@capgo/cli 4.2.3 → 4.2.7

package/CHANGELOG.md

@@ -2,6 +2,35 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [4.2.7](https://github.com/Cap-go/CLI/compare/v4.2.6...v4.2.7) (2024-03-23)
+
+
+### Bug Fixes
+
+* lint issue ([a836b3c](https://github.com/Cap-go/CLI/commit/a836b3cf59a6396f2200a3a5383d5dd10e19ad07))
+
+### [4.2.6](https://github.com/Cap-go/CLI/compare/v4.2.5...v4.2.6) (2024-03-23)
+
+
+### Bug Fixes
+
+* lint ([92b0e46](https://github.com/Cap-go/CLI/commit/92b0e462b7cc3d2c77b585d6596aba746df16b71))
+* upload ([394b2ce](https://github.com/Cap-go/CLI/commit/394b2ceb1947de2e86870f1f3d57e9efe646b40a))
+
+### [4.2.5](https://github.com/Cap-go/CLI/compare/v4.2.4...v4.2.5) (2024-03-22)
+
+
+### Bug Fixes
+
+* zip json output ([4028f9b](https://github.com/Cap-go/CLI/commit/4028f9b79b3c53a7967a137784918f4ac614d011))
+
+### [4.2.4](https://github.com/Cap-go/CLI/compare/v4.2.3...v4.2.4) (2024-03-22)
+
+
+### Bug Fixes
+
+* make no-key works ([11eed1a](https://github.com/Cap-go/CLI/commit/11eed1a515d44800ef369303dd14c5218b2164ca))
+
 ### [4.2.3](https://github.com/Cap-go/CLI/compare/v4.2.2...v4.2.3) (2024-03-12)
 
 

package/dist/index.js

@@ -61137,7 +61137,7 @@ var {
 // package.json
 var package_default = {
   name: "@capgo/cli",
-  version: "4.2.3",
+  version: "4.2.7",
   description: "A CLI to upload to capgo servers",
   main: "dist/index.js",
   bin: {
@@ -62309,6 +62309,7 @@ var baseKeyPub = `${baseKey}.pub`;
 var defaultHost = "https://capgo.app";
 var defaultApiHost = "https://api.capgo.app";
 var defaultHostWeb = "https://web.capgo.app";
+var EMPTY_UUID = "00000000-0000-0000-0000-000000000000";
 var regexSemver = /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/;
 var formatError = (error) => error ? `
 ${import_prettyjson.default.render(error)}` : "";
@@ -62411,17 +62412,13 @@ async function getAppOwner(supabase, appId) {
   }
   return data.user_id;
 }
-async function isAllowedApp(supabase, apikey, appId) {
-  const { data } = await supabase.rpc("is_app_owner", { apikey, appid: appId }).single();
-  return !!data;
-}
 var OrganizationPerm = /* @__PURE__ */ ((OrganizationPerm2) => {
   OrganizationPerm2[OrganizationPerm2["none"] = 0] = "none";
   OrganizationPerm2[OrganizationPerm2["read"] = 1] = "read";
   OrganizationPerm2[OrganizationPerm2["upload"] = 2] = "upload";
   OrganizationPerm2[OrganizationPerm2["write"] = 3] = "write";
   OrganizationPerm2[OrganizationPerm2["admin"] = 4] = "admin";
-  OrganizationPerm2[OrganizationPerm2["owner"] = 5] = "owner";
+  OrganizationPerm2[OrganizationPerm2["super_admin"] = 5] = "super_admin";
   return OrganizationPerm2;
 })(OrganizationPerm || {});
 var hasOrganizationPerm = (perm, required) => perm >= required;
@@ -62457,7 +62454,7 @@ async function isAllowedAppOrg(supabase, apikey, appId) {
         break;
       }
       case "perm_owner": {
-        perm = 5 /* owner */;
+        perm = 5 /* super_admin */;
         break;
       }
       default: {
@@ -62568,10 +62565,10 @@ async function findMainFile() {
 async function updateOrCreateVersion(supabase, update) {
   return supabase.from("app_versions").upsert(update, { onConflict: "name,app_id" }).eq("app_id", update.app_id).eq("name", update.name);
 }
-async function uploadUrl(supabase, appId, bucketId) {
+async function uploadUrl(supabase, appId, name) {
   const data = {
     app_id: appId,
-    bucket_id: bucketId
+    name
   };
   try {
     const pathUploadLink = "private/upload_link";
@@ -62878,14 +62875,6 @@ The app size is ${mbSize} Mb, this may take a while to download for users
   (0, import_node_fs6.writeFileSync)(name, zipped);
   if (!json)
     s2.stop(`Saved to ${name}`);
-  if (options.json) {
-    const output = {
-      bundle: bundle2,
-      filename: name,
-      checksum
-    };
-    f2.info(formatError(output));
-  }
   await snag.track({
     channel: "app",
     event: "App zip",
@@ -62897,6 +62886,14 @@ The app size is ${mbSize} Mb, this may take a while to download for users
   }).catch();
   if (!json)
     $e(`Done \u2705`);
+  if (json) {
+    const output = {
+      bundle: bundle2,
+      filename: name,
+      checksum
+    };
+    console.log(JSON.stringify(output, null, 2));
+  }
   import_node_process9.default.exit();
 }
 
