npm - @donkeylabs/cli - Versions diffs - 1.1.16 → 1.1.18 - Mend

@donkeylabs/cli 1.1.16 → 1.1.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@donkeylabs/cli",
-  "version": "1.1.16",
+  "version": "1.1.18",
   "type": "module",
   "description": "CLI for @donkeylabs/server - project scaffolding and code generation",
   "main": "./src/index.ts",

package/src/commands/generate.ts CHANGED Viewed

@@ -83,6 +83,110 @@ async function extractMiddlewareNames(pluginPath: string): Promise<string[]> {
   }
 }
+interface ServiceDefinitionInfo {
+  name: string;
+  exportName: string;
+  filePath: string;
+  returnType: string | null;
+}
+/**
+ * Extract defineService calls from source files.
+ * Looks for patterns like: export const myService = defineService("name", ...)
+ */
+async function extractServiceDefinitions(filePath: string): Promise<ServiceDefinitionInfo[]> {
+  try {
+    const content = await readFile(filePath, "utf-8");
+    const services: ServiceDefinitionInfo[] = [];
+    // Match: export const serviceName = defineService("name", ...)
+    // Also try to capture return type annotation if present
+    const pattern = /export\s+const\s+(\w+)\s*=\s*defineService\s*\(\s*["'](\w+)["']/g;
+    let match;
+    while ((match = pattern.exec(content)) !== null) {
+      const exportName = match[1] || "";
+      const serviceName = match[2] || "";
+      // Try to find return type from explicit annotation or factory return
+      // Look for patterns like: defineService<"name", NVRService>(...) or ): Promise<NVR> =>
+      let returnType: string | null = null;
+      // Check for generic type parameter: defineService<"name", ReturnType>
+      const genericMatch = content.slice(match.index).match(
+        /defineService\s*<\s*["']\w+["']\s*,\s*([^>]+)>/
+      );
+      if (genericMatch?.[1]) {
+        returnType = genericMatch[1].trim();
+      }
+      // Check for return type annotation on the factory: (ctx): Promise<Type> =>
+      if (!returnType) {
+        const factoryMatch = content.slice(match.index, match.index + 500).match(
+          /,\s*(?:async\s*)?\([^)]*\)\s*(?::\s*(?:Promise\s*<\s*)?([A-Z]\w+))?/
+        );
+        if (factoryMatch?.[1]) {
+          returnType = factoryMatch[1].trim();
+        }
+      }
+      services.push({
+        name: serviceName,
+        exportName,
+        filePath,
+        returnType,
+      });
+    }
+    return services;
+  } catch {
+    return [];
+  }
+}
+/**
+ * Find all service definitions in the project.
+ * Scans common locations: server entry, services directory, etc.
+ */
+async function findServiceDefinitions(entryPath: string, servicesPattern?: string): Promise<ServiceDefinitionInfo[]> {
+  const allServices: ServiceDefinitionInfo[] = [];
+  // Scan the entry file
+  const entryFullPath = join(process.cwd(), entryPath);
+  if (existsSync(entryFullPath)) {
+    const entryServices = await extractServiceDefinitions(entryFullPath);
+    allServices.push(...entryServices);
+  }
+  // Scan services directory if it exists
+  const servicesDir = join(process.cwd(), "src/server/services");
+  if (existsSync(servicesDir)) {
+    const entries = await readdir(servicesDir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.isFile() && entry.name.endsWith(".ts")) {
+        const filePath = join(servicesDir, entry.name);
+        const services = await extractServiceDefinitions(filePath);
+        allServices.push(...services);
+      }
+    }
+  }
+  // Also check src/lib/services for SvelteKit projects
+  const libServicesDir = join(process.cwd(), "src/lib/services");
+  if (existsSync(libServicesDir)) {
+    const entries = await readdir(libServicesDir, { withFileTypes: true });
+    for (const entry of entries) {
