npm - @innvoid/getmarket-sdk - Versions diffs - 0.2.7 → 0.2.9 - Mend

@innvoid/getmarket-sdk 0.2.7 → 0.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/chunk-HNOUEVHW.js +410 -0
package/dist/chunk-HNOUEVHW.js.map +1 -0
package/dist/express.d.cts +1 -1
package/dist/express.d.ts +1 -1
package/dist/index.cjs +282 -342
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +11 -24
package/dist/index.d.ts +11 -24
package/dist/index.js +196 -15
package/dist/index.js.map +1 -1
package/dist/middlewares/index.cjs +88 -204
package/dist/middlewares/index.cjs.map +1 -1
package/dist/middlewares/index.d.cts +34 -40
package/dist/middlewares/index.d.ts +34 -40
package/dist/middlewares/index.js +1 -1
package/dist/{types-CRECQuHp.d.cts → types-Cc_McZgD.d.cts} +12 -10
package/dist/{types-CRECQuHp.d.ts → types-Cc_McZgD.d.ts} +12 -10
package/package.json +2 -2
package/dist/chunk-WM2QICZQ.js +0 -666
package/dist/chunk-WM2QICZQ.js.map +0 -1

package/dist/middlewares/index.d.cts CHANGED Viewed

@@ -15,73 +15,67 @@ declare function internalAuth(req: Request, res: Response, next: NextFunction):
 declare function sendOk<T>(_req: Request, res: Response, data: T, statusCode?: number): Response<any, Record<string, any>>;
 declare function sendError(_req: Request, res: Response, statusCode: number, code: string, message: string, details?: any): Response<any, Record<string, any>>;
-/**
- * 401 si no existe req.auth (contexto auth).
- * Útil para proteger rutas donde SIEMPRE debe existir auth.
- */
 declare function requireAuthContext(): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere TODOS los permisos indicados.
- * Regla: denied_permissions siempre gana sobre permissions.
- *
- * options:
- *  - sysAdminBypass: default true
- *  - sysAdminRole: default "SYS_ADMIN"
- */
 declare function requirePermissions(perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere AL MENOS 1 permiso de la lista (ANY/OR).
- * Regla: denied_permissions siempre gana.
- */
 declare function requireAnyPermission(perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere al menos 1 rol (ANY/OR).
- * options:
- *  - sysAdminBypass: default true
- *  - sysAdminRole: default "SYS_ADMIN"
- */
 declare function requireRoles(roles: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere (roles ANY) OR (permissions ANY).
- * deny_permissions siempre gana sobre permissions.
- */
 declare function requireRolesOrAnyPermission(roles: string[], perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
+type GuardOptions = {
+    /**
