@checkstack/scripts 0.0.2 → 0.1.0

package/CHANGELOG.md

@@ -1,5 +1,73 @@
 # @checkstack/scripts
 
+## 0.1.0
+
+### Minor Changes
+
+- 9faec1f: # Unified AccessRule Terminology Refactoring
+
+  This release completes a comprehensive terminology refactoring from "permission" to "accessRule" across the entire codebase, establishing a consistent and modern access control vocabulary.
+
+  ## Changes
+
+  ### Core Infrastructure (`@checkstack/common`)
+
+  - Introduced `AccessRule` interface as the primary access control type
+  - Added `accessPair()` helper for creating read/manage access rule pairs
+  - Added `access()` builder for individual access rules
+  - Replaced `Permission` type with `AccessRule` throughout
+
+  ### API Changes
+
+  - `env.registerPermissions()` → `env.registerAccessRules()`
+  - `meta.permissions` → `meta.access` in RPC contracts
+  - `usePermission()` → `useAccess()` in frontend hooks
+  - Route `permission:` field → `accessRule:` field
+
+  ### UI Changes
+
+  - "Roles & Permissions" tab → "Roles & Access Rules"
+  - "You don't have permission..." → "You don't have access..."
+  - All permission-related UI text updated
+
+  ### Documentation & Templates
+
+  - Updated 18 documentation files with AccessRule terminology
+  - Updated 7 scaffolding templates with `accessPair()` pattern
+  - All code examples use new AccessRule API
+
+  ## Migration Guide
+
+  ### Backend Plugins
+
+  ```diff
+  - import { permissionList } from "./permissions";
+  - env.registerPermissions(permissionList);
+  + import { accessRules } from "./access";
+  + env.registerAccessRules(accessRules);
+  ```
+
+  ### RPC Contracts
+
+  ```diff
+  - .meta({ userType: "user", permissions: [permissions.read.id] })
+  + .meta({ userType: "user", access: [access.read] })
+  ```
+
+  ### Frontend Hooks
+
+  ```diff
+  - const canRead = accessApi.usePermission(permissions.read.id);
+  + const canRead = accessApi.useAccess(access.read);
+  ```
+
+  ### Routes
+
+  ```diff
+  - permission: permissions.entityRead.id,
+  + accessRule: access.read,
+  ```
+
 ## 0.0.2
 
 ### Patch Changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@checkstack/scripts",
-  "version": "0.0.2",
+  "version": "0.1.0",
   "bin": {
     "checkstack-scripts": "./src/cli.ts"
   },

package/src/commands/create.ts

@@ -240,7 +240,7 @@ export async function createCommand() {
         break;
       }
       case "common": {
-        console.log(`  3. Define your permissions in src/permissions.ts`);
+        console.log(`  3. Define your access rules in src/access.ts`);
         console.log(`  4. Define your schemas in src/schemas.ts`);
         console.log(`  5. Define your contract in src/rpc-contract.ts`);
         break;

package/src/templates/backend/src/index.ts.hbs

@@ -3,7 +3,7 @@ import {
   coreServices,
 } from "@checkstack/backend-api";
 import {
-  permissionList,
+  {{pluginNameCamel}}AccessRules,
   pluginMetadata,
   {{pluginNameCamel}}Contract,
 } from "@checkstack/{{pluginBaseName}}-common";
@@ -13,7 +13,7 @@ import { create{{pluginNamePascal}}Router } from "./router";
 export default createBackendPlugin({
   metadata: pluginMetadata,
   register(env) {
-    env.registerPermissions(permissionList);
+    env.registerAccessRules({{pluginNameCamel}}AccessRules);
 
     env.registerInit({
       schema,

package/src/templates/backend/src/router.ts.hbs

@@ -8,8 +8,8 @@ import { {{pluginNamePascal}}Service } from "./service";
 /**
  * Creates the {{pluginBaseName}} router using contract-based implementation.
  *
- * Auth and permissions are automatically enforced via autoAuthMiddleware
- * based on the contract's meta.userType and meta.permissions.
+ * Auth and access rules are automatically enforced via autoAuthMiddleware
+ * based on the contract's meta.userType and meta.access.
  */
 const os = implement({{pluginNameCamel}}Contract)
   .$context<RpcContext>()

package/src/templates/common/README.md.hbs

@@ -2,8 +2,8 @@
 {{pluginNamePascal}}
 Common Common package for the
 {{pluginNamePascal}}
-plugin. Contains shared contracts, types, and permissions. ## Structure -
-`src/permissions.ts` - Permission definitions - `src/schemas.ts` - Zod schemas
+plugin. Contains shared contracts, types, and access rules. ## Structure -
+`src/access.ts - Access rule definitions - `src/schemas.ts` - Zod schemas
 and type definitions - `src/rpc-contract.ts` - oRPC contract definition -
 `src/index.ts` - Barrel exports ## Usage This package is consumed by both: -
 `@checkstack/{{pluginBaseName}}-backend` - Implements the contract -

package/src/templates/common/src/access.ts.hbs

@@ -0,0 +1,28 @@
+import { accessPair } from "@checkstack/common";
+
+/**
+ * Access rules for the {{pluginBaseName}} plugin.
+ * Uses accessPair() to create read/manage access rule pairs.
+ */
+export const {{pluginNameCamel}}Access = {
+  /**
+   * Access rules for {{pluginBaseName}} data operations.
+   * - read: View {{pluginBaseName}} data (auto-assigned to authenticated users)
+   * - manage: Create, update, and delete {{pluginBaseName}} data
+   */
+  ...accessPair(
+    "{{pluginBaseName}}",
+    {
+      read: "Read {{pluginBaseName}} data",
+      manage: "Manage {{pluginBaseName}} data",
+    },
+    {
+      readIsDefault: true, // read is auto-assigned to "users" role
+    }
+  ),
+};
+
+/**
+ * List of all access rules for registration.
+ */
+export const {{pluginNameCamel}}AccessRules = Object.values({{pluginNameCamel}}Access);

package/src/templates/common/src/index.ts.hbs

@@ -1,5 +1,5 @@
-// Export permissions
-export { permissions, permissionList } from "./permissions";
+// Export access rules
+export { {{pluginNameCamel}}Access, {{pluginNameCamel}}AccessRules } from "./access";
 
 // Export routes
 export { {{pluginNameCamel}}Routes } from "./routes";

package/src/templates/common/src/rpc-contract.ts.hbs

@@ -6,7 +6,7 @@ import {
   Create{{pluginNamePascal}}ItemSchema,
   Update{{pluginNamePascal}}ItemSchema,
 } from "./schemas";
-import { permissions } from "./permissions";
+import { {{pluginNameCamel}}Access } from "./access";
 import { pluginMetadata } from "./plugin-metadata";
 
 // Create base builder with ProcedureMetadata support
@@ -14,26 +14,26 @@ import { pluginMetadata } from "./plugin-metadata";
 const _base = oc.$meta<ProcedureMetadata>({});
 
 export const {{pluginNameCamel}}Contract = {
-  // List all items - requires authenticated user with read permission
+  // List all items - requires authenticated user with read access
   getItems: _base
-    .meta({ userType: "user", permissions: [permissions.{{pluginNameCamel}}Read.id] })
+    .meta({ userType: "user", access: [{{pluginNameCamel}}Access.read] })
     .output(z.array({{pluginNamePascal}}ItemSchema)),
 
   // Get single item
   getItem: _base
-    .meta({ userType: "user", permissions: [permissions.{{pluginNameCamel}}Read.id] })
+    .meta({ userType: "user", access: [{{pluginNameCamel}}Access.read] })
     .input(z.string())
     .output({{pluginNamePascal}}ItemSchema),
 
   // Create item
   createItem: _base
-    .meta({ userType: "user", permissions: [permissions.{{pluginNameCamel}}Manage.id] })
+    .meta({ userType: "user", access: [{{pluginNameCamel}}Access.manage] })
     .input(Create{{pluginNamePascal}}ItemSchema)
     .output({{pluginNamePascal}}ItemSchema),
 
   // Update item
   updateItem: _base
-    .meta({ userType: "user", permissions: [permissions.{{pluginNameCamel}}Manage.id] })
+    .meta({ userType: "user", access: [{{pluginNameCamel}}Access.manage] })
     .input(
       z.object({
         id: z.string(),
@@ -44,7 +44,7 @@ export const {{pluginNameCamel}}Contract = {
 
   // Delete item
   deleteItem: _base
-    .meta({ userType: "user", permissions: [permissions.{{pluginNameCamel}}Manage.id] })
+    .meta({ userType: "user", access: [{{pluginNameCamel}}Access.manage] })
     .input(z.string())
     .output(z.void()),
 };

package/src/templates/frontend/src/index.tsx.hbs

@@ -1,7 +1,7 @@
 import { createFrontendPlugin, rpcApiRef, type ApiRef } from "@checkstack/frontend-api";
 import { {{pluginNameCamel}}ApiRef, type {{pluginNamePascal}}ApiClient } from "./api";
 import { {{pluginNamePascal}}ListPage } from "./components/{{pluginNamePascal}}ListPage";
-import { {{pluginNameCamel}}Routes, {{pluginNamePascal}}Api, pluginMetadata, permissions } from "@checkstack/{{pluginBaseName}}-common";
+import { {{pluginNameCamel}}Routes, {{pluginNamePascal}}Api, pluginMetadata, {{pluginNameCamel}}Access } from "@checkstack/{{pluginBaseName}}-common";
 
 export default createFrontendPlugin({
   metadata: pluginMetadata,
@@ -12,7 +12,7 @@ export default createFrontendPlugin({
       route: {{pluginNameCamel}}Routes.routes.home,
       element: <{{pluginNamePascal}}ListPage />,
       title: "{{pluginNamePascal}}",
-      permission: permissions.{{pluginNameCamel}}Read,
+      accessRule: {{pluginNameCamel}}Access.read,
     },
   ],
 
@@ -30,4 +30,3 @@ export default createFrontendPlugin({
 });
 
 export * from "./api";
-

package/src/templates/common/src/permissions.ts.hbs

@@ -1,17 +0,0 @@
-import { createPermission } from "@checkstack/common";
-
-export const permissions = {
-  {{pluginNameCamel}}Read: createPermission(
-    "{{pluginBaseName}}",
-    "read",
-    "Read {{pluginBaseName}} data",
-    { isAuthenticatedDefault: true } // Auto-assigned to "users" role
-  ),
-  {{pluginNameCamel}}Manage: createPermission(
-    "{{pluginBaseName}}",
-    "manage",
-    "Manage {{pluginBaseName}} data"
-  ),
-};
-
-export const permissionList = Object.values(permissions);