user's data.
|
|
20
|
-
* - **Service role authentication**: Can
|
|
20
|
+
* - **Service role authentication**: Can read and write any record, bypassing access rules.
|
|
21
21
|
*
|
|
22
22
|
* Most modules are available in all three modes, but with different permission levels. However, some modules are only available in specific authentication modes.
|
|
23
23
|
*
|
|
@@ -43,7 +43,7 @@ export declare function createClient(config: CreateClientConfig): Base44Client;
|
|
|
43
43
|
*
|
|
44
44
|
* This function is designed for use in Base44-hosted backend functions. For frontends and external backends, use {@linkcode createClient | createClient()} instead.
|
|
45
45
|
*
|
|
46
|
-
* When used in a Base44-hosted backend function, `createClientFromRequest()` automatically extracts authentication tokens from the request headers that Base44 injects when forwarding requests. The returned client includes service role access using `base44.asServiceRole`, which
|
|
46
|
+
* When used in a Base44-hosted backend function, `createClientFromRequest()` automatically extracts authentication tokens from the request headers that Base44 injects when forwarding requests. The returned client includes service role access using `base44.asServiceRole`, which bypasses entity access rules and field-level security.
|
|
47
47
|
*
|
|
48
48
|
* To learn more about the Base44 client, see {@linkcode createClient | createClient()}.
|
|
49
49
|
*
|
|
@@ -82,7 +82,7 @@ export declare function createClient(config: CreateClientConfig): Base44Client;
|
|
|
82
82
|
* try {
|
|
83
83
|
* const base44 = createClientFromRequest(req);
|
|
84
84
|
*
|
|
85
|
-
* //
|
|
85
|
+
* // Read across all users, bypassing the Orders entity's access rules
|
|
86
86
|
* const recentOrders = await base44.asServiceRole.entities.Orders.list('-created_at', 50);
|
|
87
87
|
*
|
|
88
88
|
* return Response.json({ orders: recentOrders });
|
package/dist/client.js
CHANGED
|
@@ -23,12 +23,12 @@ import { createAnalyticsModule } from "./modules/analytics.js";
|
|
|
23
23
|
* The client supports three authentication modes:
|
|
24
24
|
* - **Anonymous**: Access modules without authentication using `base44.moduleName`. Operations are scoped to public data and permissions.
|
|
25
25
|
* - **User authentication**: Access modules with user-level permissions using `base44.moduleName`. Operations are scoped to the authenticated user's data and permissions. Use `base44.auth.loginViaEmailPassword()` or other auth methods to get a token.
|
|
26
|
-
* - **Service role authentication**: Access modules with elevated permissions using `base44.asServiceRole.moduleName`. Operations
|
|
26
|
+
* - **Service role authentication**: Access modules with elevated permissions using `base44.asServiceRole.moduleName`. Operations bypass entity access rules and field-level security, giving full read and write access to all of the app's data. Only available in Base44-hosted backend functions. Create a client with service role authentication using {@linkcode createClientFromRequest | createClientFromRequest()}.
|
|
27
27
|
*
|
|
28
28
|
* For example, when using the {@linkcode EntitiesModule | entities} module:
|
|
29
29
|
* - **Anonymous**: Can only read public data.
|
|
30
30
|
* - **User authentication**: Can access the current user's data.
|
|
31
|
-
* - **Service role authentication**: Can
|
|
31
|
+
* - **Service role authentication**: Can read and write any record, bypassing access rules.
|
|
32
32
|
*
|
|
33
33
|
* Most modules are available in all three modes, but with different permission levels. However, some modules are only available in specific authentication modes.
|
|
34
34
|
*
|
|
@@ -257,7 +257,7 @@ export function createClient(config) {
|
|
|
257
257
|
/**
|
|
258
258
|
* Provides access to service role modules.
|
|
259
259
|
*
|
|
260
|
-
* Service role authentication provides elevated permissions for backend operations. Unlike user authentication, which is scoped to a specific user's permissions, service role authentication
|
|
260
|
+
* Service role authentication provides elevated permissions for backend operations. Unlike user authentication, which is scoped to a specific user's permissions, service role authentication bypasses entity access rules and field-level security entirely, giving full read and write access to all of the app's data.
|
|
261
261
|
*
|
|
262
262
|
* @throws {Error} When accessed without providing a serviceToken during client creation.