+     * Middleware(s) de autenticación del microservicio.
+     * Ej:
+     *   allowSysAdminOrAnyPermission(["sale.read"], { auth: authEmployeeRequired })
+     */
+    auth?: RequestHandler | RequestHandler[];
+    /**
+     * Si true, agrega parseHeaders automáticamente.
+     * Default: true
+     */
+    includeParseHeaders?: boolean;
+    /**
+     * Rol que representa SysAdmin.
+     * Default: SYS_ADMIN
+     */
+    sysAdminRole?: string;
+    /**
+     * Si false, desactiva bypass por SysAdmin.
+     * Default: true
+     */
+    sysAdminBypass?: boolean;
+};
 /**
- * ✅ SysAdmin bypass OR (ANY) permissions
- * - Si tiene alguno de los permisos => OK
- * - denied_permissions gana siempre
+ * SYS_ADMIN bypass OR ANY permission
  */
-declare function allowSysAdminOrAnyPermission(...perms: string[]): RequestHandler[];
+declare function allowSysAdminOrAnyPermission(perms: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SysAdmin bypass OR (ALL) permissions (AND)
+ * SYS_ADMIN bypass OR ALL permissions
  */
-declare function allowSysAdminOrPermissionsAll(...perms: string[]): RequestHandler[];
+declare function allowSysAdminOrPermissionsAll(perms: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SysAdmin bypass OR roles (ANY)
+ * SYS_ADMIN bypass OR ANY role
  */
-declare function allowSysAdminOrRoles(...roles: string[]): RequestHandler[];
+declare function allowSysAdminOrRoles(roles: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SYS_ADMIN bypass OR (ANY) roles OR (ANY) permissions
- * - denied_permissions siempre gana
+ * SYS_ADMIN bypass OR (roles ANY) OR (permissions ANY)
+ * denied_permissions siempre gana
  */
-declare function allowSysAdminOrRolesOrAnyPermission(roles: string | string[], permissions: string | string[]): RequestHandler[];
+declare function allowSysAdminOrRolesOrAnyPermission(roles: string | string[], permissions: string | string[], options?: GuardOptions): RequestHandler[];
 /**
- * ✅ Helper específico Auth:
- * Rol AUTH_ADMIN o permiso fino (y SYS_ADMIN bypass)
+ * Helper típico para AUTH backoffice
  */
-declare function allowAuthAdminOrPerm(permission: string): RequestHandler[];
+declare function allowAuthAdminOrPerm(permission: string, options?: GuardOptions): RequestHandler[];
 export { allowAuthAdminOrPerm, allowSysAdminOrAnyPermission, allowSysAdminOrPermissionsAll, allowSysAdminOrRoles, allowSysAdminOrRolesOrAnyPermission, internalAuth, parseHeaders, requestId, requireAnyPermission, requireAuthContext, requirePermissions, requireRoles, requireRolesOrAnyPermission, sendError, sendOk };

