@cubist-labs/cubesigner-sdk 0.4.231 → 0.4.237

package/src/schema_types.ts

@@ -245,6 +245,7 @@ export type PasswordResetRequest = schemas["PasswordResetRequest"];
 export type PasswordResetConfirmRequest = schemas["PasswordResetConfirmRequest"];
 export type EmailOtpResponse = schemas["EmailOtpResponse"];
 export type EmailTemplatePurpose = schemas["Purpose"];
+export type GetEmailConfigResponse = schemas["GetEmailConfigResponse"];
 
 export type Empty = schemas["EmptyImpl"];
 
@@ -290,10 +291,20 @@ export type ImportKeyRequestMaterial = schemas["ImportKeyRequestMaterial"];
 export type InvitationAcceptRequest = schemas["InvitationAcceptRequest"];
 
 export type KeyTypeAndDerivationPath = schemas["KeyTypeAndDerivationPath"];
-
 export type PolicyInfo = schemas["PolicyInfo"] & {
   acl?: JsonValue[];
 };
+
+/**
+ * Coerce the less accurate `PolicyInfo` type from the OpenAPI schema to a more accurate {@link PolicyInfo}.
+ *
+ * @param p The policy info received on the wire
+ * @returns The same value coerced to {@link PolicyInfo}
+ */
+export function coercePolicyInfo(p: schemas["PolicyInfo"]): PolicyInfo {
+  return p as PolicyInfo;
+}
+
 export type UpdatePolicyRequest = schemas["UpdatePolicyRequest"] & {
   rules?: JsonValue[];
   acl?: JsonValue[];
@@ -302,6 +313,10 @@ export type ListPoliciesResponse = schemas["PaginatedListPoliciesResponse"];
 export type PolicyType = schemas["PolicyType"];
 export type PolicyAttachedToId = schemas["PolicyAttachedToId"];
 
+export type ListBucketsResponse = schemas["PaginatedListBucketsResponse"];
+export type UpdateBucketRequest = schemas["UpdateBucketRequest"];
+export type BucketAction = schemas["BucketAction"];
+
 export type UploadWasmPolicyRequest = schemas["UploadWasmPolicyRequest"];
 export type UploadWasmPolicyResponse = schemas["UploadWasmPolicyResponse"];
 export type InvokePolicyRequest = schemas["InvokePolicyRequest"];

