npm - @fusebase/fusebase-gate-sdk - Versions diffs - 2.3.4 → 2.3.5-sdk.1 - Mend

@fusebase/fusebase-gate-sdk 2.3.4 → 2.3.5-sdk.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/apis/PortalFeatureContextApi.d.ts +24 -0
package/dist/apis/PortalFeatureContextApi.js +30 -0
package/dist/apis/TokensApi.d.ts +6 -3
package/dist/apis/TokensApi.js +3 -2
package/dist/index.d.ts +1 -0
package/dist/index.js +3 -1
package/dist/types/index.d.ts +2 -1
package/dist/types/index.js +1 -0
package/dist/types/portal-feature-context/portal-feature-context.d.ts +18 -0
package/dist/types/portal-feature-context/portal-feature-context.js +2 -0
package/dist/types/token/token.d.ts +18 -0
package/dist/types/token/token.js +5 -0
package/package.json +1 -1
package/release-notes/2.3.5-sdk.1.md +9 -0
package/release-notes/latest.md +3 -3
package/release-notes/2.3.4-sdk.0.md +0 -46
package/release-notes/2.3.4.md +0 -9

package/dist/apis/PortalFeatureContextApi.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * PortalFeatureContext API
+ *
+ * Generated from contract introspection
+ * Domain: portal-feature-context
+ */
+import type { Client } from "../runtime/transport";
+import type { orgIdInPathRequired, VerifyPortalFeatureContextTokenRequestContract, VerifyPortalFeatureContextTokenResponseContract } from "../types";
+export declare class PortalFeatureContextApi {
+    private client;
+    constructor(client: Client);
+    /**
+     * Verify portal embed context token
+     * Validates a platform-signed `portalFeatureContextToken` (iframe query param) and returns trusted portalId/workspaceId for backend RLS context. The token must match the path appId when bound to a specific app feature.
+     */
+    verifyPortalFeatureContextToken(params: {
+        path: {
+            orgId: orgIdInPathRequired;
+            appId: string;
+        };
+        headers?: Record<string, string>;
+        body: VerifyPortalFeatureContextTokenRequestContract;
+    }): Promise<VerifyPortalFeatureContextTokenResponseContract>;
+}

package/dist/apis/PortalFeatureContextApi.js ADDED Viewed

@@ -0,0 +1,30 @@
+"use strict";
+/**
+ * PortalFeatureContext API
+ *
+ * Generated from contract introspection
+ * Domain: portal-feature-context
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PortalFeatureContextApi = void 0;
+class PortalFeatureContextApi {
+    constructor(client) {
+        this.client = client;
+    }
+    /**
+     * Verify portal embed context token
+     * Validates a platform-signed `portalFeatureContextToken` (iframe query param) and returns trusted portalId/workspaceId for backend RLS context. The token must match the path appId when bound to a specific app feature.
+     */
+    async verifyPortalFeatureContextToken(params) {
+        return this.client.request({
+            method: "POST",
+            path: "/:orgId/apps/:appId/portal-feature-context/verify",
+            pathParams: params.path,
+            headers: params.headers,
+            body: params.body,
+            opId: "verifyPortalFeatureContextToken",
+            expectedContentType: "application/json",
+        });
+    }
+}
+exports.PortalFeatureContextApi = PortalFeatureContextApi;

package/dist/apis/TokensApi.d.ts CHANGED Viewed

@@ -5,7 +5,7 @@
  * Domain: tokens
  */
 import type { Client } from "../runtime/transport";
-import type { CreateTokenRequestContract, CreateTokenResponseContract, RevokeTokenResponseContract, scopeIdInQueryRequired, scopeTypeOrgInQueryRequired, TokenListResponseContract, TokenResponseContract, tokenSourceInQueryOptional, UpdateTokenRequestContract } from "../types";
+import type { CreateTokenRequestContract, CreateTokenResponseContract, limitInQueryOptional, pageInQueryOptional, RevokeTokenResponseContract, scopeIdInQueryRequired, scopeTypeOrgInQueryRequired, TokenListResponseContract, TokenResponseContract, tokenSourceInQueryOptional, UpdateTokenRequestContract } from "../types";
 export declare class TokensApi {
     private client;
     constructor(client: Client);
@@ -32,9 +32,10 @@ export declare class TokensApi {
     }): Promise<TokenResponseContract>;
     /**
      * List user's API tokens
-     * Retrieve a list of all API tokens for the authenticated user.
+     * Retrieve a paginated list of API tokens for the authenticated user.
      * Optionally filter by scope type and scope ID (both must be provided together).
-     * Optionally filter by token_source: manual (no client scope) or app (has client scope).
+     * Optionally filter by token_source: manual (user-created) or app (app-provisioned).
+     * Defaults to page=1 and limit=50 (max 100).
      *
      */
     listTokens(params: {
@@ -42,6 +43,8 @@ export declare class TokensApi {
             scope_type: scopeTypeOrgInQueryRequired;
             scope_id: scopeIdInQueryRequired;
             token_source?: tokenSourceInQueryOptional;
+            page?: pageInQueryOptional;
+            limit?: limitInQueryOptional;
         };
         headers?: Record<string, string>;
     }): Promise<TokenListResponseContract>;

