@camstack/ui-library 0.1.46 → 0.1.48

package/dist/composites/scope-picker.d.ts

@@ -17,9 +17,9 @@ interface ScopePickerProps {
 export declare function ScopePicker({ value, onChange, clampToParent, emptyHint }: ScopePickerProps): React.ReactElement;
 /**
  * Validation helper. The wire schema (`TokenScopeSchema`) requires every
- * scope to carry a non-empty target and `access.length >= 1`. Use this
- * before passing the picker output to a mutate call so the user sees a
- * clean inline error instead of a tRPC ZodError.
+ * scope to carry a non-empty target/targets and `access.length >= 1`.
+ * Use this before passing the picker output to a mutate call so the
+ * user sees a clean inline error instead of a tRPC ZodError.
  */
 export declare function validateScopes(scopes: readonly TokenScope[]): string | null;
 export {};

package/dist/generated/system-hooks.d.ts

@@ -903,6 +903,16 @@ export declare const useUserManagementRevokeScopedToken: typeof trpc.userManagem
 export declare const useUserManagementValidateScopedToken: typeof trpc.userManagement.validateScopedToken.useQuery;
 /** Generated alias around `trpc.userManagement.listScopedTokens.useQuery`. */
 export declare const useUserManagementListScopedTokens: typeof trpc.userManagement.listScopedTokens.useQuery;
+/** Generated alias around `trpc.userManagement.setupTotp.useMutation`. */
+export declare const useUserManagementSetupTotp: typeof trpc.userManagement.setupTotp.useMutation;
+/** Generated alias around `trpc.userManagement.confirmTotp.useMutation`. */
+export declare const useUserManagementConfirmTotp: typeof trpc.userManagement.confirmTotp.useMutation;
+/** Generated alias around `trpc.userManagement.disableTotp.useMutation`. */
+export declare const useUserManagementDisableTotp: typeof trpc.userManagement.disableTotp.useMutation;
+/** Generated alias around `trpc.userManagement.getTotpStatus.useQuery`. */
+export declare const useUserManagementGetTotpStatus: typeof trpc.userManagement.getTotpStatus.useQuery;
+/** Generated alias around `trpc.userManagement.verifyTotp.useMutation`. */
+export declare const useUserManagementVerifyTotp: typeof trpc.userManagement.verifyTotp.useMutation;
 /** Generated alias around `trpc.webrtcSession.listStreams.useQuery`. */
 export declare const useWebrtcSessionListStreams: typeof trpc.webrtcSession.listStreams.useQuery;
 /** Generated alias around `trpc.webrtcSession.createSession.useMutation`. */

package/dist/index.cjs

@@ -16519,6 +16519,16 @@ var useUserManagementRevokeScopedToken = trpc.userManagement.revokeScopedToken.u
 var useUserManagementValidateScopedToken = trpc.userManagement.validateScopedToken.useQuery;
 /** Generated alias around `trpc.userManagement.listScopedTokens.useQuery`. */
 var useUserManagementListScopedTokens = trpc.userManagement.listScopedTokens.useQuery;
+/** Generated alias around `trpc.userManagement.setupTotp.useMutation`. */
+var useUserManagementSetupTotp = trpc.userManagement.setupTotp.useMutation;
+/** Generated alias around `trpc.userManagement.confirmTotp.useMutation`. */
+var useUserManagementConfirmTotp = trpc.userManagement.confirmTotp.useMutation;
+/** Generated alias around `trpc.userManagement.disableTotp.useMutation`. */
+var useUserManagementDisableTotp = trpc.userManagement.disableTotp.useMutation;
+/** Generated alias around `trpc.userManagement.getTotpStatus.useQuery`. */
+var useUserManagementGetTotpStatus = trpc.userManagement.getTotpStatus.useQuery;
+/** Generated alias around `trpc.userManagement.verifyTotp.useMutation`. */
+var useUserManagementVerifyTotp = trpc.userManagement.verifyTotp.useMutation;
 /** Generated alias around `trpc.webrtcSession.listStreams.useQuery`. */
 var useWebrtcSessionListStreams = trpc.webrtcSession.listStreams.useQuery;
 /** Generated alias around `trpc.webrtcSession.createSession.useMutation`. */
@@ -23013,23 +23023,20 @@ function KebabMenu({ items, header, triggerClassName, title = "More actions" })
 * <ScopePicker> — operator-facing editor for a `TokenScope[]` value.
