@liveblocks/core 3.20.0-perm4 → 3.20.0-perm5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.cjs CHANGED
@@ -6,7 +6,7 @@ var __export = (target, all) => {
6
6
 
7
7
  // src/version.ts
8
8
  var PKG_NAME = "@liveblocks/core";
9
- var PKG_VERSION = "3.20.0-perm4";
9
+ var PKG_VERSION = "3.20.0-perm5";
10
10
  var PKG_FORMAT = "cjs";
11
11
 
12
12
  // src/dupe-detection.ts
@@ -5170,40 +5170,37 @@ function createReceivingToolInvocation(invocationId, name, partialArgsText = "")
5170
5170
  // src/protocol/Permissions.ts
5171
5171
  var Permission = {
5172
5172
  /**
5173
- * Default permission for a room
5173
+ * Default permission for a room.
5174
5174
  */
5175
- RoomWrite: "room:write",
5176
- RoomRead: "room:read",
5175
+ Read: "*:read",
5176
+ Write: "*:write",
5177
5177
  /**
5178
- * Presence (LiveRoom Websocket access)
5178
+ * Legacy aliases for default room permissions.
5179
5179
  */
5180
- RoomPresenceRead: "room:presence:read",
5181
- RoomPresenceNone: "room:presence:none",
5180
+ RoomWrite: "room:write",
5181
+ RoomRead: "room:read",
5182
5182
  /**
5183
5183
  * Storage
5184
5184
  */
5185
- RoomStorageRead: "room:storage:read",
5186
- RoomStorageWrite: "room:storage:write",
5187
- RoomStorageNone: "room:storage:none",
5185
+ StorageRead: "storage:read",
5186
+ StorageWrite: "storage:write",
5187
+ StorageNone: "storage:none",
5188
5188
  /**
5189
5189
  * Comments
5190
5190
  */
5191
- RoomCommentsWrite: "room:comments:write",
5192
- RoomCommentsRead: "room:comments:read",
5193
- RoomCommentsNone: "room:comments:none",
5191
+ CommentsWrite: "comments:write",
5192
+ CommentsRead: "comments:read",
5193
+ CommentsNone: "comments:none",
5194
5194
  /**
5195
5195
  * Feeds
5196
5196
  */
5197
- RoomFeedsRead: "room:feeds:read",
5198
- RoomFeedsWrite: "room:feeds:write",
5199
- RoomFeedsNone: "room:feeds:none",
5197
+ FeedsRead: "feeds:read",
5198
+ FeedsWrite: "feeds:write",
5199
+ FeedsNone: "feeds:none",
5200
5200
  /**
5201
5201
  * Legacy
5202
5202
  */
5203
- LegacyRoomPresenceWrite: "room:presence:write",
5204
- LegacyCommentsWrite: "comments:write",
5205
- LegacyCommentsRead: "comments:read",
5206
- LegacyFeedsWrite: "feeds:write"
5203
+ LegacyRoomPresenceWrite: "room:presence:write"
5207
5204
  };
5208
5205
  var ACCESS_LEVELS = [
5209
5206
  "none",
@@ -5217,7 +5214,6 @@ var ACCESS_RANKS = {
5217
5214
  };
5218
5215
  var NO_PERMISSION_MATRIX = {
5219
5216
  room: "none",
5220
- presence: "none",
5221
5217
  storage: "none",
5222
5218
  comments: "none",
5223
5219
  feeds: "none",
@@ -5225,36 +5221,30 @@ var NO_PERMISSION_MATRIX = {
5225
5221
  };
5226
5222
  var RESOURCE_PERMISSIONS = {
5227
5223
  room: {
5228
- read: [Permission.RoomRead],
5229
- write: [Permission.RoomWrite]
5224
+ read: [Permission.Read, Permission.RoomRead],
5225
+ write: [Permission.Write, Permission.RoomWrite]
5230
5226
  },
5231
5227
  personal: {
5232
5228
  write: []
5233
5229
  },
5234
- presence: {
5235
- write: [Permission.LegacyRoomPresenceWrite],
5236
- read: [Permission.RoomPresenceRead],
5237
- none: [Permission.RoomPresenceNone]
5238
- },
5239
5230
  storage: {
5240
- write: [Permission.RoomStorageWrite],
5241
- read: [Permission.RoomStorageRead],
5242
- none: [Permission.RoomStorageNone]
5231
+ write: [Permission.StorageWrite],
5232
+ read: [Permission.StorageRead],
5233
+ none: [Permission.StorageNone]
5243
5234
  },
5244
5235
  comments: {
5245
- write: [Permission.RoomCommentsWrite, Permission.LegacyCommentsWrite],
5246
- read: [Permission.RoomCommentsRead, Permission.LegacyCommentsRead],
5247
- none: [Permission.RoomCommentsNone]
5236