@@ -62938,24 +62935,6 @@ async function checkAppExists(supabase, appid) {
   const { data: app2 } = await supabase.rpc("exist_app_v2", { appid }).single();
   return !!app2;
 }
-async function checkAppExistsAndHasPermissionErr(supabase, apikey, appid, shouldExist = true) {
-  const appExist = await checkAppExists(supabase, appid);
-  const perm = await isAllowedApp(supabase, apikey, appid);
-  if (appExist && !shouldExist) {
-    f2.error(`App ${appid} already exist`);
-    program.error("");
-  }
-  if (!appExist && shouldExist) {
-    f2.error(`App ${appid} does not exist`);
-    program.error("");
-  }
-  if (appExist && !perm) {
-    f2.error(`App ${appid} exist and you don't have permission to access it`);
-    if (appid === "io.ionic.starter")
-      f2.info("Modify your appid in your capacitor.config.json file to something unique, this is a default appid for ionic starter app");
-    program.error("");
-  }
-}
 async function checkAppExistsAndHasPermissionOrgErr(supabase, apikey, appid, requiredPermission) {
   const permissions = await isAllowedAppOrg(supabase, apikey, appid);
   if (!permissions.okay) {
@@ -62988,6 +62967,11 @@ async function checkAppExistsAndHasPermissionOrgErr(supabase, apikey, appid, req
 var newIconPath = "assets/icon.png";
 