 *
 * Two consumers: the user-scope editor on `/system/users` (admin grants
-* a baseline scope set to a viewer / agent / scoped user) and the
-* scoped-token create modal on `/system/api-keys` (a caller carves
-* out a subset of THEIR scopes for a `cst_*` token).
+* a baseline scope set to a non-admin user) and the scoped-token create
+* modal on `/system/api-keys` (a caller carves out a subset of THEIR
+* scopes for a `cst_*` token).
 *
-* Each row is `{ type, target, access }`:
-*   - `type`: `addon` or `capability` (route-prefix retired in the
-*     caps-only refactor — every endpoint lives behind a cap).
-*   - `target`: a known addon id (live from `useAddonsList`) or a known
-*     cap name (from `KNOWN_CAP_NAMES` emitted by codegen).
-*   - `access`: three independent checkboxes (`view` / `create` /
-*     `delete`). At least one must be selected; an empty grant is
-*     rejected by the server-side Zod schema (`access.min(1)`).
+* Row shapes per scope `type`:
+*   - category   → target: 'device' | 'system'
+*   - capability → target: cap name from `KNOWN_CAP_NAMES`
+*   - addon      → target: addon id from `useAddonsList`
+*   - device     → targets: readonly deviceId[] (multi-select)
+*
+* `access` is always 3 independent checkboxes (view / create / delete).
 *
 * `clampToParent` narrows the target dropdown + access checkboxes to
-* what the CALLER possesses — this is the subset check rendered in
-* the UI, mirroring the structural check in `createScopedToken`.
-* Admins should pass `null` to allow everything.
+* what the CALLER possesses. Admins pass `null` to allow everything.
 */
 var ACCESS_OPTIONS = [
 	{
@@ -23051,6 +23058,8 @@ var ACCESS_OPTIONS = [
 		hint: "Destructive ops (delete/revoke/reset/…)"
 	}
 ];
+/** Static targets for the `category` scope type (auto-grow categories). */
+var CATEGORY_CHOICES = ["device", "system"];
 function defaultRow() {
 	return {
 		type: "capability",
@@ -23058,11 +23067,36 @@ function defaultRow() {
 		access: ["view"]
 	};
 }
-function clampedTargetsForType(type, parent, addonChoices, capChoices) {
-	const universe = type === "addon" ? addonChoices : capChoices;
+/**
+* Collect the union of device targets a parent grants. Used to clamp
+* the device picker so a child grant can't refer to a deviceId the
+* caller themselves doesn't have.
+*/
+function parentDeviceTargets(parent) {
+	if (parent == null) return [];
+	const out = /* @__PURE__ */ new Set();
+	for (const s of parent) if (s.type === "device") for (const t of s.targets) out.add(t);
+	return [...out];
+}
+function clampedSingleTargets(type, parent, addonChoices, capChoices) {
+	let universe;
+	switch (type) {
+		case "addon":
+			universe = addonChoices;
+			break;
+		case "capability":
+			universe = capChoices;
+			break;
+		case "category":
+			universe = CATEGORY_CHOICES.map((c) => ({
+				value: c,
+				label: c
+			}));
+			break;
+	}
 	if (parent == null) return universe;
-	const allowed = new Set(parent.filter((s) => s.type === type).map((s) => s.target));
-	return universe.filter((t) => allowed.has(t));
+	const allowed = new Set(parent.filter((s) => s.type !== "device" && s.type === type).map((s) => s.target));
+	return universe.filter((t) => allowed.has(t.value));
 }
 function clampedAccessForRow(row, parent) {
 	if (parent == null) return [
@@ -23070,7 +23104,12 @@ function clampedAccessForRow(row, parent) {
 		"create",
 		"delete"
 	];
-	const matches = parent.filter((s) => s.type === row.type && s.target === row.target);
+	const matches = parent.filter((s) => {
+		if (s.type !== row.type) return false;
+		if (s.type === "device" && row.type === "device") return s.targets.some((t) => row.targets.includes(t));
+		if (s.type !== "device" && row.type !== "device") return s.target === row.target;
+		return false;
+	});
 	if (matches.length === 0) return [];
 	const out = /* @__PURE__ */ new Set();
 	for (const m of matches) for (const a of m.access) out.add(a);
@@ -23078,17 +23117,75 @@ function clampedAccessForRow(row, parent) {
 }
 function ScopePicker({ value, onChange, clampToParent, emptyHint }) {