+ write: [Permission.CommentsWrite],
5237
+ read: [Permission.CommentsRead],
5238
+ none: [Permission.CommentsNone]
5248
5239
  },
5249
5240
  feeds: {
5250
- write: [Permission.RoomFeedsWrite, Permission.LegacyFeedsWrite],
5251
- read: [Permission.RoomFeedsRead],
5252
- none: [Permission.RoomFeedsNone]
5241
+ write: [Permission.FeedsWrite],
5242
+ read: [Permission.FeedsRead],
5243
+ none: [Permission.FeedsNone]
5253
5244
  }
5254
5245
  };
5255
5246
  var DEFAULT_PERMISSION_RESOURCE = "room";
5256
5247
  var ROOM_PERMISSION_RESOURCES = [
5257
- "presence",
5258
5248
  "storage",
5259
5249
  "comments",
5260
5250
  "feeds"
@@ -5272,7 +5262,7 @@ function resolveResourceAccess(scopes, resource) {
5272
5262
  }
5273
5263
  function resolveFullPermissionMatrix(resolved) {
5274
5264
  if (!resolved.hasDefaultPermission) {
5275
- return { ...NO_PERMISSION_MATRIX, ...resolved.matrix };
5265
+ return NO_PERMISSION_MATRIX;
5276
5266
  }
5277
5267
  const matrix = {
5278
5268
  ...NO_PERMISSION_MATRIX,
@@ -5287,8 +5277,8 @@ function permissionMatrixFromScopes(scopes) {
5287
5277
  return resolveFullPermissionMatrix(resolvePermissionMatrix(scopes));
5288
5278
  }
5289
5279
  function resolvePermissionMatrix(scopes) {
5290
- const hasDefaultPermission = scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
5291
- const baseAccess = scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.RoomRead) ? "read" : "none";
5280
+ const hasDefaultPermission = scopes.includes(Permission.Write) || scopes.includes(Permission.Read) || scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
5281
+ const baseAccess = scopes.includes(Permission.Write) || scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.Read) || scopes.includes(Permission.RoomRead) ? "read" : "none";
5292
5282
  const matrix = {};
5293
5283
  for (const resource of ROOM_PERMISSION_RESOURCES) {
5294
5284
  const access = resolveResourceAccess(scopes, resource);
@@ -5309,10 +5299,6 @@ function isPermissionScopes(source) {
5309
5299
 
5310
5300
  // src/permissions.ts
5311
5301
  var VALID_PERMISSIONS = new Set(Object.values(Permission));
5312
- var ROOM_PERMISSION_OBJECT_KEYS = /* @__PURE__ */ new Set([
5313
- "default",
5314
- ...ROOM_PERMISSION_RESOURCES
5315
- ]);
5316
5302
  function permissionForAccessLevel(resource, access, field = resource) {
5317
5303
  const levels = RESOURCE_PERMISSIONS[resource];
5318
5304
  const permissions = levels[access];
@@ -5333,8 +5319,10 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
5333
5319
  let hasDefaultPermission = false;
5334
5320
  let baseAccess = "none";
5335
5321
  const explicitMatrix = {};
5322
+ const explicitSpecificity = {};
5336
5323
  for (const permission of matchedPermissions) {
5337
5324
  const resolved = resolvePermissionMatrix(permission.scopes);
5325
+ const specificity = getResourceSpecificity(permission.resource);
5338
5326
  if (resolved.hasDefaultPermission) {
5339
5327
  hasDefaultPermission = true;
5340
5328
  baseAccess = strongestAccess(baseAccess, resolved.baseAccess);
@@ -5342,10 +5330,16 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
5342
5330
  for (const resource of ROOM_PERMISSION_RESOURCES) {
5343
5331
  const access = resolved.matrix[resource];
5344
5332
  if (access !== void 0) {
5345
- explicitMatrix[resource] = strongestAccess(
5346
- _nullishCoalesce(explicitMatrix[resource], () => ( "none")),
5347
- access
5348
- );
5333
+ const currentSpecificity = _nullishCoalesce(explicitSpecificity[resource], () => ( -1));
5334
+ if (specificity > currentSpecificity) {
5335
+ explicitMatrix[resource] = access;
5336
+ explicitSpecificity[resource] = specificity;