 // src/app/debug.ts
+function wait2(ms) {
+  return new Promise((resolve2) => {
+    setTimeout(resolve2, ms);
+  });
+}
 async function markSnag(channel2, userId, snag, event, icon = "\u2705") {
   await snag.track({
     channel: channel2,
@@ -63098,7 +63082,7 @@ async function waitLog(channel2, supabase, appId, snag, userId, deviceId) {
       now = (/* @__PURE__ */ new Date()).toISOString();
       query.after = now;
     }
-    await wait(1e3);
+    await wait2(1e3);
   }
   return Promise.resolve();
 }
@@ -63121,7 +63105,7 @@ async function debugApp(appId, options) {
   const snag = useLogSnag();
   const userId = await verifyUser(supabase, options.apikey);
   f2.info(`Getting active bundle in Capgo`);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 4 /* admin */);
   const doRun = await se({ message: `Automatic check if update working in device ?` });
   await cancelCommand("debug", doRun, userId, snag);
   if (doRun) {
@@ -63302,8 +63286,8 @@ var import_node_process12 = __toESM(require("node:process"));
 // src/api/channels.ts
 var import_node_process11 = __toESM(require("node:process"));
 var import_console_table_printer = __toESM(require_dist18());
-async function checkVersionNotUsedInChannel(supabase, appid, userId, versionData) {
-  const { data: channelFound, error: errorChannel } = await supabase.from("channels").select().eq("app_id", appid).eq("created_by", userId).eq("version", versionData.id);
+async function checkVersionNotUsedInChannel(supabase, appid, versionData) {
+  const { data: channelFound, error: errorChannel } = await supabase.from("channels").select().eq("app_id", appid).eq("version", versionData.id);
   if (errorChannel) {
     f2.error(`Cannot check Version ${appid}@${versionData.name}`);
     program.error("");
@@ -63336,8 +63320,8 @@ function findUnknownVersion(supabase, appId) {
 function createChannel(supabase, update) {
   return supabase.from("channels").insert(update).select().single();
 }
-function delChannel(supabase, name, appId, userId) {
-  return supabase.from("channels").delete().eq("name", name).eq("app_id", appId).eq("created_by", userId).single();
+function delChannel(supabase, name, appId, _userId) {
+  return supabase.from("channels").delete().eq("name", name).eq("app_id", appId).single();
 }
 function displayChannels(data) {
   const t = new import_console_table_printer.Table({
@@ -63411,7 +63395,7 @@ async function addChannel(channelId, appId, options, shouldExit = true) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 4 /* admin */);
   f2.info(`Creating channel ${appId}#${channelId} to Capgo`);
   try {
     const data = await findUnknownVersion(supabase, appId);
@@ -63423,7 +63407,7 @@ async function addChannel(channelId, appId, options, shouldExit = true) {
       name: channelId,
       app_id: appId,
       version: data.id,
-      created_by: userId
+      owner_org: EMPTY_UUID
     });
     f2.success(`Channel created \u2705`);
     await snag.track({
@@ -63463,7 +63447,7 @@ async function uploadBundle(appid, options, shouldExit = true) {
   oe(`Uploading`);
   await checkLatest();
   let { bundle: bundle2, path: path3, channel: channel2 } = options;
-  const { external, key: key2 = false, displayIvSession, autoMinUpdateVersion, ignoreMetadataCheck } = options;
+  const { external, key: key2, displayIvSession, autoMinUpdateVersion, ignoreMetadataCheck } = options;
   let { minUpdateVersion } = options;
   options.apikey = options.apikey || findSavedKey();
   const snag = useLogSnag();
@@ -63573,8 +63557,6 @@ Trial expires in ${isTrial2} days`);
     f2.error(`Version already exists ${formatError(appVersionError)}`);
     program.error("");
   }
-  const safeBundle = bundle2.replace(/[^a-zA-Z0-9-_.!*'()]/g, "__");
-  const fileName = `${safeBundle}.zip`;
   let sessionKey;
   let checksum = "";
   let zipped = null;
@@ -63586,7 +63568,9 @@ Trial expires in ${isTrial2} days`);
     s.start(`Calculating checksum`);
     checksum = await (0, import_checksum2.checksum)(zipped, "crc32");
     s.stop(`Checksum: ${checksum}`);
-    if (key2 || (0, import_node_fs8.existsSync)(baseKeyPub)) {
+    if (key2 === false) {
+      f2.info(`Encryption ignored`);
+    } else if (key2 || (0, import_node_fs8.existsSync)(baseKeyPub)) {
       const publicKey = typeof key2 === "string" ? key2 : baseKeyPub;
       let keyData = options.keyData || "";
