@eduardbar/drift 1.2.0 → 1.4.0

package/dist/saas/organization.js

@@ -0,0 +1,82 @@
+import { resolve } from 'node:path';
+import { assertPermissionInStore, defaultSaasStorePath, loadStoreInternal, saveStore } from './store.js';
+import { monthKey, normalizePlan, workspaceKey } from './helpers.js';
+import { appendPlanChange } from './plan-change.js';
+export function changeOrganizationPlan(options) {
+    const storeFile = resolve(options.storeFile ?? defaultSaasStorePath());
+    const store = loadStoreInternal(storeFile, options.policy);
+    const nowIso = new Date().toISOString();
+    const organization = store.organizations[options.organizationId];
+    if (!organization)
+        throw new Error(`Organization '${options.organizationId}' does not exist.`);
+    assertPermissionInStore(store, {
+        operation: 'billing:write',
+        organizationId: options.organizationId,
+        actorUserId: options.actorUserId,
+    });
+    const nextPlan = normalizePlan(options.newPlan);
+    if (organization.plan === nextPlan) {
+        const unchanged = appendPlanChange(store, {
+            organizationId: organization.id,
+            fromPlan: organization.plan,
+            toPlan: nextPlan,
+            changedAt: nowIso,
+            changedByUserId: options.actorUserId,
+            reason: options.reason,
+        });
+        saveStore(storeFile, store);
+        return unchanged;
+    }
+    const previousPlan = organization.plan;
+    organization.plan = nextPlan;
+    organization.lastSeenAt = nowIso;
+    const change = appendPlanChange(store, {
+        organizationId: organization.id,
+        fromPlan: previousPlan,
+        toPlan: nextPlan,
+        changedAt: nowIso,
+        changedByUserId: options.actorUserId,
+        reason: options.reason,
+    });
+    saveStore(storeFile, store);
+    return change;
+}
+export function listOrganizationPlanChanges(options) {
+    const storeFile = resolve(options.storeFile ?? defaultSaasStorePath());
+    const store = loadStoreInternal(storeFile, options.policy);
+    assertPermissionInStore(store, {
+        operation: 'billing:read',
+        organizationId: options.organizationId,
+        actorUserId: options.actorUserId,
+    });
+    return store.planChanges
+        .filter((change) => change.organizationId === options.organizationId)
+        .sort((a, b) => b.changedAt.localeCompare(a.changedAt));
+}
+export function getOrganizationUsageSnapshot(options) {
+    const storeFile = resolve(options.storeFile ?? defaultSaasStorePath());
+    const store = loadStoreInternal(storeFile, options.policy);
+    assertPermissionInStore(store, {
+        operation: 'billing:read',
+        organizationId: options.organizationId,
+        actorUserId: options.actorUserId,
+    });
+    const organization = store.organizations[options.organizationId];
+    if (!organization)
+        throw new Error(`Organization '${options.organizationId}' does not exist.`);
+    const month = options.month ?? monthKey(new Date().toISOString());
+    const organizationRunSnapshots = store.snapshots.filter((snapshot) => snapshot.organizationId === options.organizationId);
+    return {
+        organizationId: options.organizationId,
+        plan: organization.plan,
+        capturedAt: new Date().toISOString(),
+        workspaceCount: organization.workspaceIds.length,
+        repoCount: organization.workspaceIds
+            .map((workspaceId) => store.workspaces[workspaceKey(options.organizationId, workspaceId)])
+            .filter((workspace) => Boolean(workspace))
+            .reduce((count, workspace) => count + workspace.repoIds.length, 0),
+        runCount: organizationRunSnapshots.length,
+        runCountThisMonth: organizationRunSnapshots.filter((snapshot) => monthKey(snapshot.createdAt) === month).length,
+    };
+}
+//# sourceMappingURL=organization.js.map

