@fuzdev/fuz_app 0.30.0 → 0.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions/CLAUDE.md +630 -0
- package/dist/actions/action_rpc.d.ts +29 -0
- package/dist/actions/action_rpc.d.ts.map +1 -1
- package/dist/actions/action_rpc.js +42 -6
- package/dist/actions/action_types.d.ts +2 -2
- package/dist/actions/cancel.d.ts +12 -13
- package/dist/actions/cancel.d.ts.map +1 -1
- package/dist/actions/cancel.js +10 -13
- package/dist/actions/heartbeat.d.ts +8 -13
- package/dist/actions/heartbeat.d.ts.map +1 -1
- package/dist/actions/heartbeat.js +5 -8
- package/dist/actions/register_action_ws.d.ts +3 -3
- package/dist/actions/register_action_ws.js +2 -2
- package/dist/actions/register_ws_endpoint.d.ts +4 -4
- package/dist/actions/register_ws_endpoint.d.ts.map +1 -1
- package/dist/actions/register_ws_endpoint.js +3 -3
- package/dist/actions/socket.svelte.d.ts +16 -16
- package/dist/actions/socket.svelte.d.ts.map +1 -1
- package/dist/actions/socket.svelte.js +15 -15
- package/dist/actions/transports_ws_auth_guard.d.ts.map +1 -1
- package/dist/auth/CLAUDE.md +923 -0
- package/dist/auth/account_action_specs.d.ts +216 -0
- package/dist/auth/account_action_specs.d.ts.map +1 -0
- package/dist/auth/account_action_specs.js +159 -0
- package/dist/auth/account_actions.d.ts +51 -0
- package/dist/auth/account_actions.d.ts.map +1 -0
- package/dist/auth/account_actions.js +119 -0
- package/dist/auth/account_queries.d.ts +6 -2
- package/dist/auth/account_queries.d.ts.map +1 -1
- package/dist/auth/account_queries.js +40 -4
- package/dist/auth/account_routes.d.ts +94 -16
- package/dist/auth/account_routes.d.ts.map +1 -1
- package/dist/auth/account_routes.js +108 -180
- package/dist/auth/account_schema.d.ts +85 -30
- package/dist/auth/account_schema.d.ts.map +1 -1
- package/dist/auth/account_schema.js +40 -8
- package/dist/auth/admin_action_specs.d.ts +674 -0
- package/dist/auth/admin_action_specs.d.ts.map +1 -0
- package/dist/auth/admin_action_specs.js +287 -0
- package/dist/auth/admin_actions.d.ts +69 -0
- package/dist/auth/admin_actions.d.ts.map +1 -0
- package/dist/auth/admin_actions.js +256 -0
- package/dist/auth/api_token.d.ts +10 -0
- package/dist/auth/api_token.d.ts.map +1 -1
- package/dist/auth/api_token.js +9 -0
- package/dist/auth/api_token_queries.d.ts +3 -3
- package/dist/auth/api_token_queries.js +3 -3
- package/dist/auth/app_settings_schema.d.ts +4 -3
- package/dist/auth/app_settings_schema.d.ts.map +1 -1
- package/dist/auth/app_settings_schema.js +2 -1
- package/dist/auth/audit_log_routes.d.ts +14 -6
- package/dist/auth/audit_log_routes.d.ts.map +1 -1
- package/dist/auth/audit_log_routes.js +22 -79
- package/dist/auth/audit_log_schema.d.ts +100 -29
- package/dist/auth/audit_log_schema.d.ts.map +1 -1
- package/dist/auth/audit_log_schema.js +83 -11
- package/dist/auth/bootstrap_routes.d.ts +14 -0
- package/dist/auth/bootstrap_routes.d.ts.map +1 -1
- package/dist/auth/bootstrap_routes.js +10 -3
- package/dist/auth/cleanup.d.ts +63 -0
- package/dist/auth/cleanup.d.ts.map +1 -0
- package/dist/auth/cleanup.js +80 -0
- package/dist/auth/invite_schema.d.ts +11 -10
- package/dist/auth/invite_schema.d.ts.map +1 -1
- package/dist/auth/invite_schema.js +4 -3
- package/dist/auth/migrations.d.ts +6 -0
- package/dist/auth/migrations.d.ts.map +1 -1
- package/dist/auth/migrations.js +28 -0
- package/dist/auth/permit_offer_action_specs.d.ts +364 -0
- package/dist/auth/permit_offer_action_specs.d.ts.map +1 -0
- package/dist/auth/permit_offer_action_specs.js +216 -0
