npm - @bunbase-ae/js - Versions diffs - 2.10.1-next.250.3e4ff22 → 2.10.1-next.253.19f24dd - Mend

@bunbase-ae/js 2.10.1-next.250.3e4ff22 → 2.10.1-next.253.19f24dd

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@bunbase-ae/js",
-  "version": "2.10.1-next.250.3e4ff22",
+  "version": "2.10.1-next.253.19f24dd",
   "type": "module",
   "description": "TypeScript/JavaScript SDK for BunBase",
   "license": "UNLICENSED",

package/src/admin.ts CHANGED Viewed

@@ -301,14 +301,25 @@ export interface ServerSettings {
   // storage tiers handled out-of-band (e.g. S3 versioning).
   backup_include_storage?: boolean;
   // Phase 2 (#350): when true, every backup also captures an AES-256-GCM
-  // encrypted bundle of secret env vars under `backup_env_passphrase`.
-  // Default false — opt-in. Passphrase loss is unrecoverable for the env
-  // restore path; DB+storage still restore without it.
+  // encrypted bundle of secret env vars. The passphrase used to encrypt the
+  // bundle is sourced from the `BACKUP_ENV_PASSPHRASE` environment variable
+  // on the BunBase host (see `backup_env_passphrase_source` below for the
+  // read-only set/unset indicator). Default false — opt-in. Passphrase loss
+  // is unrecoverable for the env restore path; DB+storage still restore
+  // without it.
   backup_include_env?: boolean;
-  // Operator-provided passphrase for `backup_include_env`. Must be at least
-  // 32 chars. Returned as the redacted sentinel ("********") on read once
-  // #379 lands.
+  /**
+   * @deprecated Removed in #402. The env-bundle passphrase is sourced from
+   * the `BACKUP_ENV_PASSPHRASE` environment variable only — never from
+   * `_settings`, never via this API. Setting this field via the admin API
+   * is silently ignored. Use `backup_env_passphrase_source` to read whether
+   * the env var is set on the BunBase host.
+   */
   backup_env_passphrase?: string;
+  // Read-only indicator (#402). `"env_set"` means BACKUP_ENV_PASSPHRASE is
+  // present in the BunBase host's process environment; `"env_unset"` means
+  // it is missing — encrypted env-bundle capture will skip with a warn log.
+  backup_env_passphrase_source?: "env_set" | "env_unset";
   server_timezone?: string;
   server_locale?: string;
   access_log_level?: "info" | "warn" | "error";
@@ -400,6 +411,24 @@ export interface StatsResponse {
   time_series: MinuteBucket[];
 }
+export interface TenantSummary {
+  tenant_id: string;
+  member_count: number;
+}
+export interface TenantMember {
+  user_id: string;
+  role: string;
+  created_at: number;
+}
+export interface AdminTenantMembership {
+  tenant_id: string;
+  user_id: string;
+  role: string;
+  created_at: number;
+}
 // ─── Sub-clients ──────────────────────────────────────────────────────────────
 class AdminUsersClient {
@@ -1129,6 +1158,58 @@ class AdminNamedQueriesClient {
   }
 }
+// Tenant membership management — surfaces the /api/v1/admin/tenants/* endpoints
+// added in v2.5.2 (#277/#323) so operators don't need to hand-roll fetch calls
+// to onboard a tenant member.
+class AdminTenantsClient {
+  constructor(private readonly http: HttpClient) {}
+  async list(): Promise<TenantSummary[]> {
+    const res = await this.http.request<{ items: TenantSummary[] }>("GET", "/api/v1/admin/tenants");
+    return res.items;
+  }
+  async listMembers(tenantId: string): Promise<TenantMember[]> {
+    const res = await this.http.request<{ items: TenantMember[] }>(
+      "GET",
+      `/api/v1/admin/tenants/${encodeURIComponent(tenantId)}/members`,
+    );
+    return res.items;
+  }
+  async addMember(
+    tenantId: string,
+    params: { userId: string; role?: string },
+  ): Promise<AdminTenantMembership> {
+    const body: Record<string, unknown> = { user_id: params.userId };
+    if (params.role !== undefined) body.role = params.role;
+    return this.http.request<AdminTenantMembership>(
+      "POST",
+      `/api/v1/admin/tenants/${encodeURIComponent(tenantId)}/members`,
+      { body },
+    );
+  }
+  async setMemberRole(
+    tenantId: string,
+    userId: string,
+    role: string,
+  ): Promise<AdminTenantMembership> {
+    return this.http.request<AdminTenantMembership>(
+      "PATCH",
+      `/api/v1/admin/tenants/${encodeURIComponent(tenantId)}/members/${encodeURIComponent(userId)}`,
+      { body: { role } },
+    );
+  }
+  async removeMember(tenantId: string, userId: string): Promise<void> {
+    await this.http.request<{ ok: boolean }>(
+      "DELETE",
+      `/api/v1/admin/tenants/${encodeURIComponent(tenantId)}/members/${encodeURIComponent(userId)}`,
+    );
+  }
+}
 // ─── Main AdminClient ─────────────────────────────────────────────────────────
 export class AdminClient {
@@ -1143,6 +1224,7 @@ export class AdminClient {
   readonly queries: AdminNamedQueriesClient;
   readonly logs: AdminLogsClient;
   readonly system: AdminSystemClient;
+  readonly tenants: AdminTenantsClient;
   constructor(http: HttpClient) {
     this.users = new AdminUsersClient(http);
@@ -1156,5 +1238,6 @@ export class AdminClient {
     this.queries = new AdminNamedQueriesClient(http);
     this.logs = new AdminLogsClient(http);
     this.system = new AdminSystemClient(http);
+    this.tenants = new AdminTenantsClient(http);
   }
 }

package/src/index.ts CHANGED Viewed

@@ -7,6 +7,7 @@ export {
   type AdminRecord,
   type AdminSession,
   type AdminStoredFile,
+  type AdminTenantMembership,
   type AdminUser,
   type BackupDestinationConfig,
   type BackupFile,
@@ -38,6 +39,8 @@ export {
   type StatsResponse,
   type StorageBucket,
   type TemplateName,
+  type TenantMember,
+  type TenantSummary,
   type UpdateNamedQueryInput,
   type UpdateUserParams,
   type WebhookLogRow,