package/dist/apis/TokensApi.js CHANGED Viewed

@@ -44,9 +44,10 @@ class TokensApi {
     }
     /**
      * List user's API tokens
-     * Retrieve a list of all API tokens for the authenticated user.
+     * Retrieve a paginated list of API tokens for the authenticated user.
      * Optionally filter by scope type and scope ID (both must be provided together).
-     * Optionally filter by token_source: manual (no client scope) or app (has client scope).
+     * Optionally filter by token_source: manual (user-created) or app (app-provisioned).
+     * Defaults to page=1 and limit=50 (max 100).
      *
      */
     async listTokens(params) {

package/dist/index.d.ts CHANGED Viewed

@@ -19,6 +19,7 @@ export { NotesApi } from "./apis/NotesApi";
 export { OrgGroupsApi } from "./apis/OrgGroupsApi";
 export { OrgUsersApi } from "./apis/OrgUsersApi";
 export { OrgsApi } from "./apis/OrgsApi";
+export { PortalFeatureContextApi } from "./apis/PortalFeatureContextApi";
 export { PortalsApi } from "./apis/PortalsApi";
 export { SystemApi } from "./apis/SystemApi";
 export { TokensApi } from "./apis/TokensApi";

package/dist/index.js CHANGED Viewed

@@ -19,7 +19,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.WorkspacesApi = exports.TokensApi = exports.SystemApi = exports.PortalsApi = exports.OrgsApi = exports.OrgUsersApi = exports.OrgGroupsApi = exports.NotesApi = exports.McpManagerApi = exports.IsolatedStoresApi = exports.HealthApi = exports.FusebaseAuthApi = exports.FilesApi = exports.EmailsApi = exports.BillingApi = exports.AppMagicLinksApi = exports.AppApisApi = exports.AccessApi = void 0;
+exports.WorkspacesApi = exports.TokensApi = exports.SystemApi = exports.PortalsApi = exports.PortalFeatureContextApi = exports.OrgsApi = exports.OrgUsersApi = exports.OrgGroupsApi = exports.NotesApi = exports.McpManagerApi = exports.IsolatedStoresApi = exports.HealthApi = exports.FusebaseAuthApi = exports.FilesApi = exports.EmailsApi = exports.BillingApi = exports.AppMagicLinksApi = exports.AppApisApi = exports.AccessApi = void 0;
 __exportStar(require("./runtime"), exports);
 __exportStar(require("./types"), exports);
 var AccessApi_1 = require("./apis/AccessApi");
@@ -50,6 +50,8 @@ var OrgUsersApi_1 = require("./apis/OrgUsersApi");
 Object.defineProperty(exports, "OrgUsersApi", { enumerable: true, get: function () { return OrgUsersApi_1.OrgUsersApi; } });
 var OrgsApi_1 = require("./apis/OrgsApi");
 Object.defineProperty(exports, "OrgsApi", { enumerable: true, get: function () { return OrgsApi_1.OrgsApi; } });
+var PortalFeatureContextApi_1 = require("./apis/PortalFeatureContextApi");
+Object.defineProperty(exports, "PortalFeatureContextApi", { enumerable: true, get: function () { return PortalFeatureContextApi_1.PortalFeatureContextApi; } });
 var PortalsApi_1 = require("./apis/PortalsApi");
 Object.defineProperty(exports, "PortalsApi", { enumerable: true, get: function () { return PortalsApi_1.PortalsApi; } });
 var SystemApi_1 = require("./apis/SystemApi");

