npm - @company-semantics/contracts - Versions diffs - 1.13.0 → 1.15.0 - Mend

@company-semantics/contracts 1.13.0 → 1.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/package.json +1 -1
package/src/api/generated-spec-hash.ts +2 -2
package/src/api/generated.ts +159 -10
package/src/org/index.ts +8 -0
package/src/org/schemas.ts +36 -0
package/src/org/types.ts +66 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@company-semantics/contracts",
-  "version": "1.13.0",
+  "version": "1.15.0",
   "private": false,
   "repository": {
     "type": "git",

package/src/api/generated-spec-hash.ts CHANGED Viewed

@@ -1,3 +1,3 @@
 // AUTO-GENERATED — do not edit. Run pnpm generate:spec-hash to regenerate.
-export const SPEC_HASH = '3c2104cecec4' as const;
-export const SPEC_HASH_FULL = '3c2104cecec403986da31a11310ce09d3dd773fd095b7416c0cf6f4e30d64f6c' as const;
+export const SPEC_HASH = 'b15100bf7771' as const;
+export const SPEC_HASH_FULL = 'b15100bf7771682644b63942432a672ffee7d4fdb1237201f491b4d8d3c6b238' as const;

package/src/api/generated.ts CHANGED Viewed

@@ -636,7 +636,8 @@ export interface paths {
             path?: never;
             cookie?: never;
         };
-        get?: never;
+        /** Get workspace member detail (roles, units, effective scopes, recent actions) */
+        get: operations["getWorkspaceMemberDetail"];
         put?: never;
         post?: never;
         /** Remove workspace member */
@@ -646,6 +647,23 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
+    "/api/rbac/roles": {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        /** List RBAC roles catalog (system + custom) with scopes and member counts */
+        get: operations["getRbacRoles"];
+        put?: never;
+        post?: never;
+        delete?: never;
+        options?: never;
+        head?: never;
+        patch?: never;
+        trace?: never;
+    };
     "/api/workspace/members/{id}/role": {
         parameters: {
             query?: never;
@@ -1430,7 +1448,8 @@ export interface paths {
         delete?: never;
         options?: never;
         head?: never;
-        patch?: never;
+        /** Update an org unit (name and/or description) */
+        patch: operations["updateOrgUnit"];
         trace?: never;
     };
     "/api/org-units/{unitId}/children": {
@@ -2336,15 +2355,49 @@ export interface components {
         WorkspaceHandleRequest: {
             handle: string;
         };
+        WorkspaceMemberUnitSummary: {
+            unitId: string;
+            unitName: string;
+            unitPath: string;
+            /** @enum {string} */
+            role: "owner" | "manager" | "member";
+        };
+        WorkspaceMember: {
+            id: string;
+            name: string;
+            email: string;
+            /** @enum {string} */
+            role: "owner" | "admin" | "member" | "auditor";
+            roleNames: string[];
+            joinedAt: string;
+            lastActiveAt: string | null;
+            unitMemberships: components["schemas"]["WorkspaceMemberUnitSummary"][];
+            unitMembershipsTruncated: boolean;
+            inviteStatus: ("active" | "pending" | "expired") | null;
+        };
+        MemberRecentAction: {
+            id: string;
+            timestamp: string;
+            action: string;
+            summary: string;
+        };
+        WorkspaceMemberDetail: components["schemas"]["WorkspaceMember"] & {
+            effectiveScopes: string[];
+            recentActions: components["schemas"]["MemberRecentAction"][];
+        };
+        RoleCatalogEntry: {
+            name: string;
+            /** @enum {string} */
+            type: "system" | "custom";
+            description: string;
+            scopes: string[];
+            memberCount: number;
