@company-semantics/contracts 13.9.0 → 13.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +1 -1
  2. package/src/api/generated.ts +6 -0
  3. package/src/org/__tests__/view-scopes.test.ts +2 -0
  4. package/src/org/view-scopes.ts +5 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@company-semantics/contracts",
3
- "version": "13.9.0",
3
+ "version": "13.10.0",
4
4
  "private": false,
5
5
  "repository": {
6
6
  "type": "git",
package/src/api/generated.ts CHANGED
@@ -3636,6 +3636,8 @@ export interface components {
3636
3636
  };
3637
3637
  /** @enum {string} */
3638
3638
  status: "pending" | "accepted" | "expired" | "revoked";
3639
+ /** Format: uuid */
3640
+ homeUnitId?: string;
3639
3641
  createdAt: string;
3640
3642
  expiresAt: string;
3641
3643
  acceptedAt?: string;
@@ -3646,6 +3648,8 @@ export interface components {
3646
3648
  email: string;
3647
3649
  /** @enum {string} */
3648
3650
  role: "admin" | "member";
3651
+ /** Format: uuid */
3652
+ homeUnitId?: string;
3649
3653
  };
3650
3654
  InviteListResponse: {
3651
3655
  id: string;
@@ -3659,6 +3663,8 @@ export interface components {
3659
3663
  };
3660
3664
  /** @enum {string} */
3661
3665
  status: "pending" | "accepted" | "expired" | "revoked";
3666
+ /** Format: uuid */
3667
+ homeUnitId?: string;
3662
3668
  createdAt: string;
3663
3669
  expiresAt: string;
3664
3670
  acceptedAt?: string;
package/src/org/__tests__/view-scopes.test.ts CHANGED
@@ -10,6 +10,7 @@ describe("VIEW_SCOPE_MAP golden snapshot", () => {
10
10
  "teamwork-member": "org.view_teamwork",
11
11
  "company-md": "org.view_company_md",
12
12
  "internal-admin": "internal.view_admin",
13
+ "execution-detail": "org.view_timeline",
13
14
  teams: null,
14
15
  chat: null,
15
16
  settings: null,
@@ -28,6 +29,7 @@ describe("getViewScope", () => {
28
29
  expect(getViewScope("teamwork")).toBe("org.view_teamwork");
29
30
  expect(getViewScope("company-md")).toBe("org.view_company_md");
30
31
  expect(getViewScope("internal-admin")).toBe("internal.view_admin");
32
+ expect(getViewScope("execution-detail")).toBe("org.view_timeline");
31
33
  });
32
34
 
33
35
  it("returns null for public views", () => {
package/src/org/view-scopes.ts CHANGED
@@ -23,6 +23,11 @@ export const VIEW_SCOPE_MAP = {
23
23
  "teamwork-member": "org.view_teamwork",
24
24
  "company-md": "org.view_company_md",
25
25
  "internal-admin": "internal.view_admin",
26
+ // `execution-detail` (/@org/executions/{id}) is gated behind the same scope as
27
+ // its only entry point, the timeline. Per-execution visibility is additionally
28
+ // enforced at the data layer (GET /summary + /result return 404 when the
29
+ // execution is not visible). See ADR-APP-045.
30
+ "execution-detail": "org.view_timeline",
26
31
  // Public views (require only authentication)
27
32
  // `teams`: team/directory visibility is membership-derived (ADR-BE-241 tier 1),
28
33
  // not a scope. Repointed from the never-enforced `org.view_teams` to null when