@final-commerce/command-frame 0.1.39 → 0.1.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/CommonTypes.d.ts +1 -0
  2. package/dist/actions/get-context/mock.js +1 -0
  3. package/dist/projects/render/mocks.js +4 -0
  4. package/dist/projects/render/types.d.ts +3 -1
  5. package/dist/provider.d.ts +6 -0
  6. package/dist/provider.js +26 -7
  7. package/package.json +1 -1
package/dist/CommonTypes.d.ts CHANGED
@@ -475,6 +475,7 @@ export interface CFContextRender {
475
475
  buildVersion: string | null;
476
476
  buildSourceId: string | null;
477
477
  buildIsPremium: boolean;
478
+ isOffline: boolean;
478
479
  user: Record<string, any> | null;
479
480
  company: Omit<Record<string, any>, 'settings'> | null;
480
481
  station: Record<string, any> | null;
package/dist/actions/get-context/mock.js CHANGED
@@ -16,6 +16,7 @@ export const mockGetContext = async () => {
16
16
  buildVersion: "1.0.0-mock",
17
17
  buildSourceId: "mock_source_id",
18
18
  buildIsPremium: true,
19
+ isOffline: false,
19
20
  user: null,
20
21
  company: null,
21
22
  station: null,
package/dist/projects/render/mocks.js CHANGED
@@ -59,6 +59,8 @@ import { mockGetCustomExtensionCustomTables } from "../../actions/get-custom-ext
59
59
  import { mockGetSecretsKeys } from "../../actions/get-secrets-keys/mock";
60
60
  import { mockGetSecretVal } from "../../actions/get-secret-val/mock";
61
61
  import { mockSetSecretVal } from "../../actions/set-secret-val/mock";
62
+ import { mockGetUsers } from "../../actions/get-users/mock";
63
+ import { mockGetRoles } from "../../actions/get-roles/mock";
62
64
  export const RENDER_MOCKS = {
63
65
  addCartDiscount: mockAddCartDiscount,
64
66
  addCartFee: mockAddCartFee,
@@ -121,4 +123,6 @@ export const RENDER_MOCKS = {
121
123
  getSecretsKeys: mockGetSecretsKeys,
122
124
  getSecretVal: mockGetSecretVal,
123
125
  setSecretVal: mockSetSecretVal,
126
+ getUsers: mockGetUsers,
127
+ getRoles: mockGetRoles,
124
128
  };
package/dist/projects/render/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { ExampleFunction, GetProducts, AddCustomSale, GetCustomers, AssignCustomer, AddCustomer, GetCategories, GetOrders, GetRefunds, AddProductDiscount, AddProductToCart, RemoveProductFromCart, UpdateCartItemQuantity, AddCartDiscount, GetContext, GetFinalContext, AddProductNote, AddProductFee, AdjustInventory, AddOrderNote, AddCartFee, ClearCart, ParkOrder, ResumeParkedOrder, DeleteParkedOrder, InitiateRefund, CashPayment, TapToPayPayment, TerminalPayment, VendaraPayment, AddCustomerNote, RemoveCustomerFromCart, GoToStationHome, OpenCashDrawer, ShowNotification, ShowConfirmation, AuthenticateUser, PartialPayment, SwitchUser, TriggerWebhook, TriggerZapierWebhook, SetRefundStockAction, SelectAllRefundItems, ResetRefundDetails, CalculateRefundTotal, GetRemainingRefundableQuantities, ProcessPartialRefund, GetCurrentCart, Print, SetActiveOrder, GetCustomTables, GetCustomTableData, UpsertCustomTableData, DeleteCustomTableData, GetCustomExtensions, GetCurrentCompanyCustomExtensions, GetCustomExtensionCustomTables, GetCustomTableFields, GetSecretsKeys, GetSecretVal, SetSecretVal } from "../../index";
1
+ import type { ExampleFunction, GetProducts, AddCustomSale, GetCustomers, AssignCustomer, AddCustomer, GetCategories, GetOrders, GetRefunds, AddProductDiscount, AddProductToCart, RemoveProductFromCart, UpdateCartItemQuantity, AddCartDiscount, GetContext, GetFinalContext, AddProductNote, AddProductFee, AdjustInventory, AddOrderNote, AddCartFee, ClearCart, ParkOrder, ResumeParkedOrder, DeleteParkedOrder, InitiateRefund, CashPayment, TapToPayPayment, TerminalPayment, VendaraPayment, AddCustomerNote, RemoveCustomerFromCart, GoToStationHome, OpenCashDrawer, ShowNotification, ShowConfirmation, AuthenticateUser, PartialPayment, SwitchUser, TriggerWebhook, TriggerZapierWebhook, SetRefundStockAction, SelectAllRefundItems, ResetRefundDetails, CalculateRefundTotal, GetRemainingRefundableQuantities, ProcessPartialRefund, GetCurrentCart, Print, SetActiveOrder, GetCustomTables, GetCustomTableData, UpsertCustomTableData, DeleteCustomTableData, GetCustomExtensions, GetCurrentCompanyCustomExtensions, GetCustomExtensionCustomTables, GetCustomTableFields, GetSecretsKeys, GetSecretVal, SetSecretVal, GetUsers, GetRoles } from "../../index";
2
2
  export interface RenderProviderActions {
3
3
  exampleFunction: ExampleFunction;
4
4
  getProducts: GetProducts;
@@ -61,4 +61,6 @@ export interface RenderProviderActions {
61
61
  getSecretsKeys: GetSecretsKeys;
62
62
  getSecretVal: GetSecretVal;
63
63
  setSecretVal: SetSecretVal;
64
+ getUsers: GetUsers;
65
+ getRoles: GetRoles;
64
66
  }
package/dist/provider.d.ts CHANGED
@@ -3,6 +3,7 @@ export type ActionHandlers = Map<string, ActionHandler>;
3
3
  export declare class CommandFrameProvider<TActions extends object = any> {
4
4
  private handlers;
5
5
  private origin;
6
+ private isWildcardPattern;
6
7
  private debug;
7
8
  private destroyed;
8
9
  private boundHandleMessage;
@@ -10,6 +11,11 @@ export declare class CommandFrameProvider<TActions extends object = any> {
10
11
  origin?: string;
11
12
  debug?: boolean;
12
13
  });
14
+ /**
15
+ * Supports "*" (allow all), exact match, and wildcard subdomain
16
+ * patterns like "https://*.example.com".
17
+ */
18
+ private isOriginAllowed;
13
19
  register<TParams = any, TResponse = any>(action: string, handler: ActionHandler<TParams, TResponse>): void;
14
20
  unregister(action: string): void;
15
21
  private handleMessage;
package/dist/provider.js CHANGED
@@ -4,6 +4,7 @@ export class CommandFrameProvider {
4
4
  this.destroyed = false;
5
5
  this.origin = options.origin || "*";
6
6
  this.debug = options.debug || false;
7
+ this.isWildcardPattern = this.origin !== "*" && this.origin.includes("*");
7
8
  this.boundHandleMessage = this.handleMessage.bind(this);
8
9
  if (typeof window !== "undefined") {
9
10
  window.addEventListener("message", this.boundHandleMessage);
@@ -23,6 +24,22 @@ export class CommandFrameProvider {
23
24
  });
24
25
  }
25
26
  }
27
+ /**
28
+ * Supports "*" (allow all), exact match, and wildcard subdomain
29
+ * patterns like "https://*.example.com".
30
+ */
31
+ isOriginAllowed(eventOrigin) {
32
+ if (this.origin === "*")
33
+ return true;
34
+ if (!this.isWildcardPattern)
35
+ return eventOrigin === this.origin;
36
+ const wildcardIndex = this.origin.indexOf("*.");
37
+ const prefix = this.origin.slice(0, wildcardIndex);
38
+ const suffix = this.origin.slice(wildcardIndex + 1);
39
+ return (eventOrigin.startsWith(prefix) &&
40
+ eventOrigin.endsWith(suffix) &&
41
+ eventOrigin.length > prefix.length + suffix.length);
42
+ }
26
43
  register(action, handler) {
27
44
  if (this.destroyed) {
28
45
  if (this.debug) {
@@ -56,7 +73,7 @@ export class CommandFrameProvider {
56
73
  if (!request || typeof request !== "object" || !("action" in request)) {
57
74
  return;
58
75
  }
59
- if (this.origin !== "*" && event.origin !== this.origin) {
76
+ if (!this.isOriginAllowed(event.origin)) {
60
77
  if (this.debug) {
61
78
  console.warn("[CommandFrameProvider] Origin mismatch", {
62
79
  expected: this.origin,
@@ -65,6 +82,7 @@ export class CommandFrameProvider {
65
82
  }
66
83
  return;
67
84
  }
85
+ const targetOrigin = this.isWildcardPattern ? event.origin : this.origin;
68
86
  if (!request.action || !request.requestId) {
69
87
  if (this.debug) {
70
88
  console.warn("[CommandFrameProvider] Invalid request format", {
@@ -92,7 +110,7 @@ export class CommandFrameProvider {
92
110
  this.sendResponse(event.source, request.requestId, {
93
111
  success: false,
94
112
  error: `Unknown action: ${request.action}`
95
- });
113
+ }, targetOrigin);
96
114
  }
97
115
  return;
98
116
  }
@@ -103,7 +121,7 @@ export class CommandFrameProvider {
103
121
  this.sendResponse(event.source, request.requestId, {
104
122
  success: true,
105
123
  data: result
106
- });
124
+ }, targetOrigin);
107
125
  if (this.debug) {
108
126
  console.log("[CommandFrameProvider] Action executed", {
109
127
  action: request.action,
@@ -125,7 +143,7 @@ export class CommandFrameProvider {
125
143
  this.sendResponse(event.source, request.requestId, {
126
144
  success: false,
127
145
  error: errorMessage
128
- });
146
+ }, targetOrigin);
129
147
  if (this.debug) {
130
148
  console.error("[CommandFrameProvider] Action failed", {
131
149
  action: request.action,
@@ -143,7 +161,7 @@ export class CommandFrameProvider {
143
161
  }
144
162
  }
145
163
  }
146
- sendResponse(target, requestId, response) {
164
+ sendResponse(target, requestId, response, targetOrigin) {
147
165
  const message = {
148
166
  requestId,
149
167
  ...response
@@ -151,10 +169,11 @@ export class CommandFrameProvider {
151
169
  if (this.debug) {
152
170
  console.log("[CommandFrameProvider] Sending response", {
153
171
  requestId,
154
- success: response.success
172
+ success: response.success,
173
+ targetOrigin
155
174
  });
156
175
  }
157
- target.postMessage(message, this.origin);
176
+ target.postMessage(message, targetOrigin);
158
177
  }
159
178
  destroy() {
160
179
  if (this.destroyed) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@final-commerce/command-frame",
3
- "version": "0.1.39",
3
+ "version": "0.1.41",
4
4
  "description": "Commands Frame library",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",