+        };
+        RoleCatalogResponse: {
+            roles: components["schemas"]["RoleCatalogEntry"][];
+        };
         WorkspaceMembersResponse: {
-            items: {
-                id: string;
-                name: string;
-                email: string;
-                /** @enum {string} */
-                role: "owner" | "admin" | "member" | "auditor";
-                joinedAt: string;
-            }[];
+            items: components["schemas"]["WorkspaceMember"][];
             nextCursor: string | null;
             hasMore: boolean;
         };
@@ -2936,6 +2989,31 @@ export interface components {
                 updatedAt: string;
             };
         };
+        UpdateOrgUnitResponse: {
+            unit: {
+                /** Format: uuid */
+                id: string;
+                /** Format: uuid */
+                orgId: string;
+                parentId: string | null;
+                slug: string;
+                name: string;
+                description: string | null;
+                typeTag: string;
+                classification: ("execution_unit" | "org_container" | "custom") | null;
+                orderKey: string;
+                path: string;
+                /** @enum {string} */
+                syncMode: "manual_only" | "synced_readonly" | "synced_with_overrides";
+                visibilityDefault: ("public" | "private" | "restricted") | null;
+                metadata: {
+                    [key: string]: unknown;
+                };
+                archivedAt: string | null;
+                createdAt: string;
+                updatedAt: string;
+            };
+        };
         OrgUnitChildrenResponse: {
             /** Format: uuid */
             parentId: string;
@@ -4345,6 +4423,28 @@ export interface operations {
             };
         };
     };
+    getWorkspaceMemberDetail: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path: {
+                id: string;
+            };
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Workspace member detail */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["WorkspaceMemberDetail"];
+                };
+            };
+        };
+    };
     removeMember: {
         parameters: {
             query?: never;
@@ -4367,6 +4467,26 @@ export interface operations {
             };
         };
     };
+    getRbacRoles: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path?: never;
+            cookie?: never;
+        };
+        requestBody?: never;
+        responses: {
+            /** @description Role catalog */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["RoleCatalogResponse"];
+                };
+            };
+        };
+    };
     changeMemberRole: {
         parameters: {
             query?: never;
@@ -5522,6 +5642,35 @@ export interface operations {
             };
         };
     };
+    updateOrgUnit: {
+        parameters: {
+            query?: never;
+            header?: never;
+            path: {
+                unitId: string;
+            };
+            cookie?: never;
+        };
+        requestBody: {
+            content: {
+                "application/json": {
+                    name?: string;
+                    description?: string | null;
+                };
+            };
+        };
+        responses: {
+            /** @description Updated org unit */
+            200: {
+                headers: {
+                    [name: string]: unknown;
+                };
+                content: {
+                    "application/json": components["schemas"]["UpdateOrgUnitResponse"];
+                };
+            };
+        };
+    };
     listOrgUnitChildren: {
         parameters: {
             query?: never;