+      if (entry.isFile() && entry.name.endsWith(".ts")) {
+        const filePath = join(libServicesDir, entry.name);
+        const services = await extractServiceDefinitions(filePath);
+        allServices.push(...services);
+      }
+    }
+  }
+  return allServices;
+}
 interface ExtractedRoute {
   name: string;
   handler: string;
@@ -519,9 +623,18 @@ export async function generateCommand(_args: string[]): Promise<void> {
   const entryPath = config.entry || "./src/index.ts";
   const serverRoutes = await extractRoutesFromServer(entryPath);
+  // Find custom service definitions
+  const services = await findServiceDefinitions(entryPath);
+  if (services.length > 0) {
+    console.log(
+      pc.green("Found services:"),
+      services.map((s) => pc.dim(s.name)).join(", ")
+    );
+  }
   // Generate all files
   await generateRegistry(plugins, outPath);
-  await generateContext(plugins, outPath);
+  await generateContext(plugins, services, outPath);
   await generateRouteTypes(fileRoutes, outPath);
   const generated = ["registry", "context", "routes"];
@@ -668,22 +781,57 @@ ${middlewareBuilderMethods}
 async function generateContext(
   plugins: { name: string; path: string; exportName: string }[],
+  services: ServiceDefinitionInfo[],
   outPath: string
 ) {
   const schemaIntersection =
     plugins.map((p) => `PluginRegistry["${p.name}"]["schema"]`).join(" & ") ||
     "{}";
+  // Generate service imports and type entries
+  const serviceImports: string[] = [];
+  const serviceEntries: string[] = [];
+  for (const service of services) {
+    // Calculate relative path from outPath to service file
+    const serviceAbsPath = service.filePath.replace(/\.ts$/, "");
+    const relativePath = relative(outPath, serviceAbsPath);
+    const importPath = relativePath.startsWith(".") ? relativePath : `./${relativePath}`;
+    serviceImports.push(`import type { ${service.exportName} } from "${importPath}";`);
+    // Use the inferred return type if available, otherwise use Awaited<ReturnType<factory>>
+    if (service.returnType) {
+      serviceEntries.push(`    ${service.name}: ${service.returnType};`);
+    } else {
+      // Infer type from the service definition
+      serviceEntries.push(`    ${service.name}: Awaited<ReturnType<typeof ${service.exportName}["factory"]>>;`);
+    }
+  }
+  const serviceImportsBlock = serviceImports.length > 0 ? serviceImports.join("\n") + "\n" : "";
+  const servicesType = serviceEntries.length > 0
+    ? `{\n${serviceEntries.join("\n")}\n  }`
+    : "Record<string, never>";
   const content = `// Auto-generated by donkeylabs generate
 // App context - import as: import type { AppContext } from ".@donkeylabs/server/context";
 /// <reference path="./registry.d.ts" />
-import type { PluginRegistry, CoreServices, Errors } from "@donkeylabs/server";
+import type { PluginRegistry, CoreServices, Errors, ServiceRegistry } from "@donkeylabs/server";
 import type { Kysely } from "kysely";
+${serviceImportsBlock}
 /** Merged database schema from all plugins */
 export type DatabaseSchema = ${schemaIntersection};
+/** Custom services registered via defineService() */
+export interface AppServices ${servicesType}
+// Augment the ServiceRegistry for type inference in ctx.services
+declare module "@donkeylabs/server" {
+  interface ServiceRegistry extends AppServices {}
+}
 /**
  * Fully typed application context.
  * Use this instead of ServerContext for typed plugin access.
@@ -701,6 +849,8 @@ export interface AppContext {
   errors: Errors;
   /** Application config */
   config: Record<string, any>;
+  /** Custom user-registered services */
+  services: AppServices;
   /** Client IP address */
   ip: string;
   /** Unique request ID */