- package/dist/auth/permit_offer_actions.d.ts +96 -0
- package/dist/auth/permit_offer_actions.d.ts.map +1 -0
- package/dist/auth/permit_offer_actions.js +428 -0
- package/dist/auth/permit_offer_notifications.d.ts +361 -0
- package/dist/auth/permit_offer_notifications.d.ts.map +1 -0
- package/dist/auth/permit_offer_notifications.js +179 -0
- package/dist/auth/permit_offer_queries.d.ts +165 -0
- package/dist/auth/permit_offer_queries.d.ts.map +1 -0
- package/dist/auth/permit_offer_queries.js +390 -0
- package/dist/auth/permit_offer_schema.d.ts +103 -0
- package/dist/auth/permit_offer_schema.d.ts.map +1 -0
- package/dist/auth/permit_offer_schema.js +142 -0
- package/dist/auth/permit_queries.d.ts +77 -14
- package/dist/auth/permit_queries.d.ts.map +1 -1
- package/dist/auth/permit_queries.js +119 -24
- package/dist/auth/session_queries.d.ts +4 -2
- package/dist/auth/session_queries.d.ts.map +1 -1
- package/dist/auth/session_queries.js +4 -2
- package/dist/auth/signup_routes.d.ts +13 -0
- package/dist/auth/signup_routes.d.ts.map +1 -1
- package/dist/auth/signup_routes.js +14 -7
- package/dist/http/CLAUDE.md +584 -0
- package/dist/http/pending_effects.d.ts +29 -0
- package/dist/http/pending_effects.d.ts.map +1 -0
- package/dist/http/pending_effects.js +31 -0
- package/dist/http/route_spec.d.ts.map +1 -1
- package/dist/http/route_spec.js +4 -3
- package/dist/rate_limiter.d.ts +30 -0
- package/dist/rate_limiter.d.ts.map +1 -1
- package/dist/rate_limiter.js +25 -2
- package/dist/realtime/sse_auth_guard.d.ts +2 -0
- package/dist/realtime/sse_auth_guard.d.ts.map +1 -1
- package/dist/realtime/sse_auth_guard.js +5 -3
- package/dist/testing/CLAUDE.md +668 -1
- package/dist/testing/admin_integration.d.ts +10 -7
- package/dist/testing/admin_integration.d.ts.map +1 -1
- package/dist/testing/admin_integration.js +382 -482
- package/dist/testing/app_server.d.ts +7 -6
- package/dist/testing/app_server.d.ts.map +1 -1
- package/dist/testing/attack_surface.d.ts +9 -3
- package/dist/testing/attack_surface.d.ts.map +1 -1
- package/dist/testing/attack_surface.js +4 -4
- package/dist/testing/audit_completeness.d.ts +6 -0
- package/dist/testing/audit_completeness.d.ts.map +1 -1
- package/dist/testing/audit_completeness.js +158 -134
- package/dist/testing/auth_apps.d.ts.map +1 -1
- package/dist/testing/auth_apps.js +4 -33
- package/dist/testing/db.d.ts +1 -1
- package/dist/testing/db.d.ts.map +1 -1
- package/dist/testing/db.js +2 -0
- package/dist/testing/entities.d.ts +35 -13
- package/dist/testing/entities.d.ts.map +1 -1
- package/dist/testing/entities.js +17 -0
- package/dist/testing/integration.d.ts +10 -0
- package/dist/testing/integration.d.ts.map +1 -1
- package/dist/testing/integration.js +352 -340
- package/dist/testing/integration_helpers.d.ts +16 -5
- package/dist/testing/integration_helpers.d.ts.map +1 -1
- package/dist/testing/integration_helpers.js +24 -4
- package/dist/testing/rate_limiting.d.ts +7 -0
- package/dist/testing/rate_limiting.d.ts.map +1 -1
- package/dist/testing/rate_limiting.js +41 -10
- package/dist/testing/rpc_helpers.d.ts +153 -1
- package/dist/testing/rpc_helpers.d.ts.map +1 -1
- package/dist/testing/rpc_helpers.js +184 -8
- package/dist/testing/sse_round_trip.d.ts +8 -0
- package/dist/testing/sse_round_trip.d.ts.map +1 -1
- package/dist/testing/sse_round_trip.js +10 -3
- package/dist/testing/standard.d.ts +9 -1
- package/dist/testing/standard.d.ts.map +1 -1
- package/dist/testing/standard.js +6 -2
