@checkstack/auth-frontend 0.6.4 → 0.6.6

package/CHANGELOG.md

@@ -1,5 +1,78 @@
 # @checkstack/auth-frontend
 
+## 0.6.6
+
+### Patch Changes
+
+- Updated dependencies [e2d6f25]
+- Updated dependencies [41c77f4]
+- Updated dependencies [41c77f4]
+- Updated dependencies [41c77f4]
+- Updated dependencies [41c77f4]
+- Updated dependencies [4832e33]
+- Updated dependencies [6d52276]
+- Updated dependencies [35bc682]
+- Updated dependencies [c39ee69]
+  - @checkstack/frontend-api@0.6.0
+  - @checkstack/ui@1.11.0
+  - @checkstack/common@0.12.0
+  - @checkstack/auth-common@0.7.2
+
+## 0.6.5
+
+### Patch Changes
+
+- f23f3c9: Phase 12 of the v1 polishing plan: three coordinated cleanup items that
+  close out half-finished features ahead of v1.0.
+
+  `@checkstack/incident-backend` adds focused unit-test coverage for
+  `IncidentService.hasActiveIncidentWithSuppression` in
+  `core/incident-backend/src/service.test.ts`. The new tests exercise the
+  real query-builder logic against a programmable mock data source and
+  pin down the active-only silencing contract: returns `true` only when
+  an unresolved incident with `suppressNotifications=true` is associated
+  with the queried `systemId`; returns `false` for resolved incidents,
+  incidents with `suppressNotifications=false`, systems with no incident
+  associations, and other systems' silenced incidents. No runtime
+  changes; the service code was already correct end-to-end (write path
+  through `IncidentEditor`, read path through the healthcheck queue
+  executor and dependency notifications). A companion docs page,
+  `docs/src/content/docs/architecture/alert-silencing.md`, documents the
+  contract, the two read sites, and the dispatch paths silencing does
+  NOT cover so users aren't surprised when an unaware channel keeps
+  firing.
+
+  `@checkstack/auth-frontend` surfaces inline role assignment inside the
+  user-creation dialog so admins can pick role(s) atomically with the
+  create call. `CreateUserDialog` now renders a checkbox list of
+  assignable roles (those with `isAssignable !== false`); on submit,
+  `UsersTab` awaits `createCredentialUser`, then immediately calls
+  `updateUserRoles` with the selected role IDs. On partial failure
+  (user created, role assignment failed) the UI surfaces a warning toast
+  naming the recovery path rather than silently misreporting success. No
+  new endpoints — reuses the existing `createCredentialUser` +
+  `updateUserRoles` contract pair. A companion docs page,
+  `docs/src/content/docs/architecture/users-and-teams.md`, documents the
+  identity / role / team model, the two S2S endpoints
+  (`checkResourceTeamAccess`, `getAccessibleResourceIds`) other plugins
+  should call to honour team grants, and explicitly defers audit
+  logging, CSV export, team-scoped resource-management UI, and deletion
+  side-effect handling to v1.1.
+
+  The third item — deleting the empty `core/status-frontend/` and
+  `core/status-page-backend/` shells — is tooling-only and intentionally
+  ships without a changeset; neither shell had a `package.json`, source
+  file, or downstream importer.
+
+- Updated dependencies [f23f3c9]
+- Updated dependencies [f23f3c9]
+- Updated dependencies [f23f3c9]
+- Updated dependencies [f23f3c9]
+  - @checkstack/common@0.11.0
+  - @checkstack/frontend-api@0.5.2
+  - @checkstack/ui@1.10.0
+  - @checkstack/auth-common@0.7.1
+
 ## 0.6.4
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/auth-frontend",
-  "version": "0.6.4",
+  "version": "0.6.6",
   "license": "Elastic-2.0",
   "type": "module",
   "main": "src/index.tsx",
@@ -18,14 +18,14 @@
     "test:e2e": "bunx playwright test"
   },
   "dependencies": {
-    "@checkstack/frontend-api": "0.5.1",
-    "@checkstack/common": "0.10.0",
-    "@checkstack/ui": "1.8.3",
+    "@checkstack/frontend-api": "0.5.2",
+    "@checkstack/common": "0.11.0",
+    "@checkstack/ui": "1.10.0",
     "react": "^18.2.0",
     "react-router-dom": "^6.22.0",
     "lucide-react": "^0.344.0",
     "better-auth": "^1.1.8",
-    "@checkstack/auth-common": "0.7.0"
+    "@checkstack/auth-common": "0.7.1"
   },
   "devDependencies": {
     "typescript": "^5.0.0",
@@ -33,6 +33,6 @@
     "@playwright/test": "^1.49.0",
     "@checkstack/test-utils-frontend": "0.0.5",
     "@checkstack/tsconfig": "0.0.7",
-    "@checkstack/scripts": "0.3.2"
+    "@checkstack/scripts": "0.3.3"
   }
 }