package/dist/saas/plan-change.d.ts

@@ -0,0 +1,10 @@
+import type { SaasPlan, SaasPlanChange, SaasStore } from './types.js';
+export declare function appendPlanChange(store: SaasStore, input: {
+    organizationId: string;
+    fromPlan: SaasPlan;
+    toPlan: SaasPlan;
+    changedByUserId: string;
+    reason?: string;
+    changedAt: string;
+}): SaasPlanChange;
+//# sourceMappingURL=plan-change.d.ts.map

package/dist/saas/plan-change.js

@@ -0,0 +1,15 @@
+import { createRandomId } from './constants.js';
+export function appendPlanChange(store, input) {
+    const change = {
+        id: createRandomId(input.changedAt),
+        organizationId: input.organizationId,
+        fromPlan: input.fromPlan,
+        toPlan: input.toPlan,
+        changedAt: input.changedAt,
+        changedByUserId: input.changedByUserId,
+        reason: input.reason,
+    };
+    store.planChanges.push(change);
+    return change;
+}
+//# sourceMappingURL=plan-change.js.map

package/dist/saas/store.d.ts

@@ -0,0 +1,21 @@
+import type { SaasEffectiveLimits, SaasOperation, SaasPermissionContext, SaasPermissionResult, SaasPlan, SaasPolicyOverrides, SaasRole, SaasStore } from './types.js';
+export declare function defaultSaasStorePath(root?: string): string;
+export declare function applyRetentionPolicy(store: SaasStore): void;
+export declare function saveStore(storeFile: string, store: SaasStore): void;
+export declare function loadStoreInternal(storeFile: string, policy?: SaasPolicyOverrides): SaasStore;
+export declare function assertPermissionInStore(store: SaasStore, context: SaasPermissionContext): SaasPermissionResult;
+export declare function getRequiredRoleForOperation(operation: SaasOperation): SaasRole;
+export declare function assertSaasPermission(context: SaasPermissionContext & {
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+}): SaasPermissionResult;
+export declare function getSaasEffectiveLimits(input: {
+    plan: SaasPlan;
+    policy?: SaasPolicyOverrides;
+}): SaasEffectiveLimits;
+export declare function getOrganizationEffectiveLimits(options: {
+    organizationId: string;
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+}): SaasEffectiveLimits;
+//# sourceMappingURL=store.d.ts.map