- package/dist/testing/surface_invariants.d.ts +7 -3
- package/dist/testing/surface_invariants.d.ts.map +1 -1
- package/dist/testing/surface_invariants.js +5 -4
- package/dist/testing/ws_round_trip.d.ts.map +1 -1
- package/dist/testing/ws_round_trip.js +9 -38
- package/dist/ui/AccountSessions.svelte +8 -4
- package/dist/ui/AccountSessions.svelte.d.ts.map +1 -1
- package/dist/ui/AdminAccounts.svelte +61 -33
- package/dist/ui/AdminAccounts.svelte.d.ts.map +1 -1
- package/dist/ui/AdminAuditLog.svelte +3 -2
- package/dist/ui/AdminAuditLog.svelte.d.ts.map +1 -1
- package/dist/ui/AdminInvites.svelte +3 -2
- package/dist/ui/AdminInvites.svelte.d.ts.map +1 -1
- package/dist/ui/AdminOverview.svelte +14 -9
- package/dist/ui/AdminOverview.svelte.d.ts.map +1 -1
- package/dist/ui/AdminPermitHistory.svelte +3 -2
- package/dist/ui/AdminPermitHistory.svelte.d.ts.map +1 -1
- package/dist/ui/AdminSessions.svelte +29 -25
- package/dist/ui/AdminSessions.svelte.d.ts.map +1 -1
- package/dist/ui/CLAUDE.md +351 -0
- package/dist/ui/OpenSignupToggle.svelte +6 -3
- package/dist/ui/OpenSignupToggle.svelte.d.ts.map +1 -1
- package/dist/ui/PermitOfferForm.svelte +141 -0
- package/dist/ui/PermitOfferForm.svelte.d.ts +14 -0
- package/dist/ui/PermitOfferForm.svelte.d.ts.map +1 -0
- package/dist/ui/PermitOfferHistory.svelte +109 -0
- package/dist/ui/PermitOfferHistory.svelte.d.ts +11 -0
- package/dist/ui/PermitOfferHistory.svelte.d.ts.map +1 -0
- package/dist/ui/PermitOfferInbox.svelte +121 -0
- package/dist/ui/PermitOfferInbox.svelte.d.ts +12 -0
- package/dist/ui/PermitOfferInbox.svelte.d.ts.map +1 -0
- package/dist/ui/account_sessions_state.svelte.d.ts +53 -3
- package/dist/ui/account_sessions_state.svelte.d.ts.map +1 -1
- package/dist/ui/account_sessions_state.svelte.js +39 -16
- package/dist/ui/admin_accounts_state.svelte.d.ts +118 -2
- package/dist/ui/admin_accounts_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_accounts_state.svelte.js +99 -23
- package/dist/ui/admin_invites_state.svelte.d.ts +47 -1
- package/dist/ui/admin_invites_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_invites_state.svelte.js +38 -26
- package/dist/ui/admin_sessions_state.svelte.d.ts +26 -0
- package/dist/ui/admin_sessions_state.svelte.d.ts.map +1 -1
- package/dist/ui/admin_sessions_state.svelte.js +35 -21
- package/dist/ui/app_settings_state.svelte.d.ts +39 -0
- package/dist/ui/app_settings_state.svelte.d.ts.map +1 -1
- package/dist/ui/app_settings_state.svelte.js +34 -18
- package/dist/ui/audit_log_state.svelte.d.ts +40 -3
- package/dist/ui/audit_log_state.svelte.d.ts.map +1 -1
- package/dist/ui/audit_log_state.svelte.js +36 -42
- package/dist/ui/auth_state.svelte.d.ts +4 -3
- package/dist/ui/auth_state.svelte.d.ts.map +1 -1
- package/dist/ui/auth_state.svelte.js +4 -1
- package/dist/ui/permit_offers_state.svelte.d.ts +125 -0
- package/dist/ui/permit_offers_state.svelte.d.ts.map +1 -0
- package/dist/ui/permit_offers_state.svelte.js +197 -0
- package/package.json +3 -3
- package/dist/auth/admin_routes.d.ts +0 -29
- package/dist/auth/admin_routes.d.ts.map +0 -1
- package/dist/auth/admin_routes.js +0 -226
- package/dist/auth/app_settings_routes.d.ts +0 -27
- package/dist/auth/app_settings_routes.d.ts.map +0 -1
- package/dist/auth/app_settings_routes.js +0 -66
- package/dist/auth/invite_routes.d.ts +0 -18
- package/dist/auth/invite_routes.d.ts.map +0 -1
- package/dist/auth/invite_routes.js +0 -129
|
@@ -1,66 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Admin app settings route specs.
