@checkstack/auth-backend 0.1.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +103 -0
- package/drizzle/0004_lucky_power_man.sql +21 -0
- package/drizzle/meta/0004_snapshot.json +1050 -0
- package/drizzle/meta/_journal.json +7 -0
- package/package.json +1 -1
- package/src/index.ts +166 -162
- package/src/router.test.ts +11 -11
- package/src/router.ts +98 -98
- package/src/schema.ts +20 -20
- package/src/teams.test.ts +836 -81
- package/src/utils/user.test.ts +10 -10
- package/src/utils/user.ts +13 -13
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,108 @@
|
|
|
1
1
|
# @checkstack/auth-backend
|
|
2
2
|
|
|
3
|
+
## 0.2.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- @checkstack/backend-api@0.3.1
|
|
8
|
+
- @checkstack/command-backend@0.1.1
|
|
9
|
+
|
|
10
|
+
## 0.2.0
|
|
11
|
+
|
|
12
|
+
### Minor Changes
|
|
13
|
+
|
|
14
|
+
- 9faec1f: # Unified AccessRule Terminology Refactoring
|
|
15
|
+
|
|
16
|
+
This release completes a comprehensive terminology refactoring from "permission" to "accessRule" across the entire codebase, establishing a consistent and modern access control vocabulary.
|
|
17
|
+
|
|
18
|
+
## Changes
|
|
19
|
+
|
|
20
|
+
### Core Infrastructure (`@checkstack/common`)
|
|
21
|
+
|
|
22
|
+
- Introduced `AccessRule` interface as the primary access control type
|
|
23
|
+
- Added `accessPair()` helper for creating read/manage access rule pairs
|
|
24
|
+
- Added `access()` builder for individual access rules
|
|
25
|
+
- Replaced `Permission` type with `AccessRule` throughout
|
|
26
|
+
|
|
27
|
+
### API Changes
|
|
28
|
+
|
|
29
|
+
- `env.registerPermissions()` → `env.registerAccessRules()`
|
|
30
|
+
- `meta.permissions` → `meta.access` in RPC contracts
|
|
31
|
+
- `usePermission()` → `useAccess()` in frontend hooks
|
|
32
|
+
- Route `permission:` field → `accessRule:` field
|
|
33
|
+
|
|
34
|
+
### UI Changes
|
|
35
|
+
|
|
36
|
+
- "Roles & Permissions" tab → "Roles & Access Rules"
|
|
37
|
+
- "You don't have permission..." → "You don't have access..."
|
|
38
|
+
- All permission-related UI text updated
|
|
39
|
+
|
|
40
|
+
### Documentation & Templates
|
|
41
|
+
|
|
42
|
+
- Updated 18 documentation files with AccessRule terminology
|
|
43
|
+
- Updated 7 scaffolding templates with `accessPair()` pattern
|
|
44
|
+
- All code examples use new AccessRule API
|
|
45
|
+
|
|
46
|
+
## Migration Guide
|
|
47
|
+
|
|
48
|
+
### Backend Plugins
|
|
49
|
+
|
|
50
|
+
```diff
|
|
51
|
+
- import { permissionList } from "./permissions";
|
|
52
|
+
- env.registerPermissions(permissionList);
|
|
53
|
+
+ import { accessRules } from "./access";
|
|
54
|
+
+ env.registerAccessRules(accessRules);
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
### RPC Contracts
|
|
58
|
+
|
|
59
|
+
```diff
|
|
60
|
+
- .meta({ userType: "user", permissions: [permissions.read.id] })
|
|
61
|
+
+ .meta({ userType: "user", access: [access.read] })
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
### Frontend Hooks
|
|
65
|
+
|
|
66
|
+
```diff
|
|
67
|
+
- const canRead = accessApi.usePermission(permissions.read.id);
|
|
68
|
+
+ const canRead = accessApi.useAccess(access.read);
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
### Routes
|
|
72
|
+
|
|
73
|
+
```diff
|
|
74
|
+
- permission: permissions.entityRead.id,
|
|
75
|
+
+ accessRule: access.read,
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
### Patch Changes
|
|
79
|
+
|
|
80
|
+
- 95eeec7: # Auto-login after credential registration
|
|
81
|
+
|
|
82
|
+
Users are now automatically logged in after successful registration when using the credential (email & password) authentication strategy.