package/dist/types/index.d.ts CHANGED Viewed

@@ -18,10 +18,11 @@ export * from "./note/note";
 export * from "./org-group/org-group";
 export type { CreateWorkspaceRequestContract, OrgInviteContract, OrgMagicLinkContract, OrgPortalContract, OrgPortalListResponseContract, OrgUserAddRequestContract, OrgUserAddResponseContract, OrgUserContract, OrgUserListResponseContract, OrgWorkspaceContract, OrgWorkspaceInviteContract, OrgWorkspaceListResponseContract, OrgWorkspaceMemberContract } from "./org-user/org-user";
 export * from "./orgs/orgs";
+export type { VerifyPortalFeatureContextTokenRequestContract, VerifyPortalFeatureContextTokenResponseContract } from "./portal-feature-context/portal-feature-context";
 export type { CreatePortalRequestContract, CreatePortalResponseContract, DuplicatePortalRequestContract, InviteToPortalRequestContract, InviteToPortalResponseContract, ListPortalContentResponseContract, PortalContentItemContract, PortalDetailContract, globalIdInPathRequired } from "./portals/portals";
 export * from "./shared/common";
 export * from "./shared/enums";
 export type { GetHealth200ResponseContract } from "./shared/health";
 export type { aliasInQueryOptional, aliasInQueryRequired, cacheStrategyInQueryOptional, copyDataInQueryRequired, copyRelationsInQueryRequired, copyTablesInQueryRequired, copyViewsInQueryRequired, createDefaultRowsInQuery, dashboardIdInPathRequired, databaseIdInQueryRequired, includeRows, limitInQueryOptional, mappingInQueryRequiredContract, nameInQueryOptional, orgIdInPathRequired, pageInQueryOptional, relationId, rootEntitiesInQueryOptional, rootEntityInQueryOptional, scopeIdInQueryRequired, scopeTypeInQueryRequired, scopeTypeOrgInQueryRequired, sectionKeyInQueryOptional, sectionKeyInQueryRequired, sectionTypeInQueryOptional, sectionTypeInQueryRequired, sourceDashboardIdInQueryRequired, sourceIndexInQueryRequired, targetDashboardIdInQueryRequired, templateIdInPathRequired, tokenSourceInQueryOptional, viewIdInPathRequired, viewIdInQueryOptional, viewIdInQueryRequired } from "./shared/parameters";
 export * from "./system/system";
-export type { CreateTokenRequestContract, CreateTokenResponseContract, ResourceScopeContract, ResourceScopeRuleContract, RevokeTokenResponseContract, TokenContract, TokenListResponseContract, TokenMetaContract, TokenMetaIssuerContract, TokenResponseContract, UpdateTokenRequestContract } from "./token/token";
+export * from "./token/token";

package/dist/types/index.js CHANGED Viewed

@@ -30,3 +30,4 @@ __exportStar(require("./orgs/orgs"), exports);
 __exportStar(require("./shared/common"), exports);
 __exportStar(require("./shared/enums"), exports);
 __exportStar(require("./system/system"), exports);
+__exportStar(require("./token/token"), exports);

package/dist/types/portal-feature-context/portal-feature-context.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+/**
+ * Request body for verifyPortalFeatureContextToken.
+ */
+export interface VerifyPortalFeatureContextTokenRequestContract {
+    /** JWT from iframe query `portalFeatureContextToken`. */
+    token: string;
+}
+/**
+ * Trusted portal/workspace context extracted from a verified embed token.
+ */
+export interface VerifyPortalFeatureContextTokenResponseContract {
+    portalId: string;
+    workspaceId: string;
+    /** Product id (legacy payload field `appId`). */
+    productId: string;
+    /** App (feature) id (legacy payload field `featureId`). */
+    appId: string;
+}

package/dist/types/portal-feature-context/portal-feature-context.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/types/token/token.d.ts CHANGED Viewed

