@extrahorizon/javascript-sdk 8.5.0 → 8.6.0

package/CHANGELOG.md

@@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [8.6.0]
+
+### Added
+- Introduced methods to manage objects in arrays in the Data Service
+  - `exh.data.documents.appendObjectToArray`
+  - `exh.data.documents.updateObjectInArray`
+  - `exh.data.documents.removeObjectFromArray`
+
+### Fixed
+- Added missing properties `userId` and `applicationId` for the method `sdk.payments.appStore.completeTransaction`
+- Bumped Axios version to `0.30` to fix vulnerability `CVE-2025-27152`
+
 ## [8.5.0]
 
 ### Added

package/build/index.cjs.js

@@ -3596,6 +3596,21 @@ var documents = (client, httpAuth) => {
         async removeFields(schemaIdOrName, documentId, requestBody, options) {
             return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/deleteFields${(options === null || options === void 0 ? void 0 : options.rql) || ''}`, requestBody, options)).data;
         },
+        async appendObjectToArray(schemaIdOrName, documentId, arrayField, requestBody, options) {
+            return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/`, requestBody, {
+                ...options,
+                customKeys: ['*'],
+            })).data;
+        },
+        async updateObjectInArray(schemaIdOrName, documentId, arrayField, objectId, requestBody, options) {
+            return (await client.put(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/${objectId}`, requestBody, {
+                ...options,
+                customRequestKeys: ['*'],
+            })).data;
+        },
+        async removeObjectFromArray(schemaIdOrName, documentId, arrayField, objectId, options) {
+            return (await client.delete(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/${objectId}`, options)).data;
+        },
         async transition(schemaIdOrName, documentId, requestBody, options) {
             return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/transition${(options === null || options === void 0 ? void 0 : options.rql) || ''}`, requestBody, options)).data;
         },
@@ -5380,7 +5395,7 @@ const logsService = (httpWithAuth) => {
     };
 };
 
-const version = '8.5.0';
+const version = '8.6.0';
 
 /**
  * Create ExtraHorizon client.

package/build/index.mjs

@@ -3566,6 +3566,21 @@ var documents = (client, httpAuth) => {
         async removeFields(schemaIdOrName, documentId, requestBody, options) {
             return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/deleteFields${(options === null || options === void 0 ? void 0 : options.rql) || ''}`, requestBody, options)).data;
         },
+        async appendObjectToArray(schemaIdOrName, documentId, arrayField, requestBody, options) {
+            return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/`, requestBody, {
+                ...options,
+                customKeys: ['*'],
+            })).data;
+        },
+        async updateObjectInArray(schemaIdOrName, documentId, arrayField, objectId, requestBody, options) {
+            return (await client.put(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/${objectId}`, requestBody, {
+                ...options,
+                customRequestKeys: ['*'],
+            })).data;
+        },
+        async removeObjectFromArray(schemaIdOrName, documentId, arrayField, objectId, options) {
+            return (await client.delete(httpAuth, `/${schemaIdOrName}/documents/${documentId}/${arrayField}/${objectId}`, options)).data;
+        },
         async transition(schemaIdOrName, documentId, requestBody, options) {
             return (await client.post(httpAuth, `/${schemaIdOrName}/documents/${documentId}/transition${(options === null || options === void 0 ? void 0 : options.rql) || ''}`, requestBody, options)).data;
         },
@@ -5350,7 +5365,7 @@ const logsService = (httpWithAuth) => {
     };
 };
 
-const version = '8.5.0';
+const version = '8.6.0';
 
 /**
  * Create ExtraHorizon client.

package/build/types/mockType.d.ts

@@ -129,6 +129,9 @@ export declare type MockClientOAuth1<MockFn> = {
             update: MockFn;
             remove: MockFn;
             removeFields: MockFn;
+            appendObjectToArray: MockFn;
+            updateObjectInArray: MockFn;
+            removeObjectFromArray: MockFn;
             transition: MockFn;
             linkGroups: MockFn;
             unlinkGroups: MockFn;
@@ -660,6 +663,9 @@ export declare type MockClientOAuth2<MockFn> = {
             update: MockFn;
             remove: MockFn;
             removeFields: MockFn;
+            appendObjectToArray: MockFn;
+            updateObjectInArray: MockFn;
+            removeObjectFromArray: MockFn;
             transition: MockFn;
             linkGroups: MockFn;
             unlinkGroups: MockFn;
@@ -1191,6 +1197,9 @@ export declare type MockClientProxy<MockFn> = {
             update: MockFn;
             remove: MockFn;
             removeFields: MockFn;
+            appendObjectToArray: MockFn;
+            updateObjectInArray: MockFn;
+            removeObjectFromArray: MockFn;
             transition: MockFn;
             linkGroups: MockFn;
             unlinkGroups: MockFn;