package/dist/middlewares/index.d.ts CHANGED Viewed

@@ -15,73 +15,67 @@ declare function internalAuth(req: Request, res: Response, next: NextFunction):
 declare function sendOk<T>(_req: Request, res: Response, data: T, statusCode?: number): Response<any, Record<string, any>>;
 declare function sendError(_req: Request, res: Response, statusCode: number, code: string, message: string, details?: any): Response<any, Record<string, any>>;
-/**
- * 401 si no existe req.auth (contexto auth).
- * Útil para proteger rutas donde SIEMPRE debe existir auth.
- */
 declare function requireAuthContext(): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere TODOS los permisos indicados.
- * Regla: denied_permissions siempre gana sobre permissions.
- *
- * options:
- *  - sysAdminBypass: default true
- *  - sysAdminRole: default "SYS_ADMIN"
- */
 declare function requirePermissions(perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere AL MENOS 1 permiso de la lista (ANY/OR).
- * Regla: denied_permissions siempre gana.
- */
 declare function requireAnyPermission(perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere al menos 1 rol (ANY/OR).
- * options:
- *  - sysAdminBypass: default true
- *  - sysAdminRole: default "SYS_ADMIN"
- */
 declare function requireRoles(roles: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
-/**
- * Requiere (roles ANY) OR (permissions ANY).
- * deny_permissions siempre gana sobre permissions.
- */
 declare function requireRolesOrAnyPermission(roles: string[], perms: string[], options?: {
     sysAdminBypass?: boolean;
     sysAdminRole?: string;
 }): (req: Request, res: Response, next: NextFunction) => void | Response<any, Record<string, any>>;
+type GuardOptions = {
+    /**
+     * Middleware(s) de autenticación del microservicio.
+     * Ej:
+     *   allowSysAdminOrAnyPermission(["sale.read"], { auth: authEmployeeRequired })
+     */
+    auth?: RequestHandler | RequestHandler[];
+    /**
+     * Si true, agrega parseHeaders automáticamente.
+     * Default: true
+     */
+    includeParseHeaders?: boolean;
+    /**
+     * Rol que representa SysAdmin.
+     * Default: SYS_ADMIN
+     */
+    sysAdminRole?: string;
+    /**
+     * Si false, desactiva bypass por SysAdmin.
+     * Default: true
+     */
+    sysAdminBypass?: boolean;
+};
 /**
- * ✅ SysAdmin bypass OR (ANY) permissions
- * - Si tiene alguno de los permisos => OK
- * - denied_permissions gana siempre
+ * SYS_ADMIN bypass OR ANY permission
  */
-declare function allowSysAdminOrAnyPermission(...perms: string[]): RequestHandler[];
+declare function allowSysAdminOrAnyPermission(perms: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SysAdmin bypass OR (ALL) permissions (AND)
+ * SYS_ADMIN bypass OR ALL permissions
  */
-declare function allowSysAdminOrPermissionsAll(...perms: string[]): RequestHandler[];
+declare function allowSysAdminOrPermissionsAll(perms: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SysAdmin bypass OR roles (ANY)
+ * SYS_ADMIN bypass OR ANY role
  */
-declare function allowSysAdminOrRoles(...roles: string[]): RequestHandler[];
+declare function allowSysAdminOrRoles(roles: string[] | string, options?: GuardOptions): RequestHandler[];
 /**
- * ✅ SYS_ADMIN bypass OR (ANY) roles OR (ANY) permissions
- * - denied_permissions siempre gana
+ * SYS_ADMIN bypass OR (roles ANY) OR (permissions ANY)
+ * denied_permissions siempre gana
  */
-declare function allowSysAdminOrRolesOrAnyPermission(roles: string | string[], permissions: string | string[]): RequestHandler[];
+declare function allowSysAdminOrRolesOrAnyPermission(roles: string | string[], permissions: string | string[], options?: GuardOptions): RequestHandler[];
 /**
- * ✅ Helper específico Auth:
- * Rol AUTH_ADMIN o permiso fino (y SYS_ADMIN bypass)
+ * Helper típico para AUTH backoffice
  */
-declare function allowAuthAdminOrPerm(permission: string): RequestHandler[];
+declare function allowAuthAdminOrPerm(permission: string, options?: GuardOptions): RequestHandler[];
 export { allowAuthAdminOrPerm, allowSysAdminOrAnyPermission, allowSysAdminOrPermissionsAll, allowSysAdminOrRoles, allowSysAdminOrRolesOrAnyPermission, internalAuth, parseHeaders, requestId, requireAnyPermission, requireAuthContext, requirePermissions, requireRoles, requireRolesOrAnyPermission, sendError, sendOk };

package/dist/middlewares/index.js CHANGED Viewed

@@ -14,7 +14,7 @@ import {
   requireRolesOrAnyPermission,
   sendError,
   sendOk
-} from "../chunk-WM2QICZQ.js";
+} from "../chunk-HNOUEVHW.js";
 import "../chunk-KXXIMSON.js";
 export {
   allowAuthAdminOrPerm,