|
|
3
|
-
*
|
|
4
|
-
* GET and PATCH routes for managing global app settings (e.g. open signup toggle).
|
|
5
|
-
* All routes require the `admin` role.
|
|
6
|
-
*
|
|
7
|
-
* @module
|
|
8
|
-
*/
|
|
9
|
-
import { z } from 'zod';
|
|
10
|
-
import { get_route_input } from '../http/route_spec.js';
|
|
11
|
-
import { require_request_context } from './request_context.js';
|
|
12
|
-
import { get_client_ip } from '../http/proxy.js';
|
|
13
|
-
import { audit_log_fire_and_forget } from './audit_log_queries.js';
|
|
14
|
-
import { query_app_settings_load_with_username, query_app_settings_update, } from './app_settings_queries.js';
|
|
15
|
-
import { AppSettingsWithUsernameJson, UpdateAppSettingsInput, } from './app_settings_schema.js';
|
|
16
|
-
/**
|
|
17
|
-
* Create admin app settings route specs.
|
|
18
|
-
*
|
|
19
|
-
* @param deps - stateless capabilities (log, on_audit_event)
|
|
20
|
-
* @param options - per-factory configuration
|
|
21
|
-
* @returns route specs for app settings management
|
|
22
|
-
*/
|
|
23
|
-
export const create_app_settings_route_specs = (deps, options) => {
|
|
24
|
-
const { app_settings } = options;
|
|
25
|
-
return [
|
|
26
|
-
{
|
|
27
|
-
method: 'GET',
|
|
28
|
-
path: '/settings',
|
|
29
|
-
auth: { type: 'role', role: 'admin' },
|
|
30
|
-
description: 'Get app settings',
|
|
31
|
-
input: z.null(),
|
|
32
|
-
output: z.strictObject({ settings: AppSettingsWithUsernameJson }),
|
|
33
|
-
handler: async (c, route) => {
|
|
34
|
-
const settings = await query_app_settings_load_with_username(route);
|
|
35
|
-
return c.json({ settings });
|
|
36
|
-
},
|
|
37
|
-
},
|
|
38
|
-
{
|
|
39
|
-
method: 'PATCH',
|
|
40
|
-
path: '/settings',
|
|
41
|
-
auth: { type: 'role', role: 'admin' },
|
|
42
|
-
description: 'Update app settings',
|
|
43
|
-
input: UpdateAppSettingsInput,
|
|
44
|
-
output: z.strictObject({ ok: z.literal(true), settings: AppSettingsWithUsernameJson }),
|
|
45
|
-
handler: async (c, route) => {
|
|
46
|
-
const ctx = require_request_context(c);
|
|
47
|
-
const { open_signup } = get_route_input(c);
|
|
48
|
-
const old_value = app_settings.open_signup;
|
|
49
|
-
const updated = await query_app_settings_update(route, open_signup, ctx.actor.id);
|
|
50
|
-
// Mutate the in-memory ref so GET reads are consistent
|
|
51
|
-
app_settings.open_signup = updated.open_signup;
|
|
52
|
-
app_settings.updated_at = updated.updated_at;
|
|
53
|
-
app_settings.updated_by = updated.updated_by;
|
|
54
|
-
void audit_log_fire_and_forget(route, {
|
|
55
|
-
event_type: 'app_settings_update',
|
|
56
|
-
actor_id: ctx.actor.id,
|
|
57
|
-
account_id: ctx.account.id,
|
|
58
|
-
ip: get_client_ip(c),
|
|
59
|
-
metadata: { setting: 'open_signup', old_value, new_value: open_signup },
|
|
60
|
-
}, deps.log, deps.on_audit_event);
|
|
61
|
-
const settings_with_username = await query_app_settings_load_with_username(route);
|
|
62
|
-
return c.json({ ok: true, settings: settings_with_username });
|
|
63
|
-
},
|
|
64
|
-
},
|
|
65
|
-
];
|
|
66
|
-
};
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Admin invite route specs for invite-based signup.
|
|
3
|
-
*
|
|
4
|
-
* All routes require the `admin` role. Provides CRUD for invites
|
|
5
|
-
* that gate who can sign up.
|
|
6
|
-
*
|
|
7
|
-
* @module
|
|
8
|
-
*/
|
|
9
|
-
import { type RouteSpec } from '../http/route_spec.js';
|
|
10
|
-
import type { RouteFactoryDeps } from './deps.js';
|
|
11
|
-
/**
|
|
12
|
-
* Create admin invite route specs.