 	const { data: addons } = useAddonsList();
-	const addonChoices = (0, react.useMemo)(() => (addons ?? []).map((a) => a.manifest.id).sort(), [addons]);
-	const capChoices = (0, react.useMemo)(() => [..._camstack_types.KNOWN_CAP_NAMES].sort(), []);
+	const { data: devices } = useDeviceManagerListAll({});
+	const addonChoices = (0, react.useMemo)(() => (addons ?? []).map((a) => ({
+		value: a.manifest.id,
+		label: a.manifest.id
+	})).sort((a, b) => a.label.localeCompare(b.label)), [addons]);
+	const capChoices = (0, react.useMemo)(() => [..._camstack_types.KNOWN_CAP_NAMES].sort().map((c) => ({
+		value: c,
+		label: c
+	})), []);
+	const deviceChoices = (0, react.useMemo)(() => (devices ?? []).map((d) => ({
+		value: String(d.id),
+		label: `${d.name} (#${d.id} · ${d.addonId})`
+	})).sort((a, b) => a.label.localeCompare(b.label)), [devices]);
+	const parentDeviceClamp = (0, react.useMemo)(() => clampToParent == null ? null : parentDeviceTargets(clampToParent), [clampToParent]);
+	/**
+	* Build a fresh scope row when `type` changes. The discriminated union
+	* forces us to re-construct the object per variant so the resulting
+	* shape matches one of the four union members exactly.
+	*/
+	const rebuildForType = (next, access) => {
+		const accessArr = [...access];
+		switch (next) {
+			case "category": return {
+				type: "category",
+				target: "device",
+				access: accessArr
+			};
+			case "capability": return {
+				type: "capability",
+				target: "",
+				access: accessArr
+			};
+			case "addon": return {
+				type: "addon",
+				target: "",
+				access: accessArr
+			};
+			case "device": return {
+				type: "device",
+				targets: [],
+				access: accessArr
+			};
+		}
+	};
 	const update = (idx, patch) => {
 		onChange(value.map((s, i) => {
 			if (i !== idx) return s;
-			const next = {
-				...s,
-				...patch
+			if (patch.type !== void 0 && patch.type !== s.type) return rebuildForType(patch.type, patch.access ?? s.access);
+			const access = [...patch.access ?? s.access];
+			if (s.type === "device") return {
+				type: "device",
+				targets: [...patch.targets ?? s.targets],
+				access
+			};
+			if (s.type === "category") return {
+				type: "category",
+				target: patch.target ?? s.target,
+				access
+			};
+			if (s.type === "capability") return {
+				type: "capability",
+				target: patch.target ?? s.target,
+				access
+			};
+			return {
+				type: "addon",
+				target: patch.target ?? s.target,
+				access
 			};
-			if (patch.type !== void 0 && patch.type !== s.type) next.target = "";
-			return next;
 		}));
 	};
 	const removeAt = (idx) => {
@@ -23105,24 +23202,39 @@ function ScopePicker({ value, onChange, clampToParent, emptyHint }) {
 				children: emptyHint
 			}),
 			value.map((row, idx) => {
-				const targetChoices = clampedTargetsForType(row.type, clampToParent, addonChoices, capChoices);
 				const allowedAccess = clampedAccessForRow(row, clampToParent);
 				return /* @__PURE__ */ (0, react_jsx_runtime.jsxs)("div", {
-					className: "flex flex-wrap items-center gap-1.5 rounded border border-border bg-surface px-2 py-1.5",
+					className: "flex flex-wrap items-start gap-1.5 rounded border border-border bg-surface px-2 py-1.5",
 					children: [
 						/* @__PURE__ */ (0, react_jsx_runtime.jsxs)("select", {
 							value: row.type,
 							onChange: (e) => update(idx, { type: e.target.value }),
 							className: "rounded border border-border bg-background px-2 py-1 text-[11px] focus:outline-none focus:ring-1 focus:ring-primary",
-							children: [/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
-								value: "capability",
-								children: "capability"
-							}), /* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
-								value: "addon",
-								children: "addon"
-							})]
+							children: [
+								/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+									value: "category",
+									children: "category"
+								}),
+								/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+									value: "capability",
+									children: "capability"
+								}),