package/build/types/services/data/types.d.ts

@@ -775,6 +775,225 @@ export interface DataDocumentsService {
     removeFields(schemaIdOrName: ObjectId | string, documentId: ObjectId, requestBody: {
         fields: Array<string>;
     }, options?: OptionsWithRql): Promise<AffectedRecords>;
+    /**
+     * # Append an object to an array
+     *
+     * Append an object to an array field in the selected document.
+     *
+     * When the object is appended to the array, the object will automatically be assigned a unique `id`.
+     *
+     * ## Example
+     *
+     * For a schema with the name `daily-summary`, a document looking like:
+     *
+     * ```json
+     * {
+     *   "id": "5f7b1b3b1f7b4b0001f7b4b2",
+     *   "data": {
+     *    "userId": "67e66ef64f0ea8488aba8f2f",
+     *    "date": "2025-03-28",
+     *    "hourlySummaries": [
+     *      { "id": "6568d05351c0f5307421e196", "avg": 5, "max": 10, "min": 2 },
+     *      { "id": "67e66793ae59de5bba4b262f", "avg": 7, "max": 15, "min": 3 }
+     *    ]
+     *   }
+     * }
+     * ```
+     *
+     * Appending an item to the `hourlySummaries`, looking like:
+     *
+     * ```json
+     * {
+     *   "avg": 10,
+     *   "max": 20,
+     *   "min": 5
+     * }
+     * ```
+     *
+     * Would be done like:
+     *
+     * ```ts
+     * const documentId = '5f7b1b3b1f7b4b0001f7b4b2';
+     * const hourlySummary = { avg: 10, max: 20, min: 5 };
+     * await exh.data.documents.appendObjectToArray('daily-summary', documentId, 'hourlySummaries', hourlySummary);
+     * ```
+     *
+     * ## Access via permissions
+     * Regardless of how the access modes (described below) are set, a user is always able to perform an operation on a document if they are assigned a specific permission.  This permission can come from a global role of the user or a staff enlistment role the user has in the group of the document.
+     * Permission | Scopes | Effect
+     * - | - | -
+     * `UPDATE_DOCUMENTS` | `global` | Update any document
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `global` | Update any document of the specified schema
+     * `UPDATE_DOCUMENTS` | `staff_enlistment` | Update any document belonging to the group
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `staff_enlistment` | Update any document of the specified schema belonging to the group
+     * <br>
+     *
+     * ## General access mode values
+     * The general access mode values determine if a user requires permission to perform the action for the Schema. A general access mode value is provided as one of the following strings.
+     * General updateMode value | Description
+     * - | -
+     * `"permissionRequired"` | The permissions above apply
+     * <br>
+     *
+     * ## Relational access mode values
+     * Relational access mode values are supplied as an array. When multiple relational access mode values are supplied, a user adhering to any relation in this array is allowed to perform the action on the document.
+     * Relational updateMode value | Description
+     * - | -
+     * `["creator"]` | The user that created the document can update the document.
+     * `["linkedUsers"]` |  All users where their user id is in the list of userIds of the document can update the document.
+     * `["linkedGroupPatients"]` | All users that have a patient enlistment in a group that is in the list of groupIds of the document can update the document.
+     * `["linkedGroupStaff"]` | All users that have a staff enlistment in a group that is in the list of groupIds of the document can update the document.
+     * <br>
+     *
+     * ## Legacy access mode values
+     * Listed below are the deprecated values with their current equivalent
+     * Legacy updateMode value | Description
+     * - | -
+     * `"default"` | Translates to `["linkedUsers","linkedGroupStaff"]` relational access mode
+     * `"creatorOnly"` | Translates to `["creator"]` relational access mode
+     * `"disabled"` | Translates to the `"permissionRequired"` general access mode value
+     * `"linkedGroupsStaffOnly"` | Translates to `["linkedGroupStaff"]` relational access mode
+     */
+    appendObjectToArray<UpdateData = Record<string, any>>(schemaIdOrName: ObjectId | string, documentId: ObjectId, arrayField: string, requestBody: UpdateData, options?: OptionsBase): Promise<UpdateData & {
+        id: ObjectId;
+    }>;
+    /**
+     * # Update an object in an array
+     *
+     * Update an object in an array field in the selected document.
+     *
+     * ## Example
+     *
+     * For a schema with the name `daily-summary`, a document looking like:
+     *
+     * ```json
+     * {
+     *   "id": "5f7b1b3b1f7b4b0001f7b4b2",
+     *   "data": {
+     *     "userId": "67e66ef64f0ea8488aba8f2f",
+     *     "date": "2025-03-28",
+     *     "hourlySummaries": [
+     *       { "id": "6568d05351c0f5307421e196", "avg": 5, "max": 10, "min": 2 },
+     *       { "id": "67e66793ae59de5bba4b262f", "avg": 7, "max": 15, "min": 3 }
+     *     ]
+     *   }
+     * }
+     * ```
+     *
+     * Updating the object with the id `67e66793ae59de5bba4b262f` in the `hourlySummaries` array would be done like:
+     *
+     * ```ts
+     * const documentId = '5f7b1b3b1f7b4b0001f7b4b2';
+     * const objectId = '67e66793ae59de5bba4b262f';
+     * const updateData = { avg: 8, max: 16, min: 4 };
+     * await exh.data.documents.updateObjectInArray('daily-summary', documentId, 'hourlySummaries', objectId, updateData);
+     * ```
+     *
+     * ## Access via permissions
+     * Regardless of how the access modes (described below) are set, a user is always able to perform an operation on a document if they are assigned a specific permission.  This permission can come from a global role of the user or a staff enlistment role the user has in the group of the document.
+     * Permission | Scopes | Effect
+     * - | - | -
+     * `UPDATE_DOCUMENTS` | `global` | Update any document
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `global` | Update any document of the specified schema