package/dist/{types-CRECQuHp.d.cts → types-Cc_McZgD.d.cts} RENAMED Viewed

@@ -10,16 +10,18 @@ type AuthSession = {
 type AuthContext = {
     tokenType: TokenType;
     subject: AuthSubject;
-    employee?: any;
-    customer?: any;
+    employee_uid?: string;
+    customer_uid?: string;
     company_uid?: string;
     branch_uid?: string;
+    employee?: any;
+    customer?: any;
     companies?: any[];
     company?: any;
     branch?: any;
-    roles?: string[];
-    permissions?: string[];
-    denied_permissions?: string[];
+    roles?: any[];
+    permissions?: any[];
+    denied_permissions?: any[];
     session?: AuthSession;
     firebase?: any;
 };
@@ -30,23 +32,23 @@ type HydrateInput = {
     company_uid: string | null;
     branch_uid: string | null;
 };
-type HydrateResult = Partial<Pick<AuthContext, "employee" | "customer" | "companies" | "company" | "branch" | "roles" | "permissions" | "denied_permissions">>;
+type HydrateResult = Partial<Pick<AuthContext, "employee_uid" | "customer_uid" | "employee" | "customer" | "companies" | "company" | "branch" | "roles" | "permissions" | "denied_permissions">>;
 type Hydrator = (input: HydrateInput) => Promise<HydrateResult> | HydrateResult;
 type AuthMiddlewareOptions = {
     subject: AuthSubject;
     /**
-     * ✅ Si true, exige que el sujeto (employee/customer) exista tras hydrate.
+     * Si true, exige que el sujeto exista luego del hydrate.
      * Default: true
      */
     requireSubject?: boolean;
     /**
-     * Si true, permite fallback a Firebase idToken.
+     * Si true, permite fallback a Firebase ID token.
      * Default: false
      */
     allowFirebaseIdToken?: boolean;
     /**
-     * ✅ OBLIGATORIO para evitar acoplamientos:
-     * el micro decide cómo hidratar (DB local / AuthClient / etc).
+     * Hidrata contexto de dominio del micro.
+     * Obligatorio en el middleware estándar.
      */
     hydrate: Hydrator;
 };

package/dist/{types-CRECQuHp.d.ts → types-Cc_McZgD.d.ts} RENAMED Viewed

@@ -10,16 +10,18 @@ type AuthSession = {
 type AuthContext = {
     tokenType: TokenType;
     subject: AuthSubject;
-    employee?: any;
-    customer?: any;
+    employee_uid?: string;
+    customer_uid?: string;
     company_uid?: string;
     branch_uid?: string;
+    employee?: any;
+    customer?: any;
     companies?: any[];
     company?: any;
     branch?: any;
-    roles?: string[];
-    permissions?: string[];
-    denied_permissions?: string[];
+    roles?: any[];
+    permissions?: any[];
+    denied_permissions?: any[];
     session?: AuthSession;
     firebase?: any;
 };
@@ -30,23 +32,23 @@ type HydrateInput = {
     company_uid: string | null;
     branch_uid: string | null;
 };
-type HydrateResult = Partial<Pick<AuthContext, "employee" | "customer" | "companies" | "company" | "branch" | "roles" | "permissions" | "denied_permissions">>;
+type HydrateResult = Partial<Pick<AuthContext, "employee_uid" | "customer_uid" | "employee" | "customer" | "companies" | "company" | "branch" | "roles" | "permissions" | "denied_permissions">>;
 type Hydrator = (input: HydrateInput) => Promise<HydrateResult> | HydrateResult;
 type AuthMiddlewareOptions = {
     subject: AuthSubject;
     /**
-     * ✅ Si true, exige que el sujeto (employee/customer) exista tras hydrate.
+     * Si true, exige que el sujeto exista luego del hydrate.
      * Default: true
      */
     requireSubject?: boolean;
     /**
-     * Si true, permite fallback a Firebase idToken.
+     * Si true, permite fallback a Firebase ID token.
      * Default: false
      */
     allowFirebaseIdToken?: boolean;
     /**
-     * ✅ OBLIGATORIO para evitar acoplamientos:
-     * el micro decide cómo hidratar (DB local / AuthClient / etc).
+     * Hidrata contexto de dominio del micro.
+     * Obligatorio en el middleware estándar.
      */
     hydrate: Hydrator;
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@innvoid/getmarket-sdk",
-  "version": "0.2.7",
+  "version": "0.2.9",
   "private": false,
   "type": "module",
   "sideEffects": false,
@@ -88,7 +88,7 @@
     "typecheck": "tsc -p tsconfig.json --noEmit"
   },
   "dependencies": {
-    "@innvoid/getmarket-contracts": "^0.1.15",
+    "@innvoid/getmarket-contracts": "^0.1.17",
     "axios": "^1.13.5",
     "firebase-admin": "^13.6.1",
     "jsonwebtoken": "^9.0.2",