@elevasis/ui 2.40.1 → 2.41.1

package/dist/chunk-7MTWRSUZ.js

@@ -1,357 +0,0 @@
-import { useOptionalElevasisSystems } from './chunk-J3FLIZY4.js';
-import { InitializationContext } from './chunk-6DO4PE3O.js';
-import { DEFAULT_ORGANIZATION_MODEL } from './chunk-K7GKKETO.js';
-import { OrganizationContext } from './chunk-DD3CCMCZ.js';
-import { STALE_TIME_DEFAULT } from './chunk-6ROXVZ3L.js';
-import { listAllSystems, getSystem } from './chunk-RH5VWWSC.js';
-import { ElevasisServiceContext } from './chunk-2FTX4WO2.js';
-import { useContext, useMemo } from 'react';
-import { useQuery } from '@tanstack/react-query';
-import { z } from 'zod';
-
-// ../core/src/auth/multi-tenancy/permissions.ts
-var PERMISSIONS = {
-  ORG_READ: "org.read",
-  ORG_MANAGE: "org.manage",
-  ORG_DELETE: "org.delete",
-  MEMBERS_MANAGE: "members.manage",
-  ROLES_MANAGE: "roles.manage",
-  SECRETS_MANAGE: "secrets.manage",
-  OPERATIONS_READ: "operations.read",
-  OPERATIONS_MANAGE: "operations.manage",
-  SALES_LEAD_GEN_MANAGE: "sales.lead-gen.manage",
-  ACQUISITION_MANAGE: "acquisition.manage",
-  PROJECTS_MANAGE: "projects.manage",
-  CLIENTS_MANAGE: "clients.manage"
-};
-var PERMISSION_CATALOG = [
-  {
-    key: "org.read",
-    description: "Read organization profile and listings",
-    isOrgGrantable: true
-  },
-  {
-    key: "org.manage",
-    description: "Update organization settings",
-    isOrgGrantable: false
-  },
-  {
-    key: "org.delete",
-    description: "Delete the organization (owner-only)",
-    isOrgGrantable: false
-  },
-  {
-    key: "members.manage",
-    description: "Invite, remove, and reassign roles for members",
-    isOrgGrantable: false
-  },
-  {
-    key: "roles.manage",
-    description: "Grant or revoke privileged system roles (owner, admin) within the organization",
-    isOrgGrantable: false
-  },
-  {
-    key: "secrets.manage",
-    description: "Create, update, and delete API keys and credentials",
-    isOrgGrantable: false
-  },
-  {
-    key: "operations.read",
-    description: "View executions, sessions, schedules, and command queue",
-    isOrgGrantable: true
-  },
-  {
-    key: "operations.manage",
-    description: "Run and modify executions, sessions, schedules, queue",
-    isOrgGrantable: true
-  },
-  {
-    key: "sales.lead-gen.manage",
-    description: "Operate Lead Gen lists and list-builder workflows",
-    isOrgGrantable: true
-  },
-  {
-    key: "acquisition.manage",
-    description: "Create, update, and delete acquisition records (acq_companies, acq_contacts, acq_deals, acq_lists*, acq_content*, acquisition storage files)",
-    isOrgGrantable: false
-  },
-  {
-    key: "projects.manage",
-    description: "Create, update, and delete project records (prj_projects, prj_milestones, prj_tasks, prj_notes)",
-    isOrgGrantable: false
-  },
-  {
-    key: "clients.manage",
-    description: "Create, update, and delete client hub records (clients, clt_* satellites)",
-    isOrgGrantable: false
-  }
-];
-new Set(PERMISSION_CATALOG.map((p) => p.key));
-var DEFAULT_ACCESS_ACTION = "view";
-var PLATFORM_ADMIN_ACCESS_KEY = "platform.admin";
-var PLATFORM_ADMIN_ACCESS_KEY_SHORTHAND = "platformAdmin";
-var AccessActionSchema = z.enum(["view", "manage"]);
-var AccessKeyObjectSchema = z.object({
-  systemPath: z.string().trim().min(1),
