@liveblocks/core 3.20.0-perm5 → 3.20.0-perm6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +68 -58
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +14 -9
- package/dist/index.d.ts +14 -9
- package/dist/index.js +67 -57
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.cts
CHANGED
|
@@ -99,34 +99,39 @@ declare const Permission: {
|
|
|
99
99
|
readonly LegacyRoomPresenceWrite: "room:presence:write";
|
|
100
100
|
};
|
|
101
101
|
type Permission = (typeof Permission)[keyof typeof Permission];
|
|
102
|
-
|
|
102
|
+
declare const ACCESS_LEVELS: readonly ["none", "read", "write"];
|
|
103
|
+
type AccessLevel = (typeof ACCESS_LEVELS)[number];
|
|
103
104
|
type RequiredAccessLevel = "read" | "write";
|
|
104
105
|
type PermissionMatrix = {
|
|
105
106
|
room: AccessLevel;
|
|
106
107
|
storage: AccessLevel;
|
|
107
108
|
comments: AccessLevel;
|
|
108
109
|
feeds: AccessLevel;
|
|
109
|
-
personal:
|
|
110
|
+
personal: AccessLevel;
|
|
110
111
|
};
|
|
111
112
|
type PermissionResources = keyof PermissionMatrix;
|
|
112
|
-
declare function permissionMatrixFromScopes(scopes: readonly string[]): PermissionMatrix;
|
|
113
|
-
declare function hasPermissionAccess(scopes: readonly string[], resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
114
|
-
declare function hasPermissionAccess(matrix: Partial<PermissionMatrix>, resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
115
|
-
|
|
116
113
|
type RoomPermissionGrant = {
|
|
117
114
|
resource: string;
|
|
118
|
-
scopes: readonly
|
|
115
|
+
scopes: readonly Permission[];
|
|
119
116
|
};
|
|
120
117
|
type RoomPermission = Permission[];
|
|
121
118
|
type RoomPermissionInput = readonly Permission[];
|
|
122
119
|
type RoomAccesses = Record<string, RoomPermission>;
|
|
123
120
|
type RoomAccessesInput = Record<string, RoomPermissionInput>;
|
|
124
121
|
type RoomAccessesUpdateInput = Record<string, RoomPermissionInput | null>;
|
|
122
|
+
type RoomPermissionSources = {
|
|
123
|
+
defaultAccesses: readonly Permission[];
|
|
124
|
+
groupsAccesses: readonly (readonly Permission[])[];
|
|
125
|
+
userAccesses?: readonly Permission[] | undefined;
|
|
126
|
+
};
|
|
127
|
+
declare function permissionMatrixFromScopes(scopes: readonly string[]): PermissionMatrix;
|
|
128
|
+
declare function hasPermissionAccess(matrix: Partial<PermissionMatrix>, resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
125
129
|
declare function normalizeRoomPermissionInput(input: RoomPermissionInput): RoomPermission;
|
|
126
130
|
declare function normalizeRoomAccessesInput(input: RoomAccessesInput | undefined): RoomAccesses | undefined;
|
|
127
131
|
declare function normalizeRoomAccessesUpdateInput(input: RoomAccessesUpdateInput | undefined): Record<string, RoomPermission | null> | undefined;
|
|
128
132
|
declare function mergePermissionMatrices(sources: readonly PermissionMatrix[]): PermissionMatrix;
|
|
129
133
|
declare function permissionMatrixToScopes(matrix: PermissionMatrix): RoomPermission;
|
|
134
|
+
declare function mergeRoomPermissionScopes({ defaultAccesses, groupsAccesses, userAccesses, }: RoomPermissionSources): Permission[];
|
|
130
135
|
|
|
131
136
|
type CustomAuthenticationResult = Relax<{
|
|
132
137
|
token: string;
|
|
@@ -4163,7 +4168,7 @@ type StaticSessionInfo = {
|
|
|
4163
4168
|
type DynamicSessionInfo = {
|
|
4164
4169
|
readonly actor: number;
|
|
4165
4170
|
readonly nonce: string;
|
|
4166
|
-
readonly
|
|
4171
|
+
readonly permissionMatrix: PermissionMatrix;
|
|
4167
4172
|
readonly meta: JsonObject;
|
|
4168
4173
|
};
|
|
4169
4174
|
type Polyfills = {
|
|
@@ -5764,4 +5769,4 @@ type EnsureJson<T> = T extends Json ? T : T extends Array<infer I> ? (EnsureJson
|
|
|
5764
5769
|
[K in keyof T as EnsureJson<T[K]> extends never ? never : K]: EnsureJson<T[K]>;
|
|
5765
5770
|
};
|
|
5766
5771
|
|
|
5767
|
-
export { type AccessLevel, type ActivityData, type AiAssistantContentPart, type AiAssistantMessage, type AiChat, type AiChatMessage, type AiChatsQuery, type AiKnowledgeRetrievalPart, type AiKnowledgeSource, type AiOpaqueToolDefinition, type AiOpaqueToolInvocationProps, type AiReasoningPart, type AiRetrievalPart, type AiSourcesPart, type AiTextPart, type AiToolDefinition, type AiToolExecuteCallback, type AiToolExecuteContext, type AiToolInvocationPart, type AiToolInvocationProps, type AiToolTypePack, type AiUrlSource, type AiUserMessage, type AiWebRetrievalPart, type AsyncError, type AsyncLoading, type AsyncResult, type AsyncSuccess, type Awaitable, type BaseActivitiesData, type BaseAuthResult, type BaseGroupInfo, type BaseMetadata, type BaseRoomInfo, type BaseUserMeta, type Brand, type BroadcastEventClientMsg, type BroadcastOptions, type BroadcastedEventServerMsg, type ChildStorageNode, type Client, type ClientMsg, ClientMsgCode, type ClientOptions, type ClientWireOp, type CommentAttachment, type