package/templates/sveltekit-app/package.json CHANGED Viewed

@@ -24,9 +24,9 @@
     "vite": "^7.2.6"
   },
   "dependencies": {
-    "@donkeylabs/cli": "file:/Users/franciscosainzwilliams/Documents/GitHub/server/packages/cli",
-    "@donkeylabs/adapter-sveltekit": "file:/Users/franciscosainzwilliams/Documents/GitHub/server/packages/adapter-sveltekit",
-    "@donkeylabs/server": "file:/Users/franciscosainzwilliams/Documents/GitHub/server/packages/server",
+    "@donkeylabs/cli": "^1.1.18",
+    "@donkeylabs/adapter-sveltekit": "^1.1.18",
+    "@donkeylabs/server": "^1.1.18",
     "bits-ui": "^2.15.4",
     "clsx": "^2.1.1",
     "kysely": "^0.27.6",

package/templates/sveltekit-app/src/lib/permissions.ts ADDED Viewed

@@ -0,0 +1,213 @@
+/**
+ * Permissions Helper for Svelte UI
+ *
+ * Provides reactive permission checking for UI locking.
+ *
+ * Usage in +page.server.ts:
+ * ```ts
+ * export const load = async ({ locals }) => {
+ *   const api = createApi({ locals });
+ *   const permissions = await api.permissions.context({ tenantId });
+ *   return { permissions };
+ * };
+ * ```
+ *
+ * Usage in +page.svelte:
+ * ```svelte
+ * <script>
+ *   import { createPermissions } from "$lib/permissions";
+ *   let { data } = $props();
+ *   const can = createPermissions(data.permissions);
+ * </script>
+ *
+ * {#if can.has("documents.create")}
+ *   <Button>Create Document</Button>
+ * {/if}
+ * ```
+ */
+// Note: createApi is imported dynamically to avoid compile-time dependency
+// on the generated API file which may not have permissions routes yet
+export interface PermissionContext {
+  tenantId: string;
+  roles: Array<{ id: string; name: string }>;
+  permissions: string[];
+}
+export interface PermissionsHelper {
+  /** Check if user has a static permission */
+  has: (permission: string) => boolean;
+  /** Check if user has all of the specified permissions */
+  hasAll: (...permissions: string[]) => boolean;
+  /** Check if user has any of the specified permissions */
+  hasAny: (...permissions: string[]) => boolean;
+  /** Check if user has a specific role */
+  hasRole: (roleName: string) => boolean;
+  /** Get all permissions */
+  all: () => string[];
+  /** Get all roles */
+  roles: () => Array<{ id: string; name: string }>;
+  /** Get tenant ID */
+  tenantId: () => string;
+  /** Check resource access (async - makes API call) */
+  canAccess: (
+    resourceType: string,
+    resourceId: string,
+    action: "create" | "read" | "write" | "delete" | "admin",
+    ownerId?: string
+  ) => Promise<boolean>;
+  /** Batch check resource access (async - makes single API call) */
+  canAccessMany: (
+    checks: Array<{
+      resourceType: string;
+      resourceId: string;
+      action: "create" | "read" | "write" | "delete" | "admin";
+      ownerId?: string;
+    }>
+  ) => Promise<Record<string, boolean>>;
+}
+/**
+ * Create a permissions helper from context
+ */
+export function createPermissions(context: PermissionContext, api?: any): PermissionsHelper {
+  const permissionSet = new Set(context.permissions);
+  // Lazy load API if not provided
+  const getApi = () => {
+    if (api) return api;
+    // Dynamic import to avoid compile-time dependency
+    const { createApi } = require("./api");
+    return createApi();
+  };
+  return {
+    has(permission: string): boolean {
+      // Exact match
+      if (permissionSet.has(permission)) return true;
+      // Wildcard match
+      if (permissionSet.has("*")) return true;
+      // Resource wildcard (e.g., "documents.*")
+      const [resource] = permission.split(".");
+      if (permissionSet.has(`${resource}.*`)) return true;
+      return false;
+    },
+    hasAll(...permissions: string[]): boolean {
+      return permissions.every((p) => this.has(p));
+    },
+    hasAny(...permissions: string[]): boolean {
+      return permissions.some((p) => this.has(p));
+    },
+    hasRole(roleName: string): boolean {
+      return context.roles.some(
+        (r) => r.name.toLowerCase() === roleName.toLowerCase()
+      );
+    },
+    all(): string[] {
+      return context.permissions;
+    },
+    roles(): Array<{ id: string; name: string }> {
+      return context.roles;
+    },
+    tenantId(): string {
+      return context.tenantId;
+    },
+    async canAccess(
+      resourceType: string,
+      resourceId: string,
+      action: "create" | "read" | "write" | "delete" | "admin",
+      ownerId?: string
+    ): Promise<boolean> {
+      const apiClient = getApi();
+      const result = await apiClient.permissions.canAccess({
+        tenantId: context.tenantId,
+        checks: [{ resourceType, resourceId, action, ownerId }],
+      });
+      return result[`${resourceType}:${resourceId}:${action}`] ?? false;
+    },
+    async canAccessMany(
+      checks: Array<{
+        resourceType: string;
+        resourceId: string;
+        action: "create" | "read" | "write" | "delete" | "admin";
+        ownerId?: string;
+      }>
+    ): Promise<Record<string, boolean>> {
+      const apiClient = getApi();
+      return apiClient.permissions.canAccess({
+        tenantId: context.tenantId,
+        checks,
+      });
+    },
+  };
+}
+/**
+ * Svelte component helper - use in templates
+ *
+ * Usage:
+ * ```svelte
+ * <script>
+ *   import { Can } from "$lib/permissions";
+ *   let { data } = $props();
+ * </script>
+ *
+ * <Can permission="documents.create" context={data.permissions}>
+ *   <Button>Create</Button>
+ * </Can>
+ * ```
+ */
+export function canCheck(
+  context: PermissionContext,
+  permission: string
+): boolean {
+  const helper = createPermissions(context);
+  return helper.has(permission);
+}
+/**
+ * Type helper for defining permissions in your app
+ *
+ * Usage:
+ * ```ts
+ * const PERMISSIONS = definePermissions({
+ *   documents: ["create", "read", "write", "delete", "admin"],
+ *   users: ["invite", "remove", "manage"],
+ *   billing: ["view", "manage"],
+ * } as const);
+ *
+ * // Type: "documents.create" | "documents.read" | ...
+ * type Permission = typeof PERMISSIONS[number];
+ * ```
+ */
+export function definePermissions<
+  T extends Record<string, readonly string[]>
+>(permissions: T): Array<`${Extract<keyof T, string>}.${T[keyof T][number]}`> {
+  const result: string[] = [];
+  for (const [resource, actions] of Object.entries(permissions)) {
+    for (const action of actions) {
+      result.push(`${resource}.${action}`);
+    }
+  }
+  return result as any;
+}