package/dist/saas/store.js

@@ -0,0 +1,159 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { dirname, resolve } from 'node:path';
+import { DEFAULT_ORGANIZATION_ID, REQUIRED_ROLE_BY_OPERATION, ROLE_PRIORITY, STORE_VERSION } from './constants.js';
+import { SaasActorRequiredError, SaasPermissionError } from './errors.js';
+import { hasRoleAtLeast, membershipKey, mergePolicy, normalizePlan, resolveSaasPolicy } from './helpers.js';
+const HOURS_PER_DAY = 24;
+const MINUTES_PER_HOUR = 60;
+const SECONDS_PER_MINUTE = 60;
+const MILLISECONDS_PER_SECOND = 1000;
+export function defaultSaasStorePath(root = '.') {
+    return resolve(root, '.drift-cloud', 'store.json');
+}
+function createEmptyStore(policy) {
+    return {
+        version: STORE_VERSION,
+        policy: resolveSaasPolicy(policy),
+        users: {},
+        organizations: {},
+        workspaces: {},
+        memberships: {},
+        repos: {},
+        snapshots: [],
+        planChanges: [],
+    };
+}
+function ensureStoreFile(storeFile, policy) {
+    const dir = dirname(storeFile);
+    if (!existsSync(dir))
+        mkdirSync(dir, { recursive: true });
+    if (!existsSync(storeFile)) {
+        const initial = createEmptyStore(policy);
+        writeFileSync(storeFile, JSON.stringify(initial, null, 2), 'utf8');
+    }
+}
+function applyStoreEntityDefaults(store) {
+    for (const workspace of Object.values(store.workspaces)) {
+        if (!workspace.organizationId)
+            workspace.organizationId = DEFAULT_ORGANIZATION_ID;
+    }
+    for (const repo of Object.values(store.repos)) {
+        if (!repo.organizationId)
+            repo.organizationId = DEFAULT_ORGANIZATION_ID;
+    }
+    for (const snapshot of store.snapshots) {
+        if (!snapshot.organizationId)
+            snapshot.organizationId = DEFAULT_ORGANIZATION_ID;
+        if (!snapshot.plan)
+            snapshot.plan = 'free';
+        if (!snapshot.role)
+            snapshot.role = 'member';
+    }
+}
+function ensureOrganizationFromWorkspace(store, workspace) {
+    const orgId = workspace.organizationId;
+    const existingOrg = store.organizations[orgId];
+    if (!existingOrg) {
+        store.organizations[orgId] = {
+            id: orgId,
+            plan: 'free',
+            createdAt: workspace.createdAt,
+            lastSeenAt: workspace.lastSeenAt,
+            workspaceIds: [workspace.id],
+        };
+        return;
+    }
+    if (!existingOrg.workspaceIds.includes(workspace.id))
+        existingOrg.workspaceIds.push(workspace.id);
+    if (workspace.lastSeenAt > existingOrg.lastSeenAt)
+        existingOrg.lastSeenAt = workspace.lastSeenAt;
+}
+function hydrateOrganizationsFromWorkspaces(store) {
+    for (const workspace of Object.values(store.workspaces)) {
+        ensureOrganizationFromWorkspace(store, workspace);
+    }
+}
+export function applyRetentionPolicy(store) {
+    const millisecondsPerDay = HOURS_PER_DAY * MINUTES_PER_HOUR * SECONDS_PER_MINUTE * MILLISECONDS_PER_SECOND;
+    const cutoff = Date.now() - store.policy.retentionDays * millisecondsPerDay;
+    store.snapshots = store.snapshots.filter((snapshot) => new Date(snapshot.createdAt).getTime() >= cutoff);
+}
+export function saveStore(storeFile, store) {
+    writeFileSync(storeFile, JSON.stringify(store, null, 2), 'utf8');
+}