-  action: AccessActionSchema.default(DEFAULT_ACCESS_ACTION)
-}).strict();
-var AccessKeyInputSchema = z.union([z.string().trim().min(1), AccessKeyObjectSchema]);
-var NormalizedAccessKeySchema = AccessKeyObjectSchema;
-var DIAGNOSTIC_VIEW_ACCESS_KEYS = [
-  "diagnostic.operations.overview",
-  "diagnostic.operations.recent-executions",
-  "diagnostic.monitoring.execution-logs",
-  "diagnostic.monitoring.notifications"
-];
-var AccessKeys = {
-  platformAdmin: { systemPath: PLATFORM_ADMIN_ACCESS_KEY, action: DEFAULT_ACCESS_ACTION },
-  organizationManage: { systemPath: "permission.org", action: "manage" },
-  membersManage: { systemPath: "permission.members", action: "manage" },
-  rolesManage: { systemPath: "permission.roles", action: "manage" },
-  secretsManage: { systemPath: "permission.secrets", action: "manage" },
-  operationsRead: { systemPath: "permission.operations", action: DEFAULT_ACCESS_ACTION },
-  operationsManage: { systemPath: "permission.operations", action: "manage" },
-  leadGenManage: { systemPath: "sales.lead-gen", action: "manage" },
-  acquisitionManage: { systemPath: "permission.acquisition", action: "manage" },
-  projectsManage: { systemPath: "permission.projects", action: "manage" },
-  clientsManage: { systemPath: "permission.clients", action: "manage" },
-  operationsOverview: { systemPath: "diagnostic.operations.overview", action: DEFAULT_ACCESS_ACTION },
-  operationsRecentExecutions: { systemPath: "diagnostic.operations.recent-executions", action: DEFAULT_ACCESS_ACTION },
-  monitoringExecutionLogs: { systemPath: "diagnostic.monitoring.execution-logs", action: DEFAULT_ACCESS_ACTION },
-  monitoringNotifications: { systemPath: "diagnostic.monitoring.notifications", action: DEFAULT_ACCESS_ACTION }
-};
-var PERMISSION_ACCESS_KEY_DEFINITIONS = [
-  { key: AccessKeys.organizationManage, rolePermission: PERMISSIONS.ORG_MANAGE },
-  { key: AccessKeys.membersManage, rolePermission: PERMISSIONS.MEMBERS_MANAGE },
-  { key: AccessKeys.rolesManage, rolePermission: PERMISSIONS.ROLES_MANAGE },
-  { key: AccessKeys.secretsManage, rolePermission: PERMISSIONS.SECRETS_MANAGE },
-  { key: AccessKeys.operationsRead, rolePermission: PERMISSIONS.OPERATIONS_READ },
-  { key: AccessKeys.operationsManage, rolePermission: PERMISSIONS.OPERATIONS_MANAGE },
-  { key: AccessKeys.acquisitionManage, rolePermission: PERMISSIONS.ACQUISITION_MANAGE },
-  { key: AccessKeys.projectsManage, rolePermission: PERMISSIONS.PROJECTS_MANAGE },
-  { key: AccessKeys.clientsManage, rolePermission: PERMISSIONS.CLIENTS_MANAGE }
-];
-function normalizeAccessKey(input) {
-  const parsed = AccessKeyInputSchema.parse(input);
-  const normalized = typeof parsed === "string" ? {
-    systemPath: parsed === PLATFORM_ADMIN_ACCESS_KEY_SHORTHAND ? PLATFORM_ADMIN_ACCESS_KEY : parsed,
-    action: DEFAULT_ACCESS_ACTION
-  } : parsed;
-  return NormalizedAccessKeySchema.parse(normalized);
-}
-function rolePermissionForAccessKey(key) {
-  if (key.action === DEFAULT_ACCESS_ACTION) return void 0;
-  return `${key.systemPath}.${key.action}`;
-}
-function groupCatalogEntries(entries) {
-  const grouped = /* @__PURE__ */ new Map();
-  for (const entry of entries) {
-    const existing = grouped.get(entry.key.systemPath) ?? [];
-    existing.push(entry);
-    grouped.set(entry.key.systemPath, existing);
-  }
-  return grouped;