       if (!keyData && !(0, import_node_fs8.existsSync)(publicKey)) {
@@ -63663,8 +63647,7 @@ The app size is ${mbSize} Mb, this may take a while to download for users
   const nativePackages = hashedLocalDependencies.size > 0 || !options.ignoreMetadataCheck ? Array.from(hashedLocalDependencies, ([name, value]) => ({ name, version: value.version })) : void 0;
   const appOwner = await getAppOwner(supabase, appid);
   const versionData = {
-    bucket_id: external ? void 0 : fileName,
-    user_id: appOwner,
+    // bucket_id: external ? undefined : fileName,
     name: bundle2,
     app_id: appid,
     session_key: sessionKey,
@@ -63672,6 +63655,8 @@ The app size is ${mbSize} Mb, this may take a while to download for users
     storage_provider: external ? "external" : "r2-direct",
     minUpdateVersion,
     native_packages: nativePackages,
+    owner_org: EMPTY_UUID,
+    user_id: userId,
     checksum
   };
   const { error: dbError } = await updateOrCreateVersion(supabase, versionData);
@@ -63682,7 +63667,7 @@ The app size is ${mbSize} Mb, this may take a while to download for users
   if (!external && zipped) {
     const spinner = de();
     spinner.start(`Uploading Bundle`);
-    const url = await uploadUrl(supabase, appid, fileName);
+    const url = await uploadUrl(supabase, appid, bundle2);
     if (!url) {
       f2.error(`Cannot get upload url`);
       program.error("");
@@ -63710,7 +63695,8 @@ The app size is ${mbSize} Mb, this may take a while to download for users
       name: channel2,
       app_id: appid,
       created_by: appOwner,
-      version: versionId
+      version: versionId,
+      owner_org: EMPTY_UUID
     });
     if (dbError3) {
       f2.error(`Cannot set channel, the upload key is not allowed to do that, use the "all" for this. ${formatError(dbError3)}`);
@@ -63945,7 +63931,7 @@ async function addApp(appId, options, throwErr = true) {
     program.error("");
   }
   const supabase = await createSupabaseClient(options.apikey);
-  const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
+  let userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
   await checkPlanValid(supabase, userId, options.apikey, void 0, false);
   const appExist = await checkAppExists(supabase, appId);
   if (throwErr && appExist) {
@@ -63954,6 +63940,27 @@ async function addApp(appId, options, throwErr = true) {
   } else if (appExist) {
     return true;
   }
+  const { error: orgError, data: allOrganizations } = await supabase.rpc("get_orgs_v4");
+  if (orgError) {
+    f2.error("Cannot get the list of organizations - exiting");
+    f2.error(`Error ${JSON.stringify(orgError)}`);
+    program.error("");
+  }
+  const adminOrgs = allOrganizations.filter((org) => org.role === "admin" || org.role === "super_admin");
+  const organizationUidRaw = adminOrgs.length > 1 ? await ie({
+    message: "Please pick the organization that you want to insert to",
+    options: adminOrgs.map((org) => {
+      return { value: org.gid, label: org.name };
+    })
+  }) : adminOrgs[0].gid;
+  if (eD(organizationUidRaw)) {
+    f2.error("Canceled organization selection, exiting");
+    program.error("");
+  }
+  const organizationUid = organizationUidRaw;
+  const organization = allOrganizations.find((org) => org.gid === organizationUid);
+  userId = organization.created_by;
+  f2.info(`Using the organization "${organization.name}" as the app owner`);
   let { name, icon } = options;
   appId = appId || config?.app?.appId;
   name = name || config?.app?.appName || "Unknown";
@@ -63994,7 +64001,7 @@ async function addApp(appId, options, throwErr = true) {
   }
   const { error: dbError } = await supabase.from("apps").insert({
     icon_url: signedURL,
-    user_id: userId,
+    owner_org: organizationUid,
     name,
     app_id: appId
   });
@@ -64003,12 +64010,12 @@ async function addApp(appId, options, throwErr = true) {
     program.error("");
   }
   const { error: dbVersionError } = await supabase.from("app_versions").insert([{
-    user_id: userId,
+    owner_org: organizationUid,
     deleted: true,
     name: "unknown",
     app_id: appId
   }, {
-    user_id: userId,
+    owner_org: organizationUid,
     deleted: true,
     name: "builtin",
     app_id: appId
@@ -64323,20 +64330,20 @@ async function checkVersionNotUsedInDeviceOverride(supabase, appid, versionData)
 }
 