@@ -18,6 +18,7 @@ export interface CreateTokenResponseContract {
         permissions: string[];
         expires_at?: Date | null;
         meta?: TokenMetaContract;
+        provisioning: TokenProvisioningContract;
         created_at: Date;
     };
 }
@@ -36,6 +37,13 @@ export interface TokenMetaIssuerContract {
 export interface TokenMetaContract {
     issuer?: TokenMetaIssuerContract;
 }
+export type TokenProvisioningContract = "manual" | "app";
+export interface TokenListPaginationContract {
+    page: number;
+    limit: number;
+    total: number;
+    total_pages: number;
+}
 export interface RevokeTokenResponseContract {
     success: boolean;
     message: string;
@@ -46,6 +54,7 @@ export interface TokenContract {
     permissions: PermissionContract[];
     scopes?: ScopeContract[];
     meta?: TokenMetaContract;
+    provisioning: TokenProvisioningContract;
     expires_at?: Date | null;
     last_used_at?: Date | null;
     created_at: Date;
@@ -54,6 +63,11 @@ export interface TokenListResponseContract {
     success: boolean;
     message?: string | null;
     data: TokenContract[];
+    pagination: TokenListPaginationContract;
+}
+export interface RevokeTokenResponseContract {
+    success: boolean;
+    message: string;
 }
 export interface TokenResponseContract {
     success: boolean;
@@ -66,3 +80,7 @@ export interface UpdateTokenRequestContract {
     expires_at?: Date | null;
     meta?: TokenMetaContract;
 }
+export declare const TokenProvisioningContract: {
+    readonly Manual: "manual";
+    readonly App: "app";
+};

package/dist/types/token/token.js CHANGED Viewed

@@ -1,2 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenProvisioningContract = void 0;
+exports.TokenProvisioningContract = {
+    Manual: "manual",
+    App: "app"
+};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fusebase/fusebase-gate-sdk",
-  "version": "2.3.4",
+  "version": "2.3.5-sdk.1",
   "description": "TypeScript SDK for Fusebase Gate APIs - Generated from contract introspection",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",

package/release-notes/2.3.5-sdk.1.md ADDED Viewed

@@ -0,0 +1,9 @@
+# Release Notes 2.3.5-sdk.1
+- Current ref: `HEAD`
+- Previous tag: `v2.3.5-sdk.1`
+- Generated at: 2026-06-19T14:06:51.869Z
+## Included Drafts
+- None

package/release-notes/latest.md CHANGED Viewed

@@ -1,8 +1,8 @@
-# Release Notes 2.3.4
+# Release Notes 2.3.5-sdk.1
 - Current ref: `HEAD`
-- Previous tag: `v2.3.4`
-- Generated at: 2026-06-18T10:05:46.606Z
+- Previous tag: `v2.3.5-sdk.1`
+- Generated at: 2026-06-19T14:06:51.869Z
 ## Included Drafts

package/release-notes/2.3.4-sdk.0.md DELETED Viewed

@@ -1,46 +0,0 @@
-# Release Notes 2.3.4-sdk.0
-- Current ref: `HEAD`
-- Previous tag: `v2.3.3`
-- Generated at: 2026-06-16T14:35:42.698Z
-## Included Drafts
-- `docs/release-notes/2026-06-16-token-rls-bypass-permission-validation.md` - Token creation accepts isolated_store RLS break-glass permissions
-## Summary
-### Token creation accepts isolated_store RLS break-glass permissions
-Fix token creation rejecting `isolated_store.rls.bypass` and `isolated_store.rls.delegate` with `Invalid permission` even though they are part of the Gate permission catalog.
-## API / SDK Changes
-### Token creation accepts isolated_store RLS break-glass permissions
-- No API contract changes.
-- Token `POST` now accepts all permissions from the Gate catalog, including `isolated_store.rls.bypass` and `isolated_store.rls.delegate`.
-## Consumer Impact
-### Token creation accepts isolated_store RLS break-glass permissions
-- Studio and other token-creation UIs can include RLS break-glass permissions when issuing owner/manager tokens.
-- No migration or config changes required.
-## Verification
-### Token creation accepts isolated_store RLS break-glass permissions
-- `npm test -- tests/unit/permissions.test.ts`
-- Create a token via `POST /tokens` with `isolated_store.rls.bypass` in `permissions`.
-## Follow-ups
-### Token creation accepts isolated_store RLS break-glass permissions
-- None.

package/release-notes/2.3.4.md DELETED Viewed

@@ -1,9 +0,0 @@
-# Release Notes 2.3.4
-- Current ref: `HEAD`
-- Previous tag: `v2.3.4`
-- Generated at: 2026-06-18T10:05:46.606Z
-## Included Drafts
-- None