-}
-function buildCatalogEntry(systemPath, action, source) {
-  const key = normalizeAccessKey({ systemPath, action });
-  return {
-    key,
-    source,
-    rolePermission: rolePermissionForAccessKey(key)
-  };
-}
-function deriveAccessKeyCatalog(organizationModel, options = {}) {
-  const { diagnosticKeys = DIAGNOSTIC_VIEW_ACCESS_KEYS, includeManageActions = true } = options;
-  const entries = [
-    buildCatalogEntry(PLATFORM_ADMIN_ACCESS_KEY, DEFAULT_ACCESS_ACTION, "platform")
-  ];
-  for (const { path } of listAllSystems(organizationModel)) {
-    entries.push(buildCatalogEntry(path, DEFAULT_ACCESS_ACTION, "om-system"));
-    if (includeManageActions) {
-      entries.push(buildCatalogEntry(path, "manage", "om-system"));
-    }
-  }
-  for (const { key, rolePermission } of PERMISSION_ACCESS_KEY_DEFINITIONS) {
-    entries.push({
-      key,
-      source: "permission",
-      rolePermission
-    });
-  }
-  for (const systemPath of diagnosticKeys) {
-    entries.push(buildCatalogEntry(systemPath, DEFAULT_ACCESS_ACTION, "diagnostic"));
-  }
-  return {
-    bySystemPath: groupCatalogEntries(entries),
-    entries
-  };
-}
-function findAccessCatalogEntry(catalog, key) {
-  return catalog.bySystemPath.get(key.systemPath)?.find((entry) => entry.key.action === key.action);
-}
-
-// ../core/src/auth/access-model.ts
-var ALLOWED = { allowed: true, restrictedBy: null, reason: "allowed" };
-var PLATFORM_ADMIN_BYPASS = {
-  allowed: true,
-  restrictedBy: null,
-  reason: "platform-admin-bypass"
-};
-function deny(restrictedBy, reason) {
-  return { allowed: false, restrictedBy, reason };
-}
-function isPlatformAdmin(profile) {
-  return profile?.isPlatformAdmin === true || profile?.is_platform_admin === true;
-}
-function diagnosticAllowlistHas(allowlist, systemPath) {
-  if (allowlist === void 0) return false;
-  return "has" in allowlist ? allowlist.has(systemPath) : allowlist.includes(systemPath);
-}
-function lifecycleAllowsAccess(lifecycle, ctx) {
-  if (lifecycle === "active") return true;
-  if (lifecycle === "beta") return ctx.betaAccessEnabled === true || ctx.isDevelopment === true;
-  return false;
-}
-function getPermissionSource(ctx) {
-  return ctx.permissions ?? ctx.membership?.effectivePermissions;
-}
-function hasRequiredPermission(key, rolePermission, ctx) {
-  const permissionSource = getPermissionSource(ctx);
-  if (permissionSource === void 0 || permissionSource === null) return true;
-  const requiredPermission = rolePermission ?? `${key.systemPath}.${key.action}`;
-  return permissionSource.includes(requiredPermission);
-}
-function hasExplicitRequiredPermission(rolePermission, ctx) {
-  const permissionSource = getPermissionSource(ctx);
-  return rolePermission !== void 0 && permissionSource !== void 0 && permissionSource !== null ? permissionSource.includes(rolePermission) : false;
-}
-function checkAccess(input, ctx) {
-  if (isPlatformAdmin(ctx.profile)) return PLATFORM_ADMIN_BYPASS;
-  const parsed = (() => {
-    try {
-      return normalizeAccessKey(input);
-    } catch {
-      return null;
-    }
-  })();
-  if (parsed === null) return deny("catalog", "invalid-access-key");
-  const catalog = ctx.accessCatalog ?? deriveAccessKeyCatalog(ctx.organizationModel);
-  const catalogEntry = findAccessCatalogEntry(catalog, parsed);