+     * `UPDATE_DOCUMENTS` | `staff_enlistment` | Update any document belonging to the group
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `staff_enlistment` | Update any document of the specified schema belonging to the group
+     * <br>
+     *
+     * ## General access mode values
+     * The general access mode values determine if a user requires permission to perform the action for the Schema. A general access mode value is provided as one of the following strings.
+     * General updateMode value | Description
+     * - | -
+     * `"permissionRequired"` | The permissions above apply
+     * <br>
+     *
+     * ## Relational access mode values
+     * Relational access mode values are supplied as an array. When multiple relational access mode values are supplied, a user adhering to any relation in this array is allowed to perform the action on the document.
+     * Relational updateMode value | Description
+     * - | -
+     * `["creator"]` | The user that created the document can update the document.
+     * `["linkedUsers"]` |  All users where their user id is in the list of userIds of the document can update the document.
+     * `["linkedGroupPatients"]` | All users that have a patient enlistment in a group that is in the list of groupIds of the document can update the document.
+     * `["linkedGroupStaff"]` | All users that have a staff enlistment in a group that is in the list of groupIds of the document can update the document.
+     * <br>
+     *
+     * ## Legacy access mode values
+     * Listed below are the deprecated values with their current equivalent
+     * Legacy updateMode value | Description
+     * - | -
+     * `"default"` | Translates to `["linkedUsers","linkedGroupStaff"]` relational access mode
+     * `"creatorOnly"` | Translates to `["creator"]` relational access mode
+     * `"disabled"` | Translates to the `"permissionRequired"` general access mode value
+     * `"linkedGroupsStaffOnly"` | Translates to `["linkedGroupStaff"]` relational access mode
+     */
+    updateObjectInArray<UpdateData = Record<string, any>>(schemaIdOrName: ObjectId | string, documentId: ObjectId, arrayField: string, objectId: ObjectId, requestBody: UpdateData, options?: OptionsBase): Promise<AffectedRecords>;
+    /**
+     * # Remove an object from an array
+     *
+     * Remove an object from an array field in the selected document.
+     *
+     * ## Example
+     *
+     * For a schema with the name `daily-summary`, a document looking like:
+     *
+     * ```json
+     * {
+     *   "id": "5f7b1b3b1f7b4b0001f7b4b2",
+     *   "data": {
+     *     "userId": "67e66ef64f0ea8488aba8f2f",
+     *     "date": "2025-03-28",
+     *     "hourlySummaries": [
+     *       { "id": "6568d05351c0f5307421e196", "avg": 5, "max": 10, "min": 2 },
+     *       { "id": "67e66793ae59de5bba4b262f", "avg": 7, "max": 15, "min": 3 }
+     *     ]
+     *   }
+     * }
+     * ```
+     *
+     * Removing the object with the id `67e66793ae59de5bba4b262f` from the `hourlySummaries` array would be done like:
+     *
+     * ```ts
+     * const documentId = '5f7b1b3b1f7b4b0001f7b4b2';
+     * const objectId = '67e66793ae59de5bba4b262f';
+     * await exh.data.documents.removeObjectFromArray('daily-summary', documentId, 'hourlySummaries', objectId);
+     * ```
+     *
+     * ## Access via permissions
+     * Regardless of how the access modes (described below) are set, a user is always able to perform an operation on a document if they are assigned a specific permission.  This permission can come from a global role of the user or a staff enlistment role the user has in the group of the document.
+     * Permission | Scopes | Effect
+     * - | - | -
+     * `UPDATE_DOCUMENTS` | `global` | Update any document
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `global` | Update any document of the specified schema
+     * `UPDATE_DOCUMENTS` | `staff_enlistment` | Update any document belonging to the group
+     * `UPDATE_DOCUMENTS:{SCHEMA_NAME}` | `staff_enlistment` | Update any document of the specified schema belonging to the group
+     * <br>
+     *
+     * ## General access mode values
+     * The general access mode values determine if a user requires permission to perform the action for the Schema. A general access mode value is provided as one of the following strings.
+     * General updateMode value | Description
+     * - | -
+     * `"permissionRequired"` | The permissions above apply
+     * <br>
+     *
+     * ## Relational access mode values
+     * Relational access mode values are supplied as an array. When multiple relational access mode values are supplied, a user adhering to any relation in this array is allowed to perform the action on the document.
+     * Relational updateMode value | Description
+     * - | -
+     * `["creator"]` | The user that created the document can update the document.
+     * `["linkedUsers"]` |  All users where their user id is in the list of userIds of the document can update the document.
+     * `["linkedGroupPatients"]` | All users that have a patient enlistment in a group that is in the list of groupIds of the document can update the document.
+     * `["linkedGroupStaff"]` | All users that have a staff enlistment in a group that is in the list of groupIds of the document can update the document.
+     * <br>
+     *
+     * ## Legacy access mode values
+     * Listed below are the deprecated values with their current equivalent
+     * Legacy updateMode value | Description
+     * - | -
+     * `"default"` | Translates to `["linkedUsers","linkedGroupStaff"]` relational access mode
+     * `"creatorOnly"` | Translates to `["creator"]` relational access mode
+     * `"disabled"` | Translates to the `"permissionRequired"` general access mode value
+     * `"linkedGroupsStaffOnly"` | Translates to `["linkedGroupStaff"]` relational access mode
+     */
+    removeObjectFromArray(schemaIdOrName: ObjectId | string, documentId: ObjectId, arrayField: string, objectId: ObjectId, options?: OptionsBase): Promise<AffectedRecords>;
     /**
      * # Transition a document
      *