package/src/org/index.ts CHANGED Viewed

@@ -15,6 +15,11 @@ export type {
   WorkspaceRole,
   WorkspaceOverview,
   WorkspaceMember,
+  WorkspaceMemberUnitSummary,
+  WorkspaceMemberInviteStatus,
+  WorkspaceMemberDetail,
+  MemberRecentAction,
+  RoleCatalogEntry,
   AuthMethodConfig,
   WorkspaceAuthConfig,
   // SSO self-service setup types (PRD-00193)
@@ -120,6 +125,9 @@ export {
   WorkspaceAccessResponseSchema,
   WorkspaceOverviewSchema,
   WorkspaceMembersResponseSchema,
+  WorkspaceMemberDetailSchema,
+  RoleCatalogEntrySchema,
+  RoleCatalogResponseSchema,
   WorkspaceAuthConfigSchema,
   WorkspaceAuditEventSchema,
   WorkspaceAuditResponseSchema,

package/src/org/schemas.ts CHANGED Viewed

@@ -17,12 +17,48 @@ import { CursorPageSchema } from '../api/primitives';
 // Sub-schemas
 // ---------------------------------------------------------------------------
+const WorkspaceMemberUnitSummarySchema = z.object({
+  unitId: z.string(),
+  unitName: z.string(),
+  unitPath: z.string(),
+  role: z.enum(['owner', 'manager', 'member']),
+});
 const WorkspaceMemberSchema = z.object({
   id: z.string(),
   name: z.string(),
   email: z.string(),
   role: z.enum(['owner', 'admin', 'member', 'auditor']),
+  roleNames: z.array(z.string()),
   joinedAt: z.string(),
+  lastActiveAt: z.string().nullable(),
+  unitMemberships: z.array(WorkspaceMemberUnitSummarySchema),
+  unitMembershipsTruncated: z.boolean(),
+  inviteStatus: z.enum(['active', 'pending', 'expired']).nullable(),
+});
+const MemberRecentActionSchema = z.object({
+  id: z.string(),
+  timestamp: z.string(),
+  action: z.string(),
+  summary: z.string(),
+});
+export const WorkspaceMemberDetailSchema = WorkspaceMemberSchema.extend({
+  effectiveScopes: z.array(z.string()),
+  recentActions: z.array(MemberRecentActionSchema),
+});
+export const RoleCatalogEntrySchema = z.object({
+  name: z.string(),
+  type: z.enum(['system', 'custom']),
+  description: z.string(),
+  scopes: z.array(z.string()),
+  memberCount: z.number().int().nonnegative(),
+});
+export const RoleCatalogResponseSchema = z.object({
+  roles: z.array(RoleCatalogEntrySchema),
 });
 const WorkspaceOwnerSchema = z.object({

package/src/org/types.ts CHANGED Viewed

@@ -92,6 +92,24 @@ export interface WorkspaceOverview {
   claimable: boolean;
 }
+/**
+ * Single OrgUnit membership summary attached to a WorkspaceMember row.
+ * See ADR-BE-120 for the canonical OrgUnit tree model.
+ */
+export interface WorkspaceMemberUnitSummary {
+  unitId: string;
+  unitName: string;
+  /** Human-readable path from the OrgUnit tree (e.g. "Sales / Enterprise"). */
+  unitPath: string;
+  role: 'owner' | 'manager' | 'member';
+}
+/**
+ * Invite status for a workspace member row. `null` for members that have no
+ * associated invite record (joined pre-invite system).
+ */
+export type WorkspaceMemberInviteStatus = 'active' | 'pending' | 'expired';
 /**
  * Workspace member for the members list.
  * Human users only (no agent actors).
@@ -100,8 +118,56 @@ export interface WorkspaceMember {
   id: string;
   name: string;
   email: string;
+  /** Display role — derived collapse of RBAC into {owner,admin,member,auditor}. */
   role: WorkspaceRole;
+  /** Raw RBAC role names (e.g. 'org_owner', 'org_admin', 'auditor'). Superset of `role`. */
+  roleNames: string[];
   joinedAt: string;
+  /** ISO timestamp of last activity; null if never recorded. */
+  lastActiveAt: string | null;
+  /** OrgUnit memberships for this member, capped at a small number server-side. */
+  unitMemberships: WorkspaceMemberUnitSummary[];
+  /** True when server truncated `unitMemberships`; detail endpoint returns the full list. */
+  unitMembershipsTruncated: boolean;
+  /** Invite lifecycle status. `null` for members without an invite record. */
+  inviteStatus: WorkspaceMemberInviteStatus | null;
+}
+/**
+ * Recent audit action attached to a member-detail response.
+ * Lighter projection than WorkspaceAuditEvent — no actor block (implied by caller).
+ */
+export interface MemberRecentAction {
+  id: string;
+  timestamp: string;
+  action: string;
+  summary: string;
+}
+/**
+ * Full member detail, returned by GET /api/workspace/members/:userId and also
+ * the shape projected from /api/me for self-view.
+ */
+export interface WorkspaceMemberDetail extends WorkspaceMember {
+  /** Full resolved scope patterns — union of grants from all assigned roles. */
+  effectiveScopes: string[];
+  /** Up to N most recent audit actions attributed to this member. */
+  recentActions: MemberRecentAction[];
+}
+/**
+ * Entry in the RBAC roles catalog (GET /api/rbac/roles).
+ */
+export interface RoleCatalogEntry {
+  /** Canonical role name, e.g. 'org_owner'. */
+  name: string;
+  type: 'system' | 'custom';
+  /** One-line description sourced from system-roles.ts (or org-provided for custom). */
+  description: string;
+  /** Scope patterns granted by this role. May contain wildcards (e.g. 'org.view_*'). */
+  scopes: string[];
+  /** Number of active assignments in the current org. */
+  memberCount: number;
 }
 /**