 // src/api/versions.ts
-async function deleteAppVersion(supabase, appid, userId, bundle2) {
+async function deleteAppVersion(supabase, appid, bundle2) {
   const { error: delAppSpecVersionError } = await supabase.from("app_versions").update({
     deleted: true
-  }).eq("app_id", appid).eq("deleted", false).eq("user_id", userId).eq("name", bundle2);
+  }).eq("app_id", appid).eq("deleted", false).eq("name", bundle2);
   if (delAppSpecVersionError) {
     f2.error(`App Version ${appid}@${bundle2} not found in database`);
     program.error("");
   }
 }
-async function deleteSpecificVersion(supabase, appid, userId, bundle2) {
-  const versionData = await getVersionData(supabase, appid, userId, bundle2);
-  await checkVersionNotUsedInChannel(supabase, appid, userId, versionData);
+async function deleteSpecificVersion(supabase, appid, _userId, bundle2) {
+  const versionData = await getVersionData(supabase, appid, bundle2);
+  await checkVersionNotUsedInChannel(supabase, appid, versionData);
   await checkVersionNotUsedInDeviceOverride(supabase, appid, versionData);
-  await deleteAppVersion(supabase, appid, userId, bundle2);
+  await deleteAppVersion(supabase, appid, bundle2);
 }
 function displayBundles(data) {
   const t = new import_console_table_printer2.Table({
@@ -64352,8 +64359,8 @@ function displayBundles(data) {
   });
   f2.success(t.render());
 }
-async function getActiveAppVersions(supabase, appid, userId) {
-  const { data, error: vError } = await supabase.from("app_versions").select().eq("app_id", appid).eq("user_id", userId).eq("deleted", false).order("created_at", { ascending: false });
+async function getActiveAppVersions(supabase, appid, _userId) {
+  const { data, error: vError } = await supabase.from("app_versions").select().eq("app_id", appid).eq("deleted", false).order("created_at", { ascending: false });
   if (vError) {
     f2.error(`App ${appid} not found in database`);
     program.error("");
@@ -64368,8 +64375,8 @@ async function getChannelsVersion(supabase, appid) {
   }
   return channels.map((c2) => c2.version);
 }
-async function getVersionData(supabase, appid, userId, bundle2) {
-  const { data: versionData, error: versionIdError } = await supabase.from("app_versions").select().eq("app_id", appid).eq("user_id", userId).eq("name", bundle2).eq("deleted", false).single();
+async function getVersionData(supabase, appid, bundle2) {
+  const { data: versionData, error: versionIdError } = await supabase.from("app_versions").select().eq("app_id", appid).eq("name", bundle2).eq("deleted", false).single();
   if (!versionData || versionIdError) {
     f2.error(`App Version ${appid}@${bundle2} doesn't exist`);
     program.error("");
@@ -64395,7 +64402,7 @@ async function listBundle(appId, options) {
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all", "read", "upload"]);
   f2.info(`Querying available versions of: ${appId} in Capgo`);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 1 /* read */);
   const allVersions = await getActiveAppVersions(supabase, appId, userId);
   f2.info(`Active versions in Capgo: ${allVersions?.length}`);
   displayBundles(allVersions);
@@ -64570,7 +64577,7 @@ async function deleteBundle(bundleId, appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 3 /* write */);
   appId = appId || config?.app?.appId;
   if (!options.apikey) {
     f2.error("Missing API key, you need to provide an API key to delete your app");
@@ -64610,7 +64617,7 @@ async function setChannel(channel2, appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 4 /* admin */);