package/src/components/CreateUserDialog.tsx

@@ -9,27 +9,39 @@ import {
   Button,
   Input,
   Label,
+  Checkbox,
 } from "@checkstack/ui";
 import { passwordSchema } from "@checkstack/auth-common";
+import type { Role } from "../api";
 
 interface CreateUserDialogProps {
   open: boolean;
   onOpenChange: (open: boolean) => void;
+  /**
+   * Assignable roles, surfaced as an optional multi-select inside the
+   * dialog so admins can pick role(s) atomically with user creation.
+   * Roles where `isAssignable === false` (e.g. anonymous) are filtered
+   * out by the caller before being passed in.
+   */
+  assignableRoles: Role[];
   onSubmit: (data: {
     name: string;
     email: string;
     password: string;
+    roleIds: string[];
   }) => Promise<void>;
 }
 
 export const CreateUserDialog: React.FC<CreateUserDialogProps> = ({
   open,
   onOpenChange,
+  assignableRoles,
   onSubmit,
 }) => {
   const [name, setName] = useState("");
   const [email, setEmail] = useState("");
   const [password, setPassword] = useState("");
+  const [selectedRoleIds, setSelectedRoleIds] = useState<string[]>([]);
   const [loading, setLoading] = useState(false);
   const [validationErrors, setValidationErrors] = useState<string[]>([]);
 
@@ -39,6 +51,7 @@ export const CreateUserDialog: React.FC<CreateUserDialogProps> = ({
       setName("");
       setEmail("");
       setPassword("");
+      setSelectedRoleIds([]);
       setValidationErrors([]);
     }
   }, [open]);
@@ -68,13 +81,21 @@ export const CreateUserDialog: React.FC<CreateUserDialogProps> = ({
 
     setLoading(true);
     try {
-      await onSubmit({ name, email, password });
+      await onSubmit({ name, email, password, roleIds: selectedRoleIds });
       onOpenChange(false);
     } finally {
       setLoading(false);
     }
   };
 
+  const handleToggleRole = (roleId: string) => {
+    setSelectedRoleIds((prev) =>
+      prev.includes(roleId)
+        ? prev.filter((id) => id !== roleId)
+        : [...prev, roleId],
+    );
+  };
+
   const isValid =
     name.trim().length > 0 &&
     email.trim().length > 0 &&
@@ -135,6 +156,35 @@ export const CreateUserDialog: React.FC<CreateUserDialogProps> = ({
                 At least 8 characters with uppercase, lowercase, and number
               </p>
             </div>
+            {assignableRoles.length > 0 && (
+              <div className="grid gap-2">
+                <Label>Roles</Label>
+                <div className="flex flex-col gap-2 max-h-40 overflow-y-auto">
+                  {assignableRoles.map((role) => (
+                    <div
+                      key={role.id}
+                      className="flex items-center space-x-2"
+                    >
+                      <Checkbox
+                        id={`create-role-${role.id}`}
+                        checked={selectedRoleIds.includes(role.id)}
+                        onCheckedChange={() => handleToggleRole(role.id)}
+                      />
+                      <label
+                        htmlFor={`create-role-${role.id}`}
+                        className="text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70"
+                      >
+                        {role.name}
+                      </label>
+                    </div>
+                  ))}
+                </div>
+                <p className="text-xs text-muted-foreground">
+                  Optional. Roles are assigned immediately after the user is
+                  created.
+                </p>
+              </div>
+            )}
           </div>
           <DialogFooter>
             <Button

package/src/components/UsersTab.tsx

@@ -84,10 +84,6 @@ export const UsersTab: React.FC<UsersTabProps> = ({
   });
 
   const createUserMutation = authClient.createCredentialUser.useMutation({
-    onSuccess: () => {
-      toast.success("User created successfully");
-      void onDataChange();
-    },
     onError: (error) => {
       toast.error(
         extractErrorMessage(error, "Failed to create user"),
@@ -122,8 +118,27 @@ export const UsersTab: React.FC<UsersTabProps> = ({
     name: string;
     email: string;
     password: string;
+    roleIds: string[];
   }) => {
-    createUserMutation.mutate(data);
+    const { roleIds, ...credentials } = data;
+    const { userId } = await createUserMutation.mutateAsync(credentials);
+
+    if (roleIds.length > 0) {
+      try {
+        await updateRolesMutation.mutateAsync({ userId, roles: roleIds });
+        toast.success("User created with roles assigned");
+      } catch {
+        // updateRolesMutation.onError already surfaced a toast; the user
+        // record itself still exists, so flag the partial success.
+        toast.warning(
+          "User created, but role assignment failed. Edit the user to retry.",
+        );
+      }
+    } else {
+      toast.success("User created successfully");
+    }
+
+    await onDataChange();
   };
 
   return (
@@ -242,6 +257,7 @@ export const UsersTab: React.FC<UsersTabProps> = ({
       <CreateUserDialog
         open={createUserDialogOpen}
         onOpenChange={setCreateUserDialogOpen}
+        assignableRoles={roles.filter((role) => role.isAssignable !== false)}
         onSubmit={handleCreateUser}
       />
     </>