+export function loadStoreInternal(storeFile, policy) {
+    ensureStoreFile(storeFile, policy);
+    const raw = readFileSync(storeFile, 'utf8');
+    const parsed = JSON.parse(raw);
+    const merged = createEmptyStore(parsed.policy);
+    merged.version = parsed.version ?? STORE_VERSION;
+    merged.users = parsed.users ?? {};
+    merged.organizations = parsed.organizations ?? {};
+    merged.workspaces = parsed.workspaces ?? {};
+    merged.memberships = parsed.memberships ?? {};
+    merged.repos = parsed.repos ?? {};
+    merged.snapshots = parsed.snapshots ?? [];
+    merged.planChanges = parsed.planChanges ?? [];
+    merged.policy = mergePolicy(policy, merged.policy);
+    applyStoreEntityDefaults(merged);
+    hydrateOrganizationsFromWorkspaces(merged);
+    applyRetentionPolicy(merged);
+    return merged;
+}
+function resolveActorRole(store, organizationId, actorUserId, workspaceId) {
+    if (workspaceId) {
+        const scopedMembershipId = membershipKey(organizationId, workspaceId, actorUserId);
+        return store.memberships[scopedMembershipId]?.role;
+    }
+    let highestRole;
+    for (const membership of Object.values(store.memberships)) {
+        if (membership.organizationId !== organizationId)
+            continue;
+        if (membership.userId !== actorUserId)
+            continue;
+        if (!highestRole || ROLE_PRIORITY[membership.role] > ROLE_PRIORITY[highestRole])
+            highestRole = membership.role;
+        if (highestRole === 'owner')
+            break;
+    }
+    return highestRole;
+}
+export function assertPermissionInStore(store, context) {
+    const requiredRole = REQUIRED_ROLE_BY_OPERATION[context.operation];
+    if (!context.actorUserId) {
+        if (store.policy.strictActorEnforcement)
+            throw new SaasActorRequiredError(context);
+        return { requiredRole };
+    }
+    const actorRole = resolveActorRole(store, context.organizationId, context.actorUserId, context.workspaceId);
+    if (!hasRoleAtLeast(actorRole, requiredRole)) {
+        throw new SaasPermissionError(context, requiredRole, actorRole);
+    }
+    return { requiredRole, actorRole };
+}
+export function getRequiredRoleForOperation(operation) {
+    return REQUIRED_ROLE_BY_OPERATION[operation];
+}
+export function assertSaasPermission(context) {
+    const storeFile = resolve(context.storeFile ?? defaultSaasStorePath());
+    const store = loadStoreInternal(storeFile, context.policy);
+    return assertPermissionInStore(store, context);
+}
+export function getSaasEffectiveLimits(input) {
+    const policy = resolveSaasPolicy(input.policy);
+    const plan = normalizePlan(input.plan);
+    return {
+        plan,
+        maxWorkspaces: policy.maxWorkspacesPerOrganizationByPlan[plan],
+        maxReposPerWorkspace: policy.maxReposPerWorkspace,
+        maxRunsPerWorkspacePerMonth: policy.maxRunsPerWorkspacePerMonth,
+        retentionDays: policy.retentionDays,
+    };
+}
+export function getOrganizationEffectiveLimits(options) {
+    const storeFile = resolve(options.storeFile ?? defaultSaasStorePath());
+    const store = loadStoreInternal(storeFile, options.policy);
+    const plan = normalizePlan(store.organizations[options.organizationId]?.plan);
+    return getSaasEffectiveLimits({ plan, policy: store.policy });
+}
+//# sourceMappingURL=store.js.map