5337
+ } else if (specificity === currentSpecificity) {
5338
+ explicitMatrix[resource] = strongestAccess(
5339
+ _nullishCoalesce(explicitMatrix[resource], () => ( "none")),
5340
+ access
5341
+ );
5342
+ }
5349
5343
  }
5350
5344
  }
5351
5345
  }
@@ -5355,46 +5349,16 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
5355
5349
  matrix: explicitMatrix
5356
5350
  });
5357
5351
  }
5358
- function isRoomPermissionArray(input) {
5359
- return Array.isArray(input);
5360
- }
5361
5352
  function normalizeRoomPermissionInput(input) {
5362
- if (isRoomPermissionArray(input)) {
5363
- return input.map((permission) => {
5364
- if (!VALID_PERMISSIONS.has(permission)) {
5365
- throw new Error(`Not a valid permission: ${permission}`);
5366
- }
5367
- return permission;
5368
- });
5353
+ if (!Array.isArray(input)) {
5354
+ throw new Error("Permission list must be an array");
5369
5355
  }
5370
- return normalizeRoomPermissionObject(input);
5371
- }
5372
- function normalizeRoomPermissionObject(objectInput) {
5373
- for (const key of Object.keys(objectInput)) {
5374
- if (!ROOM_PERMISSION_OBJECT_KEYS.has(key)) {
5375
- throw new Error(`Unknown permission field: ${key}`);
5356
+ return input.map((permission) => {
5357
+ if (!VALID_PERMISSIONS.has(permission)) {
5358
+ throw new Error(`Not a valid permission: ${permission}`);
5376
5359
  }
5377
- }
5378
- const permissions = [];
5379
- if (objectInput.default !== void 0) {
5380
- permissions.push(
5381
- permissionForAccessLevel(
5382
- DEFAULT_PERMISSION_RESOURCE,
5383
- objectInput.default,
5384
- "default"
5385
- )
5386
- );
5387
- }
5388
- for (const resource of ROOM_PERMISSION_RESOURCES) {
5389
- const access = objectInput[resource];
5390
- if (access !== void 0) {
5391
- permissions.push(permissionForAccessLevel(resource, access));
5392
- }
5393
- }
5394
- if (permissions.length === 0) {
5395
- throw new Error("Permission object cannot be empty");
5396
- }
5397
- return permissions;
5360
+ return permission;
5361
+ });
5398
5362
  }
5399
5363
  function normalizeRoomAccessesInput(input) {
5400
5364
  if (input === void 0) {
@@ -5421,7 +5385,6 @@ function normalizeRoomAccessesUpdateInput(input) {
5421
5385
  function mergePermissionMatrices(sources) {
5422
5386
  return {
5423
5387
  room: strongestMatrixAccess(sources, "room"),
5424
- presence: strongestMatrixAccess(sources, "presence"),
5425
5388
  storage: strongestMatrixAccess(sources, "storage"),
5426
5389
  comments: strongestMatrixAccess(sources, "comments"),
5427
5390
  feeds: strongestMatrixAccess(sources, "feeds"),
@@ -5459,6 +5422,9 @@ function resourceMatchesRoomId(resource, roomId) {
5459
5422
  }
5460
5423
  return resource === roomId;
5461
5424
  }
5425
+ function getResourceSpecificity(resource) {
5426
+ return resource.replace("*", "").length;
5427
+ }
5462
5428
 
5463
5429
  // src/protocol/AuthToken.ts
5464
5430
  function isValidAuthTokenPayload(data) {
@@ -11482,7 +11448,9 @@ function createRoom(options, config) {
11482
11448
  _dump: () => {
11483
11449
  const n = context.pool.nodes.size;
11484
11450
  return `Room "${roomId}" (${n} node${n === 1 ? "" : "s"}):
11485
- ${dumpPool(context.pool)}`;
11451
+ ${dumpPool(
11452
+ context.pool
11453
+ )}`;
11486
11454
  },
11487
11455
  destroy: () => {
11488
11456
  pendingFeedsRequests.forEach(
@@ -11677,7 +11645,7 @@ function makeAuthDelegateForRoom(roomId, authManager) {
11677
11645
  return async () => {
11678
11646
  return authManager.getAuthValue({
11679
11647
  roomId,
11680
- resource: "presence",
11648
+ resource: "room",
11681
11649
  access: "read"
11682
11650
  });
11683
11651
  };