package/src/scopes.ts

@@ -55,7 +55,10 @@ export const AllScopes: Record<ExplicitScope, string> =
   "sign:mmi"                                    : "Allows access to the sign 'mmi' endpoint",
   "manage:*"                                    : "Allows access to all management endpoints (e.g., create role, create key, add key to role, etc.)",
   "manage:readonly"                             : "Allows access to all management readonly endpoints",
-  "manage:email"                                : "Allows access only to the email management endpoints",
+  "manage:email:*"                              : "Allows access only to the email management endpoints",
+  "manage:email:get"                            : "Allows access only to the email configuration 'get' endpoint",
+  "manage:email:update"                         : "Allows access only to the email configuration 'update' endpoint",
+  "manage:email:delete"                         : "Allows access only to the email configuration 'delete' endpoint",
   "manage:mfa:*"                                : "Allows access only to MFA endpoints (e.g., get/approve existing MFA request)",
   "manage:mfa:readonly"                         : "Allows access only to MFA readonly endpoints (e.g., get/list existing MFA request(s))",
   "manage:mfa:list"                             : "Allows access only to the MFA list endpoint (list existing MFA requests)",
@@ -83,10 +86,11 @@ export const AllScopes: Record<ExplicitScope, string> =
   "manage:key:create"                           : "Allows access only to key creation endpoints (e.g., 'create' and 'derive')",
   "manage:key:import"                           : "Allows access only to the key 'import' endpoint",
   "manage:key:update:*"                         : "Allows access only to the key 'update' endpoint, within which allowing all possible updates",
-  "manage:key:update:owner"                     : "Allows access only to the key 'update' endpoint, but restricting updates to the key owner property",
-  "manage:key:update:policy"                    : "Allows access only to the key 'update' endpoint, but restricting updates to the key policy property",
-  "manage:key:update:enabled"                   : "Allows access only to the key 'update' endpoint, but restricting updates to the key enabled property",
-  "manage:key:update:metadata"                  : "Allows access only to the key 'update' endpoint and restricts updates to the key metadata property",
+  "manage:key:update:owner"                     : "Allows access only to the key 'update' endpoint, but restricting updates to the key 'owner' property",
+  "manage:key:update:region"                    : "Allows access only to the key 'update' endpoint, but restricting updates to the key 'region' property",
+  "manage:key:update:policy"                    : "Allows access only to the key 'update' endpoint, but restricting updates to the key 'policy' property",
+  "manage:key:update:enabled"                   : "Allows access only to the key 'update' endpoint, but restricting updates to the key 'enabled' property",
+  "manage:key:update:metadata"                  : "Allows access only to the key 'update' endpoint and restricts updates to the key 'metadata' property",
   "manage:key:update:editPolicy"                : "Allows access only to the key 'update' endpoint and restricts updates to the 'edit_policy' property",
   "manage:key:delete"                           : "Allows access only to the key 'delete' endpoint",
   "manage:policy:*"                             : "Allows access to all policy endpoints",
@@ -111,6 +115,13 @@ export const AllScopes: Record<ExplicitScope, string> =
   "manage:policy:secrets:update:values"         : "Allows access only to the policy secrets 'update' endpoint, but restricting updates to the secrets keys and values",
   "manage:policy:secrets:update:acl"            : "Allows access only to the policy secrets 'update' endpoint, but restricting updates to the secrets acl",
   "manage:policy:secrets:update:editPolicy"     : "Allows access only to the policy secrets 'update' endpoint, but restricting updates to the `edit_policy` property",
+  "manage:policy:buckets:*"                     : "Allows access to all policy buckets endpoints",
+  "manage:policy:buckets:get"                   : "Allows access only to the policy buckets 'get' endpoint",
+  "manage:policy:buckets:list"                  : "Allows access only to the policy buckets 'list' endpoint",
+  "manage:policy:buckets:update:*"              : "Allows access only to the policy buckets 'update' endpoint",
+  "manage:policy:buckets:update:owner"          : "Allows access only to the policy buckets 'update' endpoint, but restricting updates to the `owner` property",
+  "manage:policy:buckets:update:acl"            : "Allows access only to the policy buckets 'update' endpoint, but restricting updates to the `acl` property",
+  "manage:policy:buckets:update:metadata"       : "Allows access only to the policy buckets 'update' endpoint, but restricting updates to the `metadata` property",
   "manage:contact:*"                            : "Allows access to all contact endpoints",
   "manage:contact:readonly"                     : "Allows access to all contact readonly endpoints",
   "manage:contact:create"                       : "Allows access to the contact 'create' endpoint",
@@ -139,6 +150,7 @@ export const AllScopes: Record<ExplicitScope, string> =
   "manage:role:get:users"                       : "Allows access to the role 'list users' endpoint",
   "manage:role:list"                            : "Allows access only to the role 'list' endpoint",