package/templates/sveltekit-app/src/routes/+page.server.ts CHANGED Viewed

@@ -8,7 +8,7 @@ export const load: PageServerLoad = async ({ locals }) => {
   try {
     // Direct service call through typed client
-    const result = await client.api.counter.get({});
+    const result = await (client as any).demo.counter.get({});
     return {
       count: result.count,
       loadedAt: new Date().toISOString(),

package/templates/sveltekit-app/src/routes/workflows/+page.server.ts CHANGED Viewed

@@ -7,7 +7,7 @@ export const load: PageServerLoad = async ({ locals }) => {
   try {
     // Load initial workflow instances
-    const result = await client.api.workflow.list({});
+    const result = await (client as any).demo.workflow.list({});
     return {
       instances: result.instances || [],
       loadedAt: new Date().toISOString(),

package/templates/sveltekit-app/src/server/index.ts CHANGED Viewed

@@ -7,9 +7,12 @@ import { demoPlugin } from "./plugins/demo";
 import { workflowDemoPlugin } from "./plugins/workflow-demo";
 import { authPlugin } from "./plugins/auth";
 import { emailPlugin } from "./plugins/email";
+import { permissionsPlugin } from "./plugins/permissions";
 import demoRoutes from "./routes/demo";
 import { exampleRouter } from "./routes/example";
 import { authRouter } from "./routes/auth";
+import { permissionsRouter } from "./routes/permissions";
+import { tenantsRouter } from "./routes/tenants";
 // Simple in-memory database
 const db = new Kysely<{}>({
@@ -56,7 +59,7 @@ export const server = new AppServer({
 // =============================================================================
 // Using default session strategy for this template
-server.registerPlugin(authPlugin());
+server.registerPlugin(authPlugin({}));
 // Email plugin - supports Resend or console (for development)
 // Configure with process.env.RESEND_API_KEY for production
@@ -67,11 +70,53 @@ server.registerPlugin(emailPlugin({
   baseUrl: process.env.PUBLIC_BASE_URL || "http://localhost:5173",
 }));
+// =============================================================================
+// PERMISSIONS PLUGIN - Multi-tenant RBAC
+// =============================================================================
+// Define your app's permissions here for type-safe checking.
+// Client can use: api.permissions.check({ permissions: ["documents.create"] })
+//
+server.registerPlugin(permissionsPlugin({
+  permissions: {
+    // Documents
+    documents: ["create", "read", "write", "delete", "admin"],
+    // Members & Roles
+    members: ["invite", "remove", "list"],
+    roles: ["create", "assign", "manage"],
+    // Billing (example)
+    billing: ["view", "manage"],
+  } as const,
+  defaultRoles: [
+    {
+      name: "Admin",
+      permissions: ["*"], // Full access
+      isDefault: false,
+    },
+    {
+      name: "Member",
+      permissions: [
+        "documents.create",
+        "documents.read",
+        "documents.write",
+        "members.list",
+      ],
+      isDefault: true, // Auto-assigned to new members
+    },
+    {
+      name: "Viewer",
+      permissions: ["documents.read", "members.list"],
+      isDefault: false,
+    },
+  ],
+}));
 server.registerPlugin(demoPlugin);
 server.registerPlugin(workflowDemoPlugin);
 // Register routes
 server.use(authRouter);
+server.use(permissionsRouter);
+server.use(tenantsRouter);
 server.use(demoRoutes);
 server.use(exampleRouter);