@checkstack/healthcheck-backend 0.2.0 → 0.3.0

package/CHANGELOG.md

@@ -1,5 +1,89 @@
 # @checkstack/healthcheck-backend
 
+## 0.3.0
+
+### Minor Changes
+
+- 9faec1f: # Unified AccessRule Terminology Refactoring
+
+  This release completes a comprehensive terminology refactoring from "permission" to "accessRule" across the entire codebase, establishing a consistent and modern access control vocabulary.
+
+  ## Changes
+
+  ### Core Infrastructure (`@checkstack/common`)
+
+  - Introduced `AccessRule` interface as the primary access control type
+  - Added `accessPair()` helper for creating read/manage access rule pairs
+  - Added `access()` builder for individual access rules
+  - Replaced `Permission` type with `AccessRule` throughout
+
+  ### API Changes
+
+  - `env.registerPermissions()` → `env.registerAccessRules()`
+  - `meta.permissions` → `meta.access` in RPC contracts
+  - `usePermission()` → `useAccess()` in frontend hooks
+  - Route `permission:` field → `accessRule:` field
+
+  ### UI Changes
+
+  - "Roles & Permissions" tab → "Roles & Access Rules"
+  - "You don't have permission..." → "You don't have access..."
+  - All permission-related UI text updated
+
+  ### Documentation & Templates
+
+  - Updated 18 documentation files with AccessRule terminology
+  - Updated 7 scaffolding templates with `accessPair()` pattern
+  - All code examples use new AccessRule API
+
+  ## Migration Guide
+
+  ### Backend Plugins
+
+  ```diff
+  - import { permissionList } from "./permissions";
+  - env.registerPermissions(permissionList);
+  + import { accessRules } from "./access";
+  + env.registerAccessRules(accessRules);
+  ```
+
+  ### RPC Contracts
+
+  ```diff
+  - .meta({ userType: "user", permissions: [permissions.read.id] })
+  + .meta({ userType: "user", access: [access.read] })
+  ```
+
+  ### Frontend Hooks
+
+  ```diff
+  - const canRead = accessApi.usePermission(permissions.read.id);
+  + const canRead = accessApi.useAccess(access.read);
+  ```
+
+  ### Routes
+
+  ```diff
+  - permission: permissions.entityRead.id,
+  + accessRule: access.read,
+  ```
+
+### Patch Changes
+
+- Updated dependencies [9faec1f]
+- Updated dependencies [827b286]
+- Updated dependencies [f533141]
+- Updated dependencies [aa4a8ab]
+  - @checkstack/backend-api@0.3.0
+  - @checkstack/catalog-backend@0.2.0
+  - @checkstack/catalog-common@1.1.0
+  - @checkstack/command-backend@0.1.0
+  - @checkstack/common@0.2.0
+  - @checkstack/healthcheck-common@0.3.0
+  - @checkstack/integration-backend@0.1.0
+  - @checkstack/signal-common@0.1.0
+  - @checkstack/queue-api@0.0.5
+
 ## 0.2.0
 
 ### Minor Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/healthcheck-backend",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "type": "module",
   "main": "src/index.ts",
   "scripts": {

package/src/index.ts

@@ -5,11 +5,11 @@ import {
 import * as schema from "./schema";
 import { NodePgDatabase } from "drizzle-orm/node-postgres";
 import {
-  permissionList,
+  healthCheckAccessRules,
+  healthCheckAccess,
   pluginMetadata,
   healthCheckContract,
   healthcheckRoutes,
-  permissions,
 } from "@checkstack/healthcheck-common";
 import {
   createBackendPlugin,
@@ -55,7 +55,7 @@ let storedEmitHook: EmitHookFn | undefined;
 export default createBackendPlugin({
   metadata: pluginMetadata,
   register(env) {
-    env.registerPermissions(permissionList);
+    env.registerAccessRules(healthCheckAccessRules);
 
     // Register hooks as integration events
     const integrationEvents = env.getExtensionPoint(
@@ -142,7 +142,7 @@ export default createBackendPlugin({
               route:
                 resolveRoute(healthcheckRoutes.routes.config) +
                 "?action=create",
-              requiredPermissions: [permissions.healthCheckManage],
+              requiredAccessRules: [healthCheckAccess.configuration.manage],
             },
             {
               id: "manage",
@@ -151,7 +151,7 @@ export default createBackendPlugin({
               iconName: "HeartPulse",
               shortcuts: ["meta+shift+h", "ctrl+shift+h"],
               route: resolveRoute(healthcheckRoutes.routes.config),
-              requiredPermissions: [permissions.healthCheckManage],
+              requiredAccessRules: [healthCheckAccess.configuration.manage],
             },
           ],
         });

package/src/router.test.ts

@@ -8,7 +8,7 @@ describe("HealthCheck Router", () => {
   const mockUser = {
     type: "user" as const,
     id: "test-user",
-    permissions: ["*"],
+    accessRules: ["*"],
     roles: ["admin"],
   };
 

package/src/router.ts

@@ -14,8 +14,8 @@ import { toJsonSchemaWithChartMeta } from "./schema-utils";
 /**
  * Creates the healthcheck router using contract-based implementation.
  *
- * Auth and permissions are automatically enforced via autoAuthMiddleware
- * based on the contract's meta.userType and meta.permissions.
+ * Auth and access rules are automatically enforced via autoAuthMiddleware
+ * based on the contract's meta.userType and meta.access.
  */
 export const createHealthCheckRouter = (
   database: NodePgDatabase<typeof schema>,

package/src/service.ts

@@ -491,7 +491,7 @@ export class HealthCheckService {
 
   /**
    * Get detailed health check run history with full result data.
-   * Restricted to users with manage permission.
+   * Restricted to users with manage access.
    */
   async getDetailedHistory(props: {
     systemId?: string;
@@ -530,7 +530,7 @@ export class HealthCheckService {
       .limit(limit)
       .offset(offset);
 
-    // Return with full result data for manage permission
+    // Return with full result data for manage access
     return {
       runs: runs.map((run) => ({
         id: run.id,