   "manage:role:update:*"                        : "Allows access only to the role 'update' endpoint",
+  "manage:role:update:actions"                  : "Allows access only to the role 'update' endpoint, but restricting updates to the role 'actions' property",
   "manage:role:update:enabled"                  : "Allows access only to the role 'update' endpoint, but restricting updates to the role 'enabled' property",
   "manage:role:update:policy"                   : "Allows access only to the role 'update' endpoint, but restricting updates to the role 'policy' property",
   "manage:role:update:editPolicy"               : "Allows access only to the role 'update' endpoint, but restricting updates to the role 'edit_policy' property",
@@ -161,6 +173,8 @@ export const AllScopes: Record<ExplicitScope, string> =
   "manage:org:audit:query"                      : "Allows access to retrieving org audit log",
   "manage:org:readonly"                         : "Allows access to all org readonly endpoints",
   "manage:org:addUser"                          : "Allows access only to the org endpoint for adding an OIDC user to the org",
+  "manage:org:invitation:list"                  : "Allows access only to the org endpoint for listing pending invitations",
+  "manage:org:invitation:cancel"                : "Allows access only to the org endpoint for canceling pending invitations",
   "manage:org:inviteUser"                       : "Allows access only to the org endpoint for inviting a new member or org owner to the org",
   "manage:org:inviteAlien"                      : "Allows access only to the org endpoint for inviting a new alien user to the org",
   "manage:org:updateMembership"                 : "Allows access only to the org endpoint for updating existing user's org membership",
@@ -169,6 +183,27 @@ export const AllScopes: Record<ExplicitScope, string> =
   "manage:org:deleteUser"                       : "Allows access only to the org endpoint for deleting an OIDC user",
   "manage:org:get"                              : "Allows access to retrieving organization information",
   "manage:org:user:resetMfa"                    : "Allows an owner to initiate an MFA reset for a user",
+  "manage:org:update:*"                         : "Allows access to all org 'update' actions",
+  "manage:org:update:enabled"                   : "Allows updating the org 'enabled' property",
+  "manage:org:update:policy"                    : "Allows updating org-wide policies",
+  "manage:org:update:signPolicy"                : "Allows updating org-wide sign policies",
+  "manage:org:update:export"                    : "Allows updating user-export settings (delay, window, disabled)",
+  "manage:org:update:totpFailureLimit"          : "Allows updating the TOTP failure limit",
+  "manage:org:update:notificationEndpoints"     : "Allows updating notification endpoints",
+  "manage:org:update:defaultInviteKind"         : "Allows updating the default invite kind",
+  "manage:org:update:idpConfiguration"          : "Allows updating IDP configuration",
+  "manage:org:update:passkeyConfiguration"      : "Allows updating passkey configuration",
+  "manage:org:update:emailPreferences"          : "Allows updating email preferences",
+  "manage:org:update:historicalData"            : "Allows updating historical data configuration",
+  "manage:org:update:requireScopeCeiling"       : "Allows updating the require_scope_ceiling setting",
+  "manage:org:update:alienLoginRequirement"     : "Allows updating the alien login requirement",
+  "manage:org:update:memberLoginRequirement"    : "Allows updating the member login requirement",
+  "manage:org:update:keyExportRequirement"      : "Allows updating the key export requirement",
+  "manage:org:update:allowedMfaTypes"           : "Allows updating allowed MFA types",
+  "manage:org:update:policyEngineConf"          : "Allows updating the policy engine configuration",
+  "manage:org:update:customChains"              : "Allows updating custom chains",
+  "manage:org:update:extProps"                  : "Allows updating extended org properties",
+  "manage:org:update:editPolicy"                : "Allows updating the org's edit policy",
   "manage:session:*"                            : "Allows access to all session endpoints",
   "manage:session:readonly"                     : "Allows access to all session readonly endpoints",
   "manage:session:get"                          : "Allows access only to the session 'get' endpoint",
@@ -200,6 +235,11 @@ export const AllScopes: Record<ExplicitScope, string> =
   "mmi:*"                                       : "Allows calls to the MMI endpoint",
   "orgAccess:*"                                 : "Allows access to certain orgs other than the current session's",
   "orgAccess:child:*"                           : "Allows a session to be used for access to orgs transitively parented by the session's org.",
+  "rpc:*"                                       : "Allows access to the RPC API endpoint",
+  "rpc:createTransaction:*"                     : "Allows access to the RPC API endpoint, but only for the 'cs_createTransaction' function.",
+  "rpc:createTransaction:evm"                   : "Allows access to the RPC API endpoint, but only for the 'cs_createTransaction' function with an EVM transaction request.",
+  "rpc:getTransaction"                          : "Allows access to the RPC API endpoint, but only for the 'cs_getTransaction' function.",
+  "rpc:listTransactions"                        : "Allows access to the RPC API endpoint, but only for the 'cs_listTransactions' function.",
 };
 
 // Const for scope category labels