+								/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+									value: "addon",
+									children: "addon"
+								}),
+								/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+									value: "device",
+									children: "device"
+								})
+							]
 						}),
-						/* @__PURE__ */ (0, react_jsx_runtime.jsxs)("select", {
+						row.type === "device" ? /* @__PURE__ */ (0, react_jsx_runtime.jsx)(DeviceTargetPicker, {
+							value: row.targets,
+							choices: deviceChoices,
+							clampToParent: parentDeviceClamp,
+							onChange: (targets) => update(idx, { targets })
+						}) : /* @__PURE__ */ (0, react_jsx_runtime.jsxs)("select", {
 							value: row.target,
 							onChange: (e) => update(idx, { target: e.target.value }),
 							className: "flex-1 min-w-[160px] rounded border border-border bg-background px-2 py-1 text-[11px] font-mono focus:outline-none focus:ring-1 focus:ring-primary",
@@ -23133,10 +23245,10 @@ function ScopePicker({ value, onChange, clampToParent, emptyHint }) {
 									row.type,
 									" —"
 								]
-							}), targetChoices.map((t) => /* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
-								value: t,
-								children: t
-							}, t))]
+							}), clampedSingleTargets(row.type, clampToParent, addonChoices, capChoices).map((t) => /* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+								value: t.value,
+								children: t.label
+							}, t.value))]
 						}),
 						/* @__PURE__ */ (0, react_jsx_runtime.jsx)("div", {
 							className: "flex items-center gap-1",
@@ -23184,16 +23296,73 @@ function ScopePicker({ value, onChange, clampToParent, emptyHint }) {
 		]
 	});
 }
+function DeviceTargetPicker({ value, choices, clampToParent, onChange }) {
+	const [pendingAdd, setPendingAdd] = (0, react.useState)("");
+	const visibleChoices = (0, react.useMemo)(() => {
+		const filtered = clampToParent == null ? choices : choices.filter((c) => clampToParent.includes(c.value));
+		const taken = new Set(value);
+		return filtered.filter((c) => !taken.has(c.value));
+	}, [
+		choices,
+		clampToParent,
+		value
+	]);
+	const labelFor = (id) => choices.find((c) => c.value === id)?.label ?? `#${id}`;
+	const handleAdd = (id) => {
+		if (!id) return;
+		onChange([...value, id]);
+		setPendingAdd("");
+	};
+	const handleRemove = (id) => {
+		onChange(value.filter((v) => v !== id));
+	};
+	return /* @__PURE__ */ (0, react_jsx_runtime.jsxs)("div", {
+		className: "flex-1 min-w-[160px] flex flex-wrap items-center gap-1",
+		children: [
+			value.length === 0 && /* @__PURE__ */ (0, react_jsx_runtime.jsx)("span", {
+				className: "text-[10px] text-foreground-subtle italic px-1",
+				children: "no devices selected"
+			}),
+			value.map((id) => /* @__PURE__ */ (0, react_jsx_runtime.jsxs)("span", {
+				className: "inline-flex items-center gap-1 rounded bg-primary/10 px-1.5 py-0.5 text-[10px] font-mono text-primary",
+				children: [labelFor(id), /* @__PURE__ */ (0, react_jsx_runtime.jsx)("button", {
+					type: "button",
+					onClick: () => handleRemove(id),
+					className: "hover:text-danger transition-colors",
+					title: "Remove device",
+					children: /* @__PURE__ */ (0, react_jsx_runtime.jsx)(X, { className: "h-2.5 w-2.5" })
+				})]
+			}, id)),
+			visibleChoices.length > 0 && /* @__PURE__ */ (0, react_jsx_runtime.jsxs)("select", {
+				value: pendingAdd,
+				onChange: (e) => handleAdd(e.target.value),
+				className: "rounded border border-border bg-background px-1.5 py-0.5 text-[10px] focus:outline-none focus:ring-1 focus:ring-primary",
+				children: [/* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+					value: "",
+					children: "+ add device…"
+				}), visibleChoices.map((c) => /* @__PURE__ */ (0, react_jsx_runtime.jsx)("option", {
+					value: c.value,
+					children: c.label
+				}, c.value))]
+			})
+		]
+	});
+}
 /**
 * Validation helper. The wire schema (`TokenScopeSchema`) requires every
-* scope to carry a non-empty target and `access.length >= 1`. Use this
-* before passing the picker output to a mutate call so the user sees a
-* clean inline error instead of a tRPC ZodError.