|
|
263
263
|
*
|
|
@@ -268,7 +268,7 @@ export function createClient(config) {
|
|
|
268
268
|
* serviceToken: 'service-role-token'
|
|
269
269
|
* });
|
|
270
270
|
*
|
|
271
|
-
* //
|
|
271
|
+
* // Read every user record, bypassing the User entity's access rules
|
|
272
272
|
* const allUsers = await base44.asServiceRole.entities.User.list();
|
|
273
273
|
* ```
|
|
274
274
|
*/
|
|
@@ -286,7 +286,7 @@ export function createClient(config) {
|
|
|
286
286
|
*
|
|
287
287
|
* This function is designed for use in Base44-hosted backend functions. For frontends and external backends, use {@linkcode createClient | createClient()} instead.
|
|
288
288
|
*
|
|
289
|
-
* When used in a Base44-hosted backend function, `createClientFromRequest()` automatically extracts authentication tokens from the request headers that Base44 injects when forwarding requests. The returned client includes service role access using `base44.asServiceRole`, which
|
|
289
|
+
* When used in a Base44-hosted backend function, `createClientFromRequest()` automatically extracts authentication tokens from the request headers that Base44 injects when forwarding requests. The returned client includes service role access using `base44.asServiceRole`, which bypasses entity access rules and field-level security.
|
|
290
290
|
*
|
|
291
291
|
* To learn more about the Base44 client, see {@linkcode createClient | createClient()}.
|
|
292
292
|
*
|
|
@@ -325,7 +325,7 @@ export function createClient(config) {
|
|
|
325
325
|
* try {
|
|
326
326
|
* const base44 = createClientFromRequest(req);
|
|
327
327
|
*
|
|
328
|
-
* //
|
|
328
|
+
* // Read across all users, bypassing the Orders entity's access rules
|
|
329
329
|
* const recentOrders = await base44.asServiceRole.entities.Orders.list('-created_at', 50);
|
|
330
330
|
*
|
|
331
331
|
* return Response.json({ orders: recentOrders });
|
package/dist/client.types.d.ts
CHANGED
|
@@ -49,7 +49,7 @@ export interface CreateClientConfig {
|
|
|
49
49
|
*/
|
|
50
50
|
token?: string;
|
|
51
51
|
/**
|
|
52
|
-
* Service role authentication token. Provides elevated permissions
|
|
52
|
+
* Service role authentication token. Provides elevated permissions that bypass entity access rules and field-level security. Only available in Base44-hosted backend functions. Automatically added to clients created using {@linkcode createClientFromRequest | createClientFromRequest()}.
|
|
53
53
|
* @internal
|
|
54
54
|
*/
|
|
55
55
|
serviceToken?: string;
|
|
@@ -117,7 +117,7 @@ export interface Base44Client {
|
|
|
117
117
|
/**
|
|
118
118
|
* Provides access to supported modules with elevated permissions.
|
|
119
119
|
*
|
|
120
|
-
* Service role authentication provides elevated permissions for backend operations. Unlike user authentication, which is scoped to a specific user's permissions, service role authentication
|
|
120
|
+
* Service role authentication provides elevated permissions for backend operations. Unlike user authentication, which is scoped to a specific user's permissions, service role authentication bypasses entity access rules and field-level security entirely, giving full read and write access to all of the app's data.
|
|
121
121
|
*
|
|
122
122
|
* @throws {Error} When accessed without providing a serviceToken during client creation
|
|
123
123
|
*/
|
|
@@ -194,7 +194,7 @@ export interface AgentsModuleConfig {
|
|
|
194
194
|
* This module is available to use with a client in all authentication modes:
|
|
195
195
|
*
|
|
196
196
|
* - **Anonymous or User authentication** (`base44.agents`): Access is scoped to the current user's permissions. Users must be authenticated to create and access conversations.
|
|
197
|
-
* - **Service role authentication** (`base44.asServiceRole.agents`): Operations
|
|
197
|
+
* - **Service role authentication** (`base44.asServiceRole.agents`): Operations are invoked with the service role for backend code that needs elevated permissions.
|
|
198
198
|
*
|
|
199
199
|
* ## Generated Types
|
|
200
200
|
*
|
|
@@ -665,7 +665,7 @@ type DynamicEntitiesModule = {
|
|
|
665
665
|
* This module is available to use with a client in all authentication modes:
|
|
666
666
|
*
|
|
667
667
|
* - **Anonymous or User authentication** (`base44.entities`): Access is scoped to the current user's permissions. Anonymous users can only access public entities, while authenticated users can access entities they have permission to view or modify.