   const { bundle: bundle2, latest, downgrade, upgrade, ios, android, selfAssign, state, disableAutoUpdate } = options;
   if (!channel2) {
     f2.error("Missing argument, you need to provide a channel");
@@ -64722,13 +64729,13 @@ async function currentBundle(channel2, appId, options) {
     program.error("");
   }
   const supabase = await createSupabaseClient(options.apikey);
-  const userId = await verifyUser(supabase, options.apikey, ["write", "all", "read"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  const _userId = await verifyUser(supabase, options.apikey, ["write", "all", "read"]);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 1 /* read */);
   if (!channel2) {
     f2.error(`Please provide a channel to get the bundle from.`);
     program.error("");
   }
-  const { data: supabaseChannel, error } = await supabase.from("channels").select("version ( name )").eq("name", channel2).eq("app_id", appId).eq("created_by", userId).limit(1);
+  const { data: supabaseChannel, error } = await supabase.from("channels").select("version ( name )").eq("name", channel2).eq("app_id", appId).limit(1);
   if (error || supabaseChannel.length === 0) {
     f2.error(`Error retrieving channel ${channel2} for app ${appId}. Perhaps the channel does not exists?`);
     program.error("");
@@ -64820,8 +64827,8 @@ async function cleanupBundle(appid, options) {
     program.error("");
   }
   const supabase = await createSupabaseClient(options.apikey);
-  const userId = await verifyUser(supabase, options.apikey);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appid);
+  const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appid, 3 /* write */);
   f2.info(`Querying all available versions in Capgo`);
   let allVersions = await getActiveAppVersions(supabase, appid, userId);
   const versionInUse = await getChannelsVersion(supabase, appid);
@@ -64887,7 +64894,7 @@ async function deleteChannel(channelId, appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 4 /* admin */);
   f2.info(`Deleting channel ${appId}#${channelId} from Capgo`);
   try {
     await delChannel(supabase, channelId, appId, userId);
@@ -64926,7 +64933,7 @@ async function listChannels(appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all", "read", "upload"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 1 /* read */);
   f2.info(`Querying available channels in Capgo`);
   const allVersions = await getActiveChannels(supabase, appId);
   f2.info(`Active channels in Capgo: ${allVersions?.length}`);
@@ -64964,9 +64971,9 @@ async function setApp(appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 4 /* admin */);
   const { name, icon, retention } = options;
-  if (retention && !Number.isNaN(Number(retention))) {
+  if (retention && Number.isNaN(Number(retention))) {
     f2.error(`retention value must be a number`);
     program.error(``);
   } else if (retention && retention < 0) {
@@ -65032,15 +65039,39 @@ async function deleteApp(appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   const userId = await verifyUser(supabase, options.apikey, ["write", "all"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 5 /* super_admin */);
+  const { data: appOwnerRaw, error: appOwnerError } = await supabase.from("apps").select(`owner_org ( created_by )`).eq("app_id", appId).single();
+  const appOwner = appOwnerRaw;
+  if (!appOwnerError && (appOwner?.owner_org.created_by ?? "") !== userId) {
+    f2.warn("Deleting the app is not recomended for users that are not the organization owner");
+    f2.warn("You are invited as a super_admin but your are not the owner");
+    f2.warn("It's strongly recomended that you do not continue!");
