@checkstack/incident-common 0.1.0 → 0.2.0

package/CHANGELOG.md

@@ -1,5 +1,81 @@
 # @checkstack/incident-common
 
+## 0.2.0
+
+### Minor Changes
+
+- 9faec1f: # Unified AccessRule Terminology Refactoring
+
+  This release completes a comprehensive terminology refactoring from "permission" to "accessRule" across the entire codebase, establishing a consistent and modern access control vocabulary.
+
+  ## Changes
+
+  ### Core Infrastructure (`@checkstack/common`)
+
+  - Introduced `AccessRule` interface as the primary access control type
+  - Added `accessPair()` helper for creating read/manage access rule pairs
+  - Added `access()` builder for individual access rules
+  - Replaced `Permission` type with `AccessRule` throughout
+
+  ### API Changes
+
+  - `env.registerPermissions()` → `env.registerAccessRules()`
+  - `meta.permissions` → `meta.access` in RPC contracts
+  - `usePermission()` → `useAccess()` in frontend hooks
+  - Route `permission:` field → `accessRule:` field
+
+  ### UI Changes
+
+  - "Roles & Permissions" tab → "Roles & Access Rules"
+  - "You don't have permission..." → "You don't have access..."
+  - All permission-related UI text updated
+
+  ### Documentation & Templates
+
+  - Updated 18 documentation files with AccessRule terminology
+  - Updated 7 scaffolding templates with `accessPair()` pattern
+  - All code examples use new AccessRule API
+
+  ## Migration Guide
+
+  ### Backend Plugins
+
+  ```diff
+  - import { permissionList } from "./permissions";
+  - env.registerPermissions(permissionList);
+  + import { accessRules } from "./access";
+  + env.registerAccessRules(accessRules);
+  ```
+
+  ### RPC Contracts
+
+  ```diff
+  - .meta({ userType: "user", permissions: [permissions.read.id] })
+  + .meta({ userType: "user", access: [access.read] })
+  ```
+
+  ### Frontend Hooks
+
+  ```diff
+  - const canRead = accessApi.usePermission(permissions.read.id);
+  + const canRead = accessApi.useAccess(access.read);
+  ```
+
+  ### Routes
+
+  ```diff
+  - permission: permissions.entityRead.id,
+  + accessRule: access.read,
+  ```
+
+### Patch Changes
+
+- Updated dependencies [9faec1f]
+- Updated dependencies [f533141]
+  - @checkstack/common@0.2.0
+  - @checkstack/frontend-api@0.1.0
+  - @checkstack/signal-common@0.1.0
+
 ## 0.1.0
 
 ### Minor Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/incident-common",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "type": "module",
   "exports": {
     ".": {

package/src/access.ts

@@ -0,0 +1,30 @@
+import { accessPair } from "@checkstack/common";
+
+/**
+ * Access rules for the Incident plugin.
+ */
+export const incidentAccess = {
+  /**
+   * Incident access with both read and manage levels.
+   * Read is public by default.
+   */
+  incident: accessPair(
+    "incident",
+    {
+      read: "View incidents",
+      manage: "Manage incidents - create, edit, resolve, and delete",
+    },
+    {
+      readIsDefault: true,
+      readIsPublic: true,
+    }
+  ),
+};
+
+/**
+ * All access rules for registration with the plugin system.
+ */
+export const incidentAccessRules = [
+  incidentAccess.incident.read,
+  incidentAccess.incident.manage,
+];

package/src/index.ts

@@ -1,4 +1,4 @@
-export { permissions, permissionList } from "./permissions";
+export { incidentAccess, incidentAccessRules } from "./access";
 export {
   incidentContract,
   IncidentApi,

package/src/rpc-contract.ts

@@ -2,10 +2,9 @@ import { oc } from "@orpc/contract";
 import { z } from "zod";
 import {
   createClientDefinition,
-  createResourceAccessList,
   type ProcedureMetadata,
 } from "@checkstack/common";
-import { permissions } from "./permissions";
+import { incidentAccess } from "./access";
 import { pluginMetadata } from "./plugin-metadata";
 import {
   IncidentWithSystemsSchema,
@@ -19,16 +18,12 @@ import {
 
 const _base = oc.$meta<ProcedureMetadata>({});
 
-// Resource access configurations for team-based access control
-const incidentListAccess = createResourceAccessList("incident", "incidents");
-
 export const incidentContract = {
   /** List all incidents with optional filters */
   listIncidents: _base
     .meta({
       userType: "public",
-      permissions: [permissions.incidentRead.id],
-      resourceAccess: [incidentListAccess],
+      access: [incidentAccess.incident.read],
     })
     .input(
       z
@@ -45,7 +40,7 @@ export const incidentContract = {
   getIncident: _base
     .meta({
       userType: "public",
-      permissions: [permissions.incidentRead.id],
+      access: [incidentAccess.incident.read],
     })
     .input(z.object({ id: z.string() }))
     .output(IncidentDetailSchema.nullable()),
@@ -54,7 +49,7 @@ export const incidentContract = {
   getIncidentsForSystem: _base
     .meta({
       userType: "public",
-      permissions: [permissions.incidentRead.id],
+      access: [incidentAccess.incident.read],
     })
     .input(z.object({ systemId: z.string() }))
     .output(z.array(IncidentWithSystemsSchema)),
@@ -63,7 +58,7 @@ export const incidentContract = {
   createIncident: _base
     .meta({
       userType: "authenticated",
-      permissions: [permissions.incidentManage.id],
+      access: [incidentAccess.incident.manage],
     })
     .input(CreateIncidentInputSchema)
     .output(IncidentWithSystemsSchema),
@@ -72,7 +67,7 @@ export const incidentContract = {
   updateIncident: _base
     .meta({
       userType: "authenticated",
-      permissions: [permissions.incidentManage.id],
+      access: [incidentAccess.incident.manage],
     })
     .input(UpdateIncidentInputSchema)
     .output(IncidentWithSystemsSchema),
@@ -81,7 +76,7 @@ export const incidentContract = {
   addUpdate: _base
     .meta({
       userType: "authenticated",
-      permissions: [permissions.incidentManage.id],
+      access: [incidentAccess.incident.manage],
     })
     .input(AddIncidentUpdateInputSchema)
     .output(IncidentUpdateSchema),
@@ -90,7 +85,7 @@ export const incidentContract = {
   resolveIncident: _base
     .meta({
       userType: "authenticated",
-      permissions: [permissions.incidentManage.id],
+      access: [incidentAccess.incident.manage],
     })
     .input(z.object({ id: z.string(), message: z.string().optional() }))
     .output(IncidentWithSystemsSchema),
@@ -99,7 +94,7 @@ export const incidentContract = {
   deleteIncident: _base
     .meta({
       userType: "authenticated",
-      permissions: [permissions.incidentManage.id],
+      access: [incidentAccess.incident.manage],
     })
     .input(z.object({ id: z.string() }))
     .output(z.object({ success: z.boolean() })),

package/src/permissions.ts

@@ -1,13 +0,0 @@
-import { createPermission, type Permission } from "@checkstack/common";
-
-export const permissions = {
-  /** Read access to incidents - granted to all users by default */
-  incidentRead: createPermission("incident", "read", "View incidents", {
-    isAuthenticatedDefault: true,
-    isPublicDefault: true,
-  }),
-  /** Manage incidents - create, edit, resolve, and delete */
-  incidentManage: createPermission("incident", "manage", "Manage incidents"),
-} as const satisfies Record<string, Permission>;
-
-export const permissionList = Object.values(permissions);