package/dist/saas/types.d.ts

@@ -0,0 +1,191 @@
+import type { DriftConfig, DriftReport } from '../types.js';
+export interface SaasPolicy {
+    freeUserThreshold: number;
+    maxRunsPerWorkspacePerMonth: number;
+    maxReposPerWorkspace: number;
+    retentionDays: number;
+    strictActorEnforcement: boolean;
+    maxWorkspacesPerOrganizationByPlan: Record<SaasPlan, number>;
+}
+export type SaasRole = 'owner' | 'member' | 'viewer';
+export type SaasPlan = 'free' | 'sponsor' | 'team' | 'business';
+export interface SaasUser {
+    id: string;
+    createdAt: string;
+    lastSeenAt: string;
+}
+export interface SaasOrganization {
+    id: string;
+    plan: SaasPlan;
+    createdAt: string;
+    lastSeenAt: string;
+    workspaceIds: string[];
+}
+export interface SaasWorkspace {
+    id: string;
+    organizationId: string;
+    createdAt: string;
+    lastSeenAt: string;
+    userIds: string[];
+    repoIds: string[];
+}
+export interface SaasRepo {
+    id: string;
+    organizationId: string;
+    workspaceId: string;
+    name: string;
+    createdAt: string;
+    lastSeenAt: string;
+}
+export interface SaasMembership {
+    id: string;
+    organizationId: string;
+    workspaceId: string;
+    userId: string;
+    role: SaasRole;
+    createdAt: string;
+    lastSeenAt: string;
+}
+export interface SaasPlanChange {
+    id: string;
+    organizationId: string;
+    fromPlan: SaasPlan;
+    toPlan: SaasPlan;
+    changedAt: string;
+    changedByUserId: string;
+    reason?: string;
+}
+export interface SaasSnapshot {
+    id: string;
+    createdAt: string;
+    scannedAt: string;
+    organizationId: string;
+    workspaceId: string;
+    userId: string;
+    role: SaasRole;
+    plan: SaasPlan;
+    repoId: string;
+    repoName: string;
+    targetPath: string;
+    totalScore: number;
+    totalIssues: number;
+    totalFiles: number;
+    summary: {
+        errors: number;
+        warnings: number;
+        infos: number;
+    };
+}
+export interface SaasStore {
+    version: number;
+    policy: SaasPolicy;
+    users: Record<string, SaasUser>;
+    organizations: Record<string, SaasOrganization>;
+    workspaces: Record<string, SaasWorkspace>;
+    memberships: Record<string, SaasMembership>;
+    repos: Record<string, SaasRepo>;
+    snapshots: SaasSnapshot[];
+    planChanges: SaasPlanChange[];
+}
+export type SaasOperation = 'snapshot:write' | 'snapshot:read' | 'summary:read' | 'billing:write' | 'billing:read';
+export interface SaasPermissionContext {
+    operation: SaasOperation;
+    organizationId: string;
+    workspaceId?: string;
+    actorUserId?: string;
+}
+export interface SaasPermissionResult {
+    actorRole?: SaasRole;
+    requiredRole: SaasRole;
+}
+export interface SaasEffectiveLimits {
+    plan: SaasPlan;
+    maxWorkspaces: number;
+    maxReposPerWorkspace: number;
+    maxRunsPerWorkspacePerMonth: number;
+    retentionDays: number;
+}
+export interface SaasOrganizationUsageSnapshot {
+    organizationId: string;
+    plan: SaasPlan;
+    capturedAt: string;
+    workspaceCount: number;
+    repoCount: number;
+    runCount: number;
+    runCountThisMonth: number;
+}
+export interface ChangeOrganizationPlanOptions {
+    organizationId: string;
+    actorUserId: string;
+    newPlan: SaasPlan;
+    reason?: string;
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+}
+export interface SaasUsageQueryOptions {
+    organizationId: string;
+    month?: string;
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+    actorUserId?: string;
+}
+export interface SaasPlanChangeQueryOptions {
+    organizationId: string;
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+    actorUserId?: string;
+}
+export interface SaasSummary {
+    policy: SaasPolicy;
+    usersRegistered: number;
+    workspacesActive: number;
+    reposActive: number;
+    runsPerMonth: Record<string, number>;
+    totalSnapshots: number;
+    phase: 'free' | 'paid';
+    thresholdReached: boolean;
+    freeUsersRemaining: number;
+}
+export interface SaasPolicyOverrides {
+    freeUserThreshold?: number;
+    maxRunsPerWorkspacePerMonth?: number;
+    maxReposPerWorkspace?: number;
+    retentionDays?: number;
+    strictActorEnforcement?: boolean;
+    maxWorkspacesPerOrganizationByPlan?: Partial<Record<SaasPlan, number>>;
+}
+export interface SaasQueryOptions {
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+    organizationId?: string;
+    workspaceId?: string;
+    actorUserId?: string;
+}
+export interface IngestOptions {
+    organizationId?: string;
+    workspaceId: string;
+    userId: string;
+    role?: SaasRole;
+    plan?: SaasPlan;
+    repoName?: string;
+    actorUserId?: string;
+    storeFile?: string;
+    policy?: SaasPolicyOverrides;
+}
+export interface ScopedIdentity {
+    organizationId: string;
+    workspaceId: string;
+    workspaceKey: string;
+    repoName: string;
+    repoId: string;
+}
+export interface IngestMutationContext {
+    store: SaasStore;
+    scoped: ScopedIdentity;
+    options: IngestOptions;
+    nowIso: string;
+    requestedPlan: SaasPlan;
+}
+export type SaasPolicyInput = SaasPolicyOverrides | DriftConfig['saas'] | undefined;
+export type DriftReportInput = DriftReport;
+//# sourceMappingURL=types.d.ts.map

package/dist/saas/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/saas.d.ts

@@ -1,83 +1,9 @@
-import type { DriftReport, DriftConfig } from './types.js';
-export interface SaasPolicy {
-    freeUserThreshold: number;
-    maxRunsPerWorkspacePerMonth: number;
-    maxReposPerWorkspace: number;
-    retentionDays: number;
-}
-export interface SaasUser {
-    id: string;
-    createdAt: string;
-    lastSeenAt: string;
-}
-export interface SaasWorkspace {
-    id: string;
-    createdAt: string;
-    lastSeenAt: string;
-    userIds: string[];
-    repoIds: string[];
-}
-export interface SaasRepo {
-    id: string;
-    workspaceId: string;
-    name: string;
-    createdAt: string;
-    lastSeenAt: string;
-}
-export interface SaasSnapshot {
-    id: string;
-    createdAt: string;
-    scannedAt: string;
-    workspaceId: string;
-    userId: string;
-    repoId: string;
-    repoName: string;
-    targetPath: string;
-    totalScore: number;
-    totalIssues: number;
-    totalFiles: number;
-    summary: {
-        errors: number;
-        warnings: number;
-        infos: number;
-    };
-}
-export interface SaasStore {
-    version: number;
-    policy: SaasPolicy;
-    users: Record<string, SaasUser>;
-    workspaces: Record<string, SaasWorkspace>;
-    repos: Record<string, SaasRepo>;
-    snapshots: SaasSnapshot[];
-}
-export interface SaasSummary {
-    policy: SaasPolicy;
-    usersRegistered: number;
-    workspacesActive: number;
-    reposActive: number;
-    runsPerMonth: Record<string, number>;
-    totalSnapshots: number;
-    phase: 'free' | 'paid';
-    thresholdReached: boolean;
-    freeUsersRemaining: number;
-}
-export interface IngestOptions {
-    workspaceId: string;
-    userId: string;
-    repoName?: string;
-    storeFile?: string;
-    policy?: Partial<SaasPolicy>;
-}
-export declare const DEFAULT_SAAS_POLICY: SaasPolicy;
-export declare function resolveSaasPolicy(policy?: Partial<SaasPolicy> | DriftConfig['saas']): SaasPolicy;
-export declare function defaultSaasStorePath(root?: string): string;
-export declare function ingestSnapshotFromReport(report: DriftReport, options: IngestOptions): SaasSnapshot;
-export declare function getSaasSummary(options?: {
-    storeFile?: string;
-    policy?: Partial<SaasPolicy>;
-}): SaasSummary;
-export declare function generateSaasDashboardHtml(options?: {
-    storeFile?: string;
-    policy?: Partial<SaasPolicy>;
-}): string;
+export { DEFAULT_SAAS_POLICY } from './saas/constants.js';
+export { SaasActorRequiredError, SaasPermissionError } from './saas/errors.js';
+export { resolveSaasPolicy, } from './saas/helpers.js';
+export { defaultSaasStorePath, getRequiredRoleForOperation, assertSaasPermission, getSaasEffectiveLimits, getOrganizationEffectiveLimits, } from './saas/store.js';
+export { ingestSnapshotFromReport } from './saas/ingest.js';
+export { changeOrganizationPlan, listOrganizationPlanChanges, getOrganizationUsageSnapshot, } from './saas/organization.js';
+export { listSaasSnapshots, getSaasSummary, generateSaasDashboardHtml, } from './saas/dashboard.js';
+export type { SaasUser, SaasOrganization, SaasWorkspace, SaasRepo, SaasMembership, SaasRole, SaasPlan, SaasPolicy, SaasPolicyOverrides, SaasStore, SaasSummary, SaasSnapshot, SaasQueryOptions, IngestOptions, SaasPlanChange, SaasOperation, SaasPermissionContext, SaasPermissionResult, SaasEffectiveLimits, SaasOrganizationUsageSnapshot, ChangeOrganizationPlanOptions, SaasUsageQueryOptions, SaasPlanChangeQueryOptions, } from './saas/types.js';
 //# sourceMappingURL=saas.d.ts.map