|
|
13
|
-
*
|
|
14
|
-
* @param deps - stateless capabilities (log)
|
|
15
|
-
* @returns route specs for invite management
|
|
16
|
-
*/
|
|
17
|
-
export declare const create_invite_route_specs: (deps: Pick<RouteFactoryDeps, "log" | "on_audit_event">) => Array<RouteSpec>;
|
|
18
|
-
//# sourceMappingURL=invite_routes.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"invite_routes.d.ts","sourceRoot":"../src/lib/","sources":["../../src/lib/auth/invite_routes.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,EAAoC,KAAK,SAAS,EAAC,MAAM,uBAAuB,CAAC;AAYxF,OAAO,KAAK,EAAC,gBAAgB,EAAC,MAAM,WAAW,CAAC;AAUhD;;;;;GAKG;AACH,eAAO,MAAM,yBAAyB,GACrC,MAAM,IAAI,CAAC,gBAAgB,EAAE,KAAK,GAAG,gBAAgB,CAAC,KACpD,KAAK,CAAC,SAAS,CAwHjB,CAAC"}
|
|
@@ -1,129 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Admin invite route specs for invite-based signup.
|
|
3
|
-
*
|
|
4
|
-
* All routes require the `admin` role. Provides CRUD for invites
|
|
5
|
-
* that gate who can sign up.
|
|
6
|
-
*
|
|
7
|
-
* @module
|
|
8
|
-
*/
|
|
9
|
-
import { z } from 'zod';
|
|
10
|
-
import { get_route_input, get_route_params } from '../http/route_spec.js';
|
|
11
|
-
import { require_request_context } from './request_context.js';
|
|
12
|
-
import { get_client_ip } from '../http/proxy.js';
|
|
13
|
-
import { audit_log_fire_and_forget } from './audit_log_queries.js';
|
|
14
|
-
import { query_account_by_username, query_account_by_email } from './account_queries.js';
|
|
15
|
-
import { query_create_invite, query_invite_list_all_with_usernames, query_invite_delete_unclaimed, } from './invite_queries.js';
|
|
16
|
-
import { InviteJson, InviteWithUsernamesJson } from './invite_schema.js';
|
|
17
|
-
import { Username, Email } from './account_schema.js';
|
|
18
|
-
import { is_pg_unique_violation } from '../db/pg_error.js';
|
|
19
|
-
import { ERROR_INVITE_NOT_FOUND, ERROR_INVITE_MISSING_IDENTIFIER, ERROR_INVITE_DUPLICATE, ERROR_INVITE_ACCOUNT_EXISTS_USERNAME, ERROR_INVITE_ACCOUNT_EXISTS_EMAIL, } from '../http/error_schemas.js';
|
|
20
|
-
/**
|
|
21
|
-
* Create admin invite route specs.
|
|
22
|
-
*
|
|
23
|
-
* @param deps - stateless capabilities (log)
|
|
24
|
-
* @returns route specs for invite management
|
|
25
|
-
*/
|
|
26
|
-
export const create_invite_route_specs = (deps) => {
|
|
27
|
-
return [
|
|
28
|
-
{
|
|
29
|
-
method: 'POST',
|
|
30
|
-
path: '/invites',
|
|
31
|
-
auth: { type: 'role', role: 'admin' },
|
|
32
|
-
description: 'Create an invite',
|
|
33
|
-
input: z.strictObject({
|
|
34
|
-
email: Email.nullish(),
|
|
35
|
-
username: Username.nullish(),
|
|
36
|
-
}),
|
|
37
|
-
output: z.strictObject({ ok: z.literal(true), invite: InviteJson }),
|
|
38
|
-
errors: {
|
|
39
|
-
400: z.looseObject({ error: z.literal(ERROR_INVITE_MISSING_IDENTIFIER) }),
|
|
40
|
-
409: z.looseObject({
|
|
41
|
-
error: z.enum([
|
|
42
|
-
ERROR_INVITE_DUPLICATE,
|
|
43
|
-
ERROR_INVITE_ACCOUNT_EXISTS_USERNAME,
|
|
44
|
-
ERROR_INVITE_ACCOUNT_EXISTS_EMAIL,
|
|
45
|
-
]),
|
|
46
|
-
}),
|
|
47
|
-
},
|
|
48
|
-
handler: async (c, route) => {
|
|
49
|
-
const ctx = require_request_context(c);