CommentBody, type CommentBodyBlockElement, type CommentBodyElement, type CommentBodyInlineElement, type CommentBodyLink, type CommentBodyLinkElementArgs, type CommentBodyMention, type CommentBodyMentionElementArgs, type CommentBodyParagraph, type CommentBodyParagraphElementArgs, type CommentBodyText, type CommentBodyTextElementArgs, type CommentData, type CommentDataPlain, type CommentLocalAttachment, type CommentMixedAttachment, type CommentReaction, type CommentUserReaction, type CommentUserReactionPlain, type CommentsEventServerMsg, type CompactChildNode, type CompactListNode, type CompactMapNode, type CompactNode, type CompactObjectNode, type CompactRegisterNode, type CompactRootNode, type ContextualPromptContext, type ContextualPromptResponse, type CopilotId, CrdtType, type CreateListOp, type CreateManagedPoolOptions, type CreateMapOp, type CreateObjectOp, type CreateOp, type CreateRegisterOp, type Cursor, type CustomAuthenticationResult, type DAD, type DCM, type DE, type DFM, type DFMD, type DGI, type DP, type DRI, type DS, type DTM, type DU, DefaultMap, type Delegates, type DeleteCrdtOp, type DeleteObjectKeyOp, Deque, DerivedSignal, DevToolsTreeNode as DevTools, protocol as DevToolsMsg, type DistributiveOmit, type EnsureJson, type EnterOptions, type EventSource, type Feed, type FeedCreateMetadata, type FeedDeletedServerMsg, type FeedFetchMetadataFilter, type FeedMessage, type FeedMessagesAddedServerMsg, type FeedMessagesDeletedServerMsg, type FeedMessagesListServerMsg, type FeedMessagesUpdatedServerMsg, type FeedRequestError, FeedRequestErrorCode, type FeedRequestFailedServerMsg, type FeedUpdateMetadata, type FeedsAddedServerMsg, type FeedsEventServerMsg, type FeedsListServerMsg, type FeedsUpdatedServerMsg, type FetchStorageClientMsg, type FetchYDocClientMsg, type GetThreadsOptions, type GroupData, type GroupDataPlain, type GroupMemberData, type GroupMentionData, type GroupScopes, type HasOpId, type History, type HistoryVersion, HttpError, type ISODateString, type ISignal, type IUserInfo, type IWebSocket, type IWebSocketCloseEvent, type IWebSocketEvent, type IWebSocketInstance, type IWebSocketMessageEvent, type IYjsProvider, type IgnoredOp, type Immutable, type InboxNotificationCustomData, type InboxNotificationCustomDataPlain, type InboxNotificationData, type InboxNotificationDataPlain, type InboxNotificationDeleteInfo, type InboxNotificationTextMentionData, type InboxNotificationTextMentionDataPlain, type InboxNotificationThreadData, type InboxNotificationThreadDataPlain, type InferFromSchema, type Json, type JsonArray, type JsonObject, type JsonScalar, type KDAD, type LayerKey, type ListStorageNode, LiveList, type LiveListUpdate, LiveMap, type LiveMapUpdate, type LiveNode, LiveObject, type LiveObjectUpdate, type LiveStructure, LiveblocksError, type LiveblocksErrorContext, type LostConnectionEvent, type Lson, type LsonObject, MENTION_CHARACTER, type ManagedPool, type MapStorageNode, type MentionData, type MessageId, MutableSignal, type NoInfr, type NodeMap, type NodeStream, type NotificationChannel, type NotificationChannelSettings, type NotificationKind, type NotificationSettings, type NotificationSettingsPlain, type ObjectStorageNode, type Observable, type Op, OpCode, type OpaqueClient, type OpaqueRoom, type OptionalTupleUnless, type OthersEvent, type ParentToChildNodeMap, type PartialNotificationSettings, type PartialUnless, type Patchable, Permission, type PermissionMatrix, type PermissionResources, type PlainLson, type PlainLsonFields, type PlainLsonList, type PlainLsonMap, type PlainLsonObject, type Poller, type PrivateClientApi, type PrivateRoomApi, Promise_withResolvers, type QueryMetadata, type QueryParams, type ReadonlyJson, type ReadonlyJsonObject, type RegisterStorageNode, type RejectedStorageOpServerMsg, type Relax, type RenderableToolResultResponse, type RequiredAccessLevel, type Resolve, type ResolveGroupsInfoArgs, type ResolveMentionSuggestionsArgs, type ResolveRoomsInfoArgs, type ResolveUsersArgs, type Room, type RoomAccesses, type RoomAccessesInput, type RoomAccessesUpdateInput, type RoomEventMessage, type RoomPermission, type RoomPermissionGrant, type RoomPermissionInput, type RoomStateServerMsg, type RoomSubscriptionSettings, type RootStorageNode, type SearchCommentsResult, type SerializedChild, type SerializedCrdt, type SerializedList, type SerializedMap, type SerializedObject, type SerializedRegister, type SerializedRootObject, type ServerMsg, ServerMsgCode, type ServerWireOp, type SetParentKeyOp, Signal, type SignalType, SortedList, type Status, type StorageChunkServerMsg, type StorageNode, type StorageStatus, type StorageUpdate, type StringifyCommentBodyElements, type StringifyCommentBodyOptions, type SubscriptionData, type SubscriptionDataPlain, type SubscriptionDeleteInfo, type SubscriptionDeleteInfoPlain, type SubscriptionKey, type SyