@fonoster/common 0.9.31 → 0.9.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/identity/createAuthInterceptor.js +2 -0
  2. package/dist/identity/roles.d.ts +2 -1
  3. package/dist/identity/roles.js +25 -24
  4. package/package.json +2 -2
package/dist/identity/createAuthInterceptor.js CHANGED
@@ -71,6 +71,8 @@ function createAuthInterceptor(identityPublicKey, publicPath) {
71
71
  });
72
72
  if (!(0, hasAccess_1.hasAccess)(decodedToken, path) ||
73
73
  (roles_1.workspaceResourceAccess.includes(path) &&
74
+ !(0, tokenHasAccessKeyId_1.tokenHasAccessKeyId)(token, accessKeyId)) ||
75
+ (roles_1.workspaceResourceOwnerOrAdminAccess.includes(path) &&
74
76
  !(0, tokenHasAccessKeyId_1.tokenHasAccessKeyId)(token, accessKeyId))) {
75
77
  return (0, errors_1.permissionDeniedError)(call);
76
78
  }
package/dist/identity/roles.d.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  import { RoleType } from "./types";
2
2
  declare const VOICE_SERVICE_ROLE = "VOICE_SERVICE";
3
3
  declare const workspaceResourceAccess: string[];
4
+ declare const workspaceResourceOwnerOrAdminAccess: string[];
4
5
  declare const roles: RoleType[];
5
- export { VOICE_SERVICE_ROLE, roles, workspaceResourceAccess };
6
+ export { VOICE_SERVICE_ROLE, roles, workspaceResourceAccess, workspaceResourceOwnerOrAdminAccess };
package/dist/identity/roles.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.workspaceResourceAccess = exports.roles = exports.VOICE_SERVICE_ROLE = void 0;
3
+ exports.workspaceResourceOwnerOrAdminAccess = exports.workspaceResourceAccess = exports.roles = exports.VOICE_SERVICE_ROLE = void 0;
4
4
  /**
5
5
  * Copyright (C) 2025 by Fonoster Inc (https://fonoster.com)
6
6
  * http://github.com/fonoster/fonoster
@@ -67,9 +67,20 @@ const workspaceResourceAccess = [
67
67
  "/fonoster.calls.v1beta2.Calls/ListCalls",
68
68
  "/fonoster.calls.v1beta2.Calls/GetCall",
69
69
  "/fonoster.calls.v1beta2.Calls/TrackCall",
70
- "/fonoster.voice.v1beta2.Voice/CreateSession"
70
+ "/fonoster.voice.v1beta2.Voice/CreateSession",
71
+ "/fonoster.identity.v1beta2.Identity/CreateApiKey",
72
+ "/fonoster.identity.v1beta2.Identity/DeleteApiKey",
73
+ "/fonoster.identity.v1beta2.Identity/ListApiKeys",
74
+ "/fonoster.identity.v1beta2.Identity/RegenerateApiKey"
71
75
  ];
72
76
  exports.workspaceResourceAccess = workspaceResourceAccess;
77
+ const workspaceResourceOwnerOrAdminAccess = [
78
+ "/fonoster.identity.v1beta2.Identity/ListWorkspaceMembers",
79
+ "/fonoster.identity.v1beta2.Identity/InviteUserToWorkspace",
80
+ "/fonoster.identity.v1beta2.Identity/RemoveUserFromWorkspace",
81
+ "/fonoster.identity.v1beta2.Identity/ResendWorkspaceMembershipInvitation"
82
+ ];
83
+ exports.workspaceResourceOwnerOrAdminAccess = workspaceResourceOwnerOrAdminAccess;
73
84
  const fullIdentityAccess = [
74
85
  "/fonoster.identity.v1beta2.Identity/GetUser",
75
86
  "/fonoster.identity.v1beta2.Identity/UpdateUser",
@@ -78,42 +89,32 @@ const fullIdentityAccess = [
78
89
  "/fonoster.identity.v1beta2.Identity/GetWorkspace",
79
90
  "/fonoster.identity.v1beta2.Identity/UpdateWorkspace",
80
91
  "/fonoster.identity.v1beta2.Identity/ListWorkspaces",
81
- "/fonoster.identity.v1beta2.Identity/ListWorkspaceMembers",
82
92
  "/fonoster.identity.v1beta2.Identity/DeleteWorkspace",
83
- "/fonoster.identity.v1beta2.Identity/InviteUserToWorkspace",
84
- "/fonoster.identity.v1beta2.Identity/RemoveUserFromWorkspace",
85
- "/fonoster.identity.v1beta2.Identity/ResendWorkspaceMembershipInvitation",
86
- "/fonoster.identity.v1beta2.Identity/RefreshToken",
87
- "/fonoster.identity.v1beta2.Identity/CreateApiKey",
88
- "/fonoster.identity.v1beta2.Identity/DeleteApiKey",
89
- "/fonoster.identity.v1beta2.Identity/ListApiKeys",
90
- "/fonoster.identity.v1beta2.Identity/RegenerateApiKey"
93
+ "/fonoster.identity.v1beta2.Identity/RefreshToken"
91
94
  ];
92
95
  const roles = [
93
96
  {
94
97
  name: types_1.Role.USER,
95
98
  description: "Access to User and Workspace endpoints",
96
- access: [
97
- "/fonoster.identity.v1beta2.Identity/GetUser",
98
- "/fonoster.identity.v1beta2.Identity/UpdateUser",
99
- "/fonoster.identity.v1beta2.Identity/DeleteUser",
100
- "/fonoster.identity.v1beta2.Identity/CreateWorkspace",
101
- "/fonoster.identity.v1beta2.Identity/GetWorkspace",
102
- "/fonoster.identity.v1beta2.Identity/UpdateWorkspace",
103
- "/fonoster.identity.v1beta2.Identity/ListWorkspaces",
104
- "/fonoster.identity.v1beta2.Identity/RefreshToken",
105
- ...workspaceResourceAccess
106
- ]
99
+ access: [...fullIdentityAccess, ...workspaceResourceAccess]
107
100
  },
108
101
  {
109
102
  name: types_1.Role.WORKSPACE_OWNER,
110
103
  description: "Access to all endpoints",
111
- access: [...fullIdentityAccess, ...workspaceResourceAccess]
104
+ access: [
105
+ ...fullIdentityAccess,
106
+ ...workspaceResourceAccess,
107
+ ...workspaceResourceOwnerOrAdminAccess
108
+ ]
112
109
  },
113
110
  {
114
111
  name: types_1.Role.WORKSPACE_ADMIN,
115
112
  description: "Access to all endpoints",
116
- access: [...fullIdentityAccess, ...workspaceResourceAccess]
113
+ access: [
114
+ ...fullIdentityAccess,
115
+ ...workspaceResourceAccess,
116
+ ...workspaceResourceOwnerOrAdminAccess
117
+ ]
117
118
  },
118
119
  {
119
120
  name: types_1.Role.WORKSPACE_MEMBER,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fonoster/common",
3
- "version": "0.9.31",
3
+ "version": "0.9.35",
4
4
  "description": "Common library for Fonoster projects",
5
5
  "author": "Pedro Sanders <psanders@fonoster.com>",
6
6
  "homepage": "https://github.com/fonoster/fonoster#readme",
@@ -49,5 +49,5 @@
49
49
  "devDependencies": {
50
50
  "@types/nodemailer": "^6.4.14"
51
51
  },
52
- "gitHead": "8d324aaed02811c1b143e60fbd4a6a8091ec164e"
52
+ "gitHead": "051baac1de8595a8d657022ee588d8cbb59f32ef"
53
53
  }