package/build/types/services/payments/types.d.ts

@@ -182,6 +182,14 @@ export interface TransactionCompletionDataSchema {
      * The id of the transition inside the receipt to complete
      */
     transactionId: string;
+    /**
+     * The id of the user to complete the transaction for (requires the `ASSUME_PAYMENT_ENTITY` permission)
+     */
+    userId?: ObjectId;
+    /**
+     * The id of the application to complete the transaction for (requires the `ASSUME_PAYMENT_ENTITY` permission)
+     */
+    applicationId?: ObjectId;
 }
 export declare type AppleReceiptExampleSchema = any;
 export interface ReceiptVerificationDataSchema {
@@ -350,6 +358,7 @@ export interface PaymentsAppStoreService {
      * Permission | Scope | Effect
      * - | - | -
      * none |  | Everyone can use this endpoint
+     * `ASSUME_PAYMENT_ENTITY` | `global` | Complete a transaction for another application or user
      * @param requestBody TransactionCompletionDataSchema
      * @returns AppleReceiptExampleSchema
      * A detailed description of the data can be found in the [official App Store documentation](https://developer.apple.com/documentation/appstorereceipts/responsebody).

package/build/types/version.d.ts

@@ -1 +1 @@
-export declare const version = "8.5.0";
+export declare const version = "8.6.0";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@extrahorizon/javascript-sdk",
-  "version": "8.5.0",
+  "version": "8.6.0",
   "description": "This package serves as a JavaScript wrapper around all Extra Horizon cloud services.",
   "main": "build/index.cjs.js",
   "types": "build/types/index.d.ts",
@@ -32,7 +32,7 @@
     "build"
   ],
   "dependencies": {
-    "axios": "0.28.1",
+    "axios": "0.30.0",
     "buffer": "6.0.3",
     "fflate": "0.8.2",
     "form-data": "4.0.0",
@@ -58,4 +58,4 @@
     "ts-jest": "^29.1.2",
     "typescript": "^4.5.5"
   }
-}
+}