|
|
83
|
+
|
|
84
|
+
## Changes
|
|
85
|
+
|
|
86
|
+
### Backend (`@checkstack/auth-backend`)
|
|
87
|
+
|
|
88
|
+
- Added `autoSignIn: true` to the `emailAndPassword` configuration in better-auth
|
|
89
|
+
- Users no longer need to manually log in after registration; a session is created immediately upon successful sign-up
|
|
90
|
+
|
|
91
|
+
### Frontend (`@checkstack/auth-frontend`)
|
|
92
|
+
|
|
93
|
+
- Updated `RegisterPage` to use full page navigation after registration to ensure the session state refreshes correctly
|
|
94
|
+
- Updated `LoginPage` to use full page navigation after login to ensure fresh permissions state when switching between users
|
|
95
|
+
|
|
96
|
+
- Updated dependencies [9faec1f]
|
|
97
|
+
- Updated dependencies [827b286]
|
|
98
|
+
- Updated dependencies [f533141]
|
|
99
|
+
- Updated dependencies [aa4a8ab]
|
|
100
|
+
- @checkstack/auth-common@0.2.0
|
|
101
|
+
- @checkstack/backend-api@0.3.0
|
|
102
|
+
- @checkstack/command-backend@0.1.0
|
|
103
|
+
- @checkstack/common@0.2.0
|
|
104
|
+
- @checkstack/notification-common@0.1.0
|
|
105
|
+
|
|
3
106
|
## 0.1.0
|
|
4
107
|
|
|
5
108
|
### Minor Changes
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
ALTER TABLE "permission" RENAME TO "access_rule";--> statement-breakpoint
|
|
2
|
+
ALTER TABLE "disabled_default_permission" RENAME TO "disabled_default_access_rule";--> statement-breakpoint
|
|
3
|
+
ALTER TABLE "disabled_public_default_permission" RENAME TO "disabled_public_default_access_rule";--> statement-breakpoint
|
|
4
|
+
ALTER TABLE "role_permission" RENAME TO "role_access_rule";--> statement-breakpoint
|
|
5
|
+
ALTER TABLE "disabled_default_access_rule" RENAME COLUMN "permission_id" TO "access_rule_id";--> statement-breakpoint
|
|
6
|
+
ALTER TABLE "disabled_public_default_access_rule" RENAME COLUMN "permission_id" TO "access_rule_id";--> statement-breakpoint
|
|
7
|
+
ALTER TABLE "role_access_rule" RENAME COLUMN "permission_id" TO "access_rule_id";--> statement-breakpoint
|
|
8
|
+
ALTER TABLE "disabled_default_access_rule" DROP CONSTRAINT "disabled_default_permission_permission_id_permission_id_fk";
|
|
9
|
+
--> statement-breakpoint
|
|
10
|
+
ALTER TABLE "disabled_public_default_access_rule" DROP CONSTRAINT "disabled_public_default_permission_permission_id_permission_id_fk";
|
|
11
|
+
--> statement-breakpoint
|
|
12
|
+
ALTER TABLE "role_access_rule" DROP CONSTRAINT "role_permission_role_id_role_id_fk";
|
|
13
|
+
--> statement-breakpoint
|
|
14
|
+
ALTER TABLE "role_access_rule" DROP CONSTRAINT "role_permission_permission_id_permission_id_fk";
|
|
15
|
+
--> statement-breakpoint
|
|
16
|
+
ALTER TABLE "role_access_rule" DROP CONSTRAINT "role_permission_role_id_permission_id_pk";--> statement-breakpoint
|
|
17
|
+
ALTER TABLE "role_access_rule" ADD CONSTRAINT "role_access_rule_role_id_access_rule_id_pk" PRIMARY KEY("role_id","access_rule_id");--> statement-breakpoint
|
|
18
|
+
ALTER TABLE "disabled_default_access_rule" ADD CONSTRAINT "disabled_default_access_rule_access_rule_id_access_rule_id_fk" FOREIGN KEY ("access_rule_id") REFERENCES "access_rule"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
|
|
19
|
+
ALTER TABLE "disabled_public_default_access_rule" ADD CONSTRAINT "disabled_public_default_access_rule_access_rule_id_access_rule_id_fk" FOREIGN KEY ("access_rule_id") REFERENCES "access_rule"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
|
|
20
|
+
ALTER TABLE "role_access_rule" ADD CONSTRAINT "role_access_rule_role_id_role_id_fk" FOREIGN KEY ("role_id") REFERENCES "role"("id") ON DELETE no action ON UPDATE no action;--> statement-breakpoint
|
|
21
|
+
ALTER TABLE "role_access_rule" ADD CONSTRAINT "role_access_rule_access_rule_id_access_rule_id_fk" FOREIGN KEY ("access_rule_id") REFERENCES "access_rule"("id") ON DELETE no action ON UPDATE no action;
|