+    const shouldContinue = await ie({
+      message: "Do you want to continue?",
+      options: [
+        {
+          label: "Yes",
+          value: "yes"
+        },
+        {
+          label: "No",
+          value: "no"
+        }
+      ]
+    });
+    if (eD(shouldContinue) || shouldContinue === "no") {
+      f2.error("Canceled deleting the app, exiting");
+      program.error("");
+    }
+  } else if (appOwnerError) {
+    f2.warn(`Cannot get the app owner ${formatError(appOwnerError)}`);
+  }
   const { error } = await supabase.storage.from(`images/${userId}`).remove([appId]);
   if (error)
     f2.error("Could not delete app logo");
   const { error: delError } = await supabase.storage.from(`apps/${appId}/${userId}`).remove(["versions"]);
-  if (delError) {
+  if (delError)
     f2.error("Could not delete app version");
-    program.error("");
-  }
   const { error: dbError } = await supabase.from("apps").delete().eq("app_id", appId).eq("user_id", userId);
   if (dbError) {
     f2.error("Could not delete app");
@@ -65083,7 +65114,7 @@ async function checkCompatibilityCommand(appId, options) {
   }
   const supabase = await createSupabaseClient(options.apikey);
   await verifyUser(supabase, options.apikey, ["write", "all", "read", "upload"]);
-  await checkAppExistsAndHasPermissionErr(supabase, options.apikey, appId);
+  await checkAppExistsAndHasPermissionOrgErr(supabase, options.apikey, appId, 1 /* read */);
   const { finalCompatibility } = await checkCompatibility(supabase, appId, channel2);
   const t = new import_console_table_printer4.Table({
     title: "Compatibility",
@@ -65122,7 +65153,6 @@ bundle.command("upload [appId]").alias("u").description("Upload a new bundle in
 bundle.command("compatibility [appId]").action(checkCompatibilityCommand).option("-a, --apikey <apikey>", "apikey to link to your account").option("-c, --channel <channel>", "channel to check the compatibility with").option("--text", "output text instead of emojis");
 bundle.command("delete [bundleId] [appId]").alias("d").description("Delete a bundle in Capgo Cloud").action(deleteBundle).option("-a, --apikey <apikey>", "apikey to link to your account");
 bundle.command("list [appId]").alias("l").description("List bundle in Capgo Cloud").action(listBundle).option("-a, --apikey <apikey>", "apikey to link to your account");
-bundle.command("unlink [appId]").description("Unlink a bundle in Capgo Cloud").action(listBundle).option("-a, --apikey <apikey>", "apikey to link to your account").option("-b, --bundle <bundle>", "bundle version number of the bundle to unlink");
 bundle.command("cleanup [appId]").alias("c").action(cleanupBundle).description("Cleanup bundle in Capgo Cloud").option("-b, --bundle <bundle>", "bundle version number of the app to delete").option("-a, --apikey <apikey>", "apikey to link to your account").option("-k, --keep <keep>", "number of version to keep").option("-f, --force", "force removal");
 bundle.command("decrypt [zipPath] [sessionKey]").description("Decrypt a signed zip bundle").action(decryptZip).option("--key <key>", "custom path for private signing key").option("--key-data <keyData>", "base64 private signing key");
 bundle.command("encrypt [zipPath]").description("Encrypt a zip bundle").action(encryptZip).option("--key <key>", "custom path for private signing key").option("--key-data <keyData>", "base64 private signing key");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@capgo/cli",
-  "version": "4.2.3",
+  "version": "4.2.7",
   "description": "A CLI to upload to capgo servers",
   "main": "dist/index.js",
   "bin": {