|
|
668
|
-
* - **Service role authentication** (`base44.asServiceRole.entities`): Operations
|
|
668
|
+
* - **Service role authentication** (`base44.asServiceRole.entities`): Operations bypass entity access rules and field-level security entirely. Can read and write any record in any entity.
|
|
669
669
|
*
|
|
670
670
|
* ## Entity Handlers
|
|
671
671
|
*
|
|
@@ -694,7 +694,7 @@ type DynamicEntitiesModule = {
|
|
|
694
694
|
*
|
|
695
695
|
* @example
|
|
696
696
|
* ```typescript
|
|
697
|
-
* // List
|
|
697
|
+
* // List every user, bypassing the User entity's access rules
|
|
698
698
|
* const allUsers = await base44.asServiceRole.entities.User.list();
|
|
699
699
|
* ```
|
|
700
700
|
*/
|
|
@@ -40,7 +40,7 @@ export interface FunctionsModuleConfig {
|
|
|
40
40
|
* This module is available to use with a client in all authentication modes:
|
|
41
41
|
*
|
|
42
42
|
* - **Anonymous or User authentication** (`base44.functions`): Functions are invoked with the current user's permissions. Anonymous users invoke functions without authentication, while authenticated users invoke functions with their authentication context.
|
|
43
|
-
* - **Service role authentication** (`base44.asServiceRole.functions`): Functions are invoked with
|
|
43
|
+
* - **Service role authentication** (`base44.asServiceRole.functions`): Functions are invoked with the service role for backend code that needs elevated permissions.
|
|
44
44
|
*
|
|
45
45
|
* ## Generated Types
|
|
46
46
|
*
|
|
@@ -362,7 +362,7 @@ export interface CoreIntegrations {
|
|
|
362
362
|
* This module is available to use with a client in all authentication modes:
|
|
363
363
|
*
|
|
364
364
|
* - **Anonymous or User authentication** (`base44.integrations`): Integration methods are invoked with the current user's permissions. Anonymous users invoke methods without authentication, while authenticated users invoke methods with their authentication context.
|
|
365
|
-
* - **Service role authentication** (`base44.asServiceRole.integrations`): Integration methods are invoked with
|
|
365
|
+
* - **Service role authentication** (`base44.asServiceRole.integrations`): Integration methods are invoked with the service role for backend code that needs elevated permissions.
|
|
366
366
|
*/
|
|
367
367
|
export type IntegrationsModule = {
|
|
368
368
|
/**
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@base44-preview/sdk",
|
|
3
|
-
"version": "0.8.
|
|
3
|
+
"version": "0.8.34-pr.187.548dd7e",
|
|
4
4
|
"description": "JavaScript SDK for Base44 API",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -35,10 +35,10 @@
|
|
|
35
35
|
"@types/node": "^25.0.1",
|
|
36
36
|
"@types/unist": "^3.0.3",
|
|
37
37
|
"@typescript-eslint/parser": "^8.51.0",
|
|
38
|
-
"@vitest/coverage-istanbul": "^1.
|
|
39
|
-
"@vitest/coverage-v8": "^1.
|
|
40
|
-
"@vitest/ui": "^1.
|
|
41
|
-
"dotenv": "^
|
|
38
|
+
"@vitest/coverage-istanbul": "^4.1.9",
|
|
39
|
+
"@vitest/coverage-v8": "^4.1.9",
|
|
40
|
+
"@vitest/ui": "^4.1.9",
|
|
41
|
+
"dotenv": "^17.4.2",
|
|
42
42
|
"eslint": "^9.39.2",
|
|
43
43
|
"eslint-plugin-import": "^2.32.0",
|
|
44
44
|
"nock": "^13.4.0",
|
|
@@ -46,7 +46,7 @@
|
|
|
46
46
|
"typedoc-plugin-markdown": "^4.9.0",
|
|
47
47
|
"typescript": "^5.3.2",
|
|
48
48
|
"typescript-eslint": "^8.51.0",
|
|
49
|
-
"vitest": "^1.
|
|
49
|
+
"vitest": "^4.1.9"
|
|
50
50
|
},
|
|
51
51
|
"keywords": [
|
|
52
52
|
"base44",
|