|
|
50
|
-
const { email, username } = get_route_input(c);
|
|
51
|
-
if (!email && !username) {
|
|
52
|
-
return c.json({ error: ERROR_INVITE_MISSING_IDENTIFIER }, 400);
|
|
53
|
-
}
|
|
54
|
-
if (username) {
|
|
55
|
-
const existing = await query_account_by_username(route, username);
|
|
56
|
-
if (existing) {
|
|
57
|
-
return c.json({ error: ERROR_INVITE_ACCOUNT_EXISTS_USERNAME }, 409);
|
|
58
|
-
}
|
|
59
|
-
}
|
|
60
|
-
if (email) {
|
|
61
|
-
const existing = await query_account_by_email(route, email);
|
|
62
|
-
if (existing) {
|
|
63
|
-
return c.json({ error: ERROR_INVITE_ACCOUNT_EXISTS_EMAIL }, 409);
|
|
64
|
-
}
|
|
65
|
-
}
|
|
66
|
-
let invite;
|
|
67
|
-
try {
|
|
68
|
-
invite = await query_create_invite(route, {
|
|
69
|
-
email: email ?? null,
|
|
70
|
-
username: username ?? null,
|
|
71
|
-
created_by: ctx.actor.id,
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
catch (e) {
|
|
75
|
-
if (is_pg_unique_violation(e)) {
|
|
76
|
-
return c.json({ error: ERROR_INVITE_DUPLICATE }, 409);
|
|
77
|
-
}
|
|
78
|
-
throw e;
|
|
79
|
-
}
|
|
80
|
-
void audit_log_fire_and_forget(route, {
|
|
81
|
-
event_type: 'invite_create',
|
|
82
|
-
actor_id: ctx.actor.id,
|
|
83
|
-
account_id: ctx.account.id,
|
|
84
|
-
ip: get_client_ip(c),
|
|
85
|
-
metadata: { invite_id: invite.id, email: email ?? null, username: username ?? null },
|
|
86
|
-
}, deps.log, deps.on_audit_event);
|
|
87
|
-
return c.json({ ok: true, invite });
|
|
88
|
-
},
|
|
89
|
-
},
|
|
90
|
-
{
|
|
91
|
-
method: 'GET',
|
|
92
|
-
path: '/invites',
|
|
93
|
-
auth: { type: 'role', role: 'admin' },
|
|
94
|
-
description: 'List all invites',
|
|
95
|
-
input: z.null(),
|
|
96
|
-
output: z.strictObject({ invites: z.array(InviteWithUsernamesJson) }),
|
|
97
|
-
handler: async (c, route) => {
|
|
98
|
-
const invites = await query_invite_list_all_with_usernames(route);
|
|
99
|
-
return c.json({ invites });
|
|
100
|
-
},
|
|
101
|
-
},
|
|
102
|
-
{
|
|
103
|
-
method: 'DELETE',
|
|
104
|
-
path: '/invites/:id',
|
|
105
|
-
auth: { type: 'role', role: 'admin' },
|
|
106
|
-
description: 'Delete an unclaimed invite',
|
|
107
|
-
params: z.strictObject({ id: z.uuid() }),
|
|
108
|
-
input: z.null(),
|
|
109
|
-
output: z.strictObject({ ok: z.literal(true) }),
|
|
110
|
-
errors: { 404: z.looseObject({ error: z.literal(ERROR_INVITE_NOT_FOUND) }) },
|
|
111
|
-
handler: async (c, route) => {
|
|
112
|
-
const { id } = get_route_params(c);
|
|
113
|
-
const deleted = await query_invite_delete_unclaimed(route, id);
|
|
114
|
-
if (!deleted) {
|
|
115
|
-
return c.json({ error: ERROR_INVITE_NOT_FOUND }, 404);
|
|
116
|
-
}
|
|
117
|
-
const ctx = require_request_context(c);
|
|
118
|
-
void audit_log_fire_and_forget(route, {
|
|
119
|
-
event_type: 'invite_delete',
|
|
120
|
-
actor_id: ctx.actor.id,
|
|
121
|
-
account_id: ctx.account.id,
|
|
122
|
-
ip: get_client_ip(c),
|
|
123
|
-
metadata: { invite_id: id },
|
|
124
|
-
}, deps.log, deps.on_audit_event);
|
|
125
|
-
return c.json({ ok: true });
|
|
126
|
-
},
|
|
127
|
-
},
|
|
128
|
-
];
|
|
129
|
-
};
|