+* scope to carry a non-empty target/targets and `access.length >= 1`.
+* Use this before passing the picker output to a mutate call so the
+* user sees a clean inline error instead of a tRPC ZodError.
 */
 function validateScopes(scopes) {
 	for (const s of scopes) {
-		if (s.target.trim().length === 0) return `Scope ${s.type}: pick a target`;
-		if (s.access.length === 0) return `Scope ${s.type}:${s.target}: pick at least one access`;
+		if (s.type === "device") {
+			if (s.targets.length === 0) return `Scope device: pick at least one device`;
+		} else if (s.target.trim().length === 0) return `Scope ${s.type}: pick a target`;
+		if (s.access.length === 0) {
+			const targetDesc = s.type === "device" ? `[${s.targets.join(",")}]` : s.target;
+			return `Scope ${s.type}:${targetDesc}: pick at least one access`;
+		}
 	}
 	return null;
 }
@@ -24555,10 +24724,13 @@ exports.useTurnOrchestratorGetAllServers = useTurnOrchestratorGetAllServers;
 exports.useTurnOrchestratorListProviders = useTurnOrchestratorListProviders;
 exports.useTurnOrchestratorSetProviderEnabled = useTurnOrchestratorSetProviderEnabled;
 exports.useTurnProviderGetTurnServers = useTurnProviderGetTurnServers;
+exports.useUserManagementConfirmTotp = useUserManagementConfirmTotp;
 exports.useUserManagementCreateApiKey = useUserManagementCreateApiKey;
 exports.useUserManagementCreateScopedToken = useUserManagementCreateScopedToken;
 exports.useUserManagementCreateUser = useUserManagementCreateUser;
 exports.useUserManagementDeleteUser = useUserManagementDeleteUser;
+exports.useUserManagementDisableTotp = useUserManagementDisableTotp;
+exports.useUserManagementGetTotpStatus = useUserManagementGetTotpStatus;
 exports.useUserManagementListApiKeys = useUserManagementListApiKeys;
 exports.useUserManagementListScopedTokens = useUserManagementListScopedTokens;
 exports.useUserManagementListUsers = useUserManagementListUsers;
@@ -24566,10 +24738,12 @@ exports.useUserManagementResetPassword = useUserManagementResetPassword;
 exports.useUserManagementRevokeApiKey = useUserManagementRevokeApiKey;
 exports.useUserManagementRevokeScopedToken = useUserManagementRevokeScopedToken;
 exports.useUserManagementSetUserScopes = useUserManagementSetUserScopes;
+exports.useUserManagementSetupTotp = useUserManagementSetupTotp;
 exports.useUserManagementUpdateUser = useUserManagementUpdateUser;
 exports.useUserManagementValidateApiKey = useUserManagementValidateApiKey;
 exports.useUserManagementValidateCredentials = useUserManagementValidateCredentials;
 exports.useUserManagementValidateScopedToken = useUserManagementValidateScopedToken;
+exports.useUserManagementVerifyTotp = useUserManagementVerifyTotp;
 exports.useWebrtcSessionCloseSession = useWebrtcSessionCloseSession;
 exports.useWebrtcSessionCreateSession = useWebrtcSessionCreateSession;
 exports.useWebrtcSessionHandleAnswer = useWebrtcSessionHandleAnswer;