-  if (catalogEntry === void 0) return deny("catalog", "unknown-access-key");
-  const membership = ctx.membership;
-  if (membership === void 0 || membership === null) return deny("membership", "missing-membership");
-  if (membership.organizationId !== ctx.organizationId) return deny("membership", "organization-mismatch");
-  if (parsed.systemPath === PLATFORM_ADMIN_ACCESS_KEY) {
-    return deny("role-permission", "role-permission-denied");
-  }
-  if (catalogEntry.source === "diagnostic") {
-    if (!diagnosticAllowlistHas(ctx.diagnosticAllowlist, parsed.systemPath)) {
-      return deny("diagnostic-allowlist", "diagnostic-key-not-allowed");
-    }
-    if (parsed.action !== DEFAULT_ACCESS_ACTION && !hasRequiredPermission(parsed, catalogEntry.rolePermission, ctx)) {
-      return deny("role-permission", "role-permission-denied");
-    }
-    return ALLOWED;
-  }
-  if (catalogEntry.source === "permission") {
-    if (!hasExplicitRequiredPermission(catalogEntry.rolePermission, ctx)) {
-      return deny("role-permission", "role-permission-denied");
-    }
-    return ALLOWED;
-  }
-  const system = getSystem(ctx.organizationModel, parsed.systemPath);
-  if (system === void 0 || !lifecycleAllowsAccess(system.lifecycle, ctx)) {
-    return deny("system-lifecycle", "system-not-active");
-  }
-  if (parsed.action !== DEFAULT_ACCESS_ACTION && !hasRequiredPermission(parsed, catalogEntry.rolePermission, ctx)) {
-    return deny("role-permission", "role-permission-denied");
-  }
-  return ALLOWED;
-}
-function createAccessModel(organizationModel) {
-  const catalog = deriveAccessKeyCatalog(organizationModel);
-  return {
-    catalog,
-    checkAccess: (key, ctx) => checkAccess(key, { ...ctx, organizationModel, accessCatalog: catalog })
-  };
-}
-
-// src/hooks/access/useAccess.ts
-var MISSING_CONTEXT_ANSWER = {
-  allowed: false,
-  restrictedBy: "membership",
-  reason: "missing-membership"
-};
-function readStringArray(value) {
-  return Array.isArray(value) && value.every((item) => typeof item === "string") ? value : void 0;
-}
-function membershipPermissions(membership) {
-  if (!membership || typeof membership !== "object") return void 0;
-  const record = membership;
-  return readStringArray(record.effectivePermissions) ?? readStringArray(record.effective_permissions);
-}
-function resolveOrganizationId(organization) {
-  const membership = organization?.currentMembership;
-  return organization?.currentSupabaseOrganizationId ?? membership?.organizationId ?? membership?.organization?.id ?? null;
-}
-function toAccessMembership(membership, organizationId, permissions) {
-  if (!membership || !organizationId) return null;
-  return {
-    id: membership.id,
-    organizationId: membership.organizationId ?? organizationId,
-    role: membership.role?.slug ?? null,
-    effectivePermissions: permissions
-  };
-}
-function useAccess(key) {
-  const initialization = useContext(InitializationContext);
-  const organization = useContext(OrganizationContext);
-  const services = useContext(ElevasisServiceContext);
-  const systems = useOptionalElevasisSystems();
-  const profile = initialization?.profile ?? null;
-  const isPlatformAdmin2 = profile?.is_platform_admin === true;
-  const organizationId = resolveOrganizationId(organization);
-  const membership = organization?.currentMembership ?? null;