package/src/api/channels.ts

@@ -6,12 +6,11 @@ import * as p from '@clack/prompts'
 import type { Database } from '../types/supabase.types'
 import { formatError } from '../utils'
 
-export async function checkVersionNotUsedInChannel(supabase: SupabaseClient<Database>, appid: string, userId: string, versionData: Database['public']['Tables']['app_versions']['Row']) {
+export async function checkVersionNotUsedInChannel(supabase: SupabaseClient<Database>, appid: string, versionData: Database['public']['Tables']['app_versions']['Row']) {
   const { data: channelFound, error: errorChannel } = await supabase
     .from('channels')
     .select()
     .eq('app_id', appid)
-    .eq('created_by', userId)
     .eq('version', versionData.id)
   if (errorChannel) {
     p.log.error(`Cannot check Version ${appid}@${versionData.name}`)
@@ -63,13 +62,12 @@ export function createChannel(supabase: SupabaseClient<Database>, update: Databa
     .single()
 }
 
-export function delChannel(supabase: SupabaseClient<Database>, name: string, appId: string, userId: string) {
+export function delChannel(supabase: SupabaseClient<Database>, name: string, appId: string, _userId: string) {
   return supabase
     .from('channels')
     .delete()
     .eq('name', name)
     .eq('app_id', appId)
-    .eq('created_by', userId)
     .single()
 }
 interface version {

package/src/api/versions.ts

@@ -9,7 +9,7 @@ import { getHumanDate } from '../utils'
 import { checkVersionNotUsedInChannel } from './channels'
 import { checkVersionNotUsedInDeviceOverride } from './devices_override'
 
-export async function deleteAppVersion(supabase: SupabaseClient<Database>, appid: string, userId: string, bundle: string) {
+export async function deleteAppVersion(supabase: SupabaseClient<Database>, appid: string, bundle: string) {
   const { error: delAppSpecVersionError } = await supabase
     .from('app_versions')
     .update({
@@ -17,7 +17,6 @@ export async function deleteAppVersion(supabase: SupabaseClient<Database>, appid
     })
     .eq('app_id', appid)
     .eq('deleted', false)
-    .eq('user_id', userId)
     .eq('name', bundle)
   if (delAppSpecVersionError) {
     p.log.error(`App Version ${appid}@${bundle} not found in database`)
@@ -25,12 +24,12 @@ export async function deleteAppVersion(supabase: SupabaseClient<Database>, appid
   }
 }
 
-export async function deleteSpecificVersion(supabase: SupabaseClient<Database>, appid: string, userId: string, bundle: string) {
-  const versionData = await getVersionData(supabase, appid, userId, bundle)
-  await checkVersionNotUsedInChannel(supabase, appid, userId, versionData)
+export async function deleteSpecificVersion(supabase: SupabaseClient<Database>, appid: string, _userId: string, bundle: string) {
+  const versionData = await getVersionData(supabase, appid, bundle)
+  await checkVersionNotUsedInChannel(supabase, appid, versionData)
   await checkVersionNotUsedInDeviceOverride(supabase, appid, versionData)
   // Delete only a specific version in storage
-  await deleteAppVersion(supabase, appid, userId, bundle)
+  await deleteAppVersion(supabase, appid, bundle)
 }
 
 export function displayBundles(data: (Database['public']['Tables']['app_versions']['Row'] & { keep?: string })[]) {
@@ -51,12 +50,12 @@ export function displayBundles(data: (Database['public']['Tables']['app_versions
   p.log.success(t.render())
 }
 
-export async function getActiveAppVersions(supabase: SupabaseClient<Database>, appid: string, userId: string) {
+export async function getActiveAppVersions(supabase: SupabaseClient<Database>, appid: string, _userId: string) {
   const { data, error: vError } = await supabase
     .from('app_versions')
     .select()
     .eq('app_id', appid)
-    .eq('user_id', userId)
+    // .eq('user_id', userId)
     .eq('deleted', false)
     .order('created_at', { ascending: false })
 
@@ -68,7 +67,7 @@ export async function getActiveAppVersions(supabase: SupabaseClient<Database>, a
 }
 
 export async function getChannelsVersion(supabase: SupabaseClient<Database>, appid: string) {
-// get all channels versionID
+  // get all channels versionID
   const { data: channels, error: channelsError } = await supabase
     .from('channels')
     .select('version')
@@ -81,12 +80,11 @@ export async function getChannelsVersion(supabase: SupabaseClient<Database>, app
   return channels.map(c => c.version)
 }
 
-export async function getVersionData(supabase: SupabaseClient<Database>, appid: string, userId: string, bundle: string) {
+export async function getVersionData(supabase: SupabaseClient<Database>, appid: string, bundle: string) {
   const { data: versionData, error: versionIdError } = await supabase
     .from('app_versions')
     .select()
     .eq('app_id', appid)
-    .eq('user_id', userId)
     .eq('name', bundle)
     .eq('deleted', false)
     .single()