-  const organizationModel = systems?.organizationModel ?? DEFAULT_ORGANIZATION_MODEL;
-  const permissionsFromMembership = useMemo(() => membershipPermissions(membership), [membership]);
-  const shouldFetchPermissions = Boolean(services?.isReady && organizationId && !isPlatformAdmin2);
-  const permissionsQuery = useQuery({
-    // eslint-disable-next-line @tanstack/query/exhaustive-deps -- services.apiRequest is a stable context fn, not cache-relevant; query is keyed by organizationId
-    queryKey: ["access-permissions", organizationId],
-    queryFn: () => services.apiRequest(`/memberships/my-permissions/${organizationId}`),
-    enabled: shouldFetchPermissions,
-    staleTime: STALE_TIME_DEFAULT
-  });
-  const permissions = useMemo(
-    () => isPlatformAdmin2 ? Object.values(PERMISSIONS) : permissionsQuery.data?.permissions ?? permissionsFromMembership ?? [],
-    [isPlatformAdmin2, permissionsFromMembership, permissionsQuery.data?.permissions]
-  );
-  const accessMembership = useMemo(
-    () => toAccessMembership(membership, organizationId, permissions),
-    [membership, organizationId, permissions]
-  );
-  const accessModel = useMemo(() => createAccessModel(organizationModel), [organizationModel]);
-  const answer = useMemo(() => {
-    if (!organizationId && !isPlatformAdmin2) return MISSING_CONTEXT_ANSWER;
-    return accessModel.checkAccess(key, {
-      organizationId: organizationId ?? "",
-      organizationModel,
-      membership: accessMembership,
-      profile,
-      permissions,
-      diagnosticAllowlist: DIAGNOSTIC_VIEW_ACCESS_KEYS,
-      isDevelopment: import.meta.env?.DEV ?? false
-    });
-  }, [accessMembership, accessModel, isPlatformAdmin2, key, organizationId, organizationModel, permissions, profile]);
-  const providerReady = initialization?.organizationReady ?? Boolean(organizationId && accessMembership && systems?.organizationModel);
-  const permissionsReady = !shouldFetchPermissions || !permissionsQuery.isPending;
-  const isReady = isPlatformAdmin2 ? initialization?.userReady ?? true : providerReady && permissionsReady;
-  return {
-    ...answer,
-    isReady,
-    isPlatformAdmin: isPlatformAdmin2,
-    permissions
-  };
-}
-
-export { AccessKeys, useAccess };

package/dist/chunk-7PHY5ONQ.js

@@ -1,85 +0,0 @@
-import { useRouterContext } from './chunk-Q7DJKLEN.js';
-import { useOptionalElevasisSystems } from './chunk-J3FLIZY4.js';
-import { useMemo } from 'react';
-
-var useBreadcrumbs = (options = {}) => {
-  const { currentPath } = useRouterContext();
-  const systemContext = useOptionalElevasisSystems();
-  const { labelsByPath = {} } = options;
-  return useMemo(() => {
-    const shellModel = systemContext?.shellModel;
-    const overriddenLabel = labelsByPath[currentPath];
-    if (overriddenLabel) {
-      return [{ label: overriddenLabel, isActive: true }];
-    }
-    if (shellModel) {
-      const matchedNode = shellModel.findByPath(currentPath);
-      if (matchedNode) {
-        return shellModel.ancestorsOf(matchedNode.id).map((node, index, items) => ({
-          label: labelsByPath[node.path ?? ""] ?? node.label,
-          path: index === items.length - 1 ? void 0 : node.path,
-          isActive: index === items.length - 1
-        }));
-      }
-    }
-    const segments = currentPath.split("/").filter(Boolean);
-    if (segments.length === 0) {
-      return [{ label: "Dashboard", isActive: true }];
-    }
-    const breadcrumbs = [{ label: "Dashboard", path: "/" }];
-    let currentSegmentPath = "";
-    for (let i = 0; i < segments.length; i++) {
-      currentSegmentPath += `/${segments[i]}`;
-      const isLast = i === segments.length - 1;
-      const label = labelsByPath[currentSegmentPath] ?? formatSegmentLabel(segments[i]);
-      breadcrumbs.push({
-        label,
-        path: isLast ? void 0 : currentSegmentPath,
-        isActive: isLast
-      });
-    }
-    return breadcrumbs;
-  }, [currentPath, systemContext, labelsByPath]);
-};
-function formatSegmentLabel(segment) {
-  const decodedSegment = safeDecodeURIComponent(segment);
-  const routeLabel = formatRouteIdLabel(decodedSegment);
-  if (routeLabel) return routeLabel;
-  return titleCaseSegment(decodedSegment);
-}
-function safeDecodeURIComponent(value) {
-  try {
-    return decodeURIComponent(value);
-  } catch {
-    return value;
-  }
-}
-function formatRouteIdLabel(segment) {
-  if (segment.startsWith("group:")) {
-    const groupKey = segment.slice("group:".length);
-    return groupKey === "graph" ? "Ontology" : titleCaseSegment(groupKey);
-  }
-  if (segment.startsWith("domain:")) {
-    return titleCaseSegment(segment.slice("domain:".length));
-  }
-  if (segment.startsWith("item:")) {
-    const rest = segment.slice("item:".length);
-    const separatorIndex = rest.indexOf(":");
-    const itemId = separatorIndex === -1 ? rest : rest.slice(separatorIndex + 1);
-    return formatOntologyOrIdLabel(itemId);
-  }
-  if (segment.startsWith("ontology:")) {
-    return formatOntologyOrIdLabel(segment);
-  }
-  return void 0;
-}
-function formatOntologyOrIdLabel(value) {
-  const localId = value.includes("/") ? value.slice(value.lastIndexOf("/") + 1) : value;
-  const suffix = localId.includes(":") ? localId.slice(localId.lastIndexOf(":") + 1) : localId;
-  return titleCaseSegment(suffix);
-}
-function titleCaseSegment(segment) {
-  return segment.split("-").flatMap((part) => part.split("_")).flatMap((part) => part.split(".")).map((word) => word.charAt(0).toUpperCase() + word.slice(1)).join(" ");
-}
-
-export { useBreadcrumbs };

package/dist/chunk-B2DZLPDL.js

@@ -1,39 +0,0 @@
-import { usePresetsContext } from './chunk-6D4LCJ52.js';
-import { useMemo } from 'react';
-
-var BUILT_IN_NAMES = /* @__PURE__ */ new Set([
-  "default",
-  "tactical",
-  "regal",
-  "cyber-volt",
-  "aurora",
-  "rose-gold",
-  "midnight",
-  "titanium",
-  "obsidian",
-  "honey",
-  "abyss",
-  "canopy",
-  "slate",
-  "cyber-strike",
-  "cyber-chrome",
-  "cyber-void",
-  "quarry"
-]);
-function titleCase(str) {
-  return str.replace(/(^|-)(\w)/g, (_, sep, char) => (sep ? " " : "") + char.toUpperCase());
-}
-function useAvailablePresets() {
-  const presetsMap = usePresetsContext();
-  return useMemo(() => {
-    return Object.entries(presetsMap).map(([key, preset]) => ({
-      value: key,
-      label: preset.label ?? titleCase(key),
-      description: preset.description ?? "",
-      colors: preset.colors ?? [preset.dark.primary, preset.dark.background, preset.light.background],
-      isCustom: !BUILT_IN_NAMES.has(key)
-    }));
-  }, [presetsMap]);
-}
-
-export { useAvailablePresets };

package/dist/chunk-CLDCYJQT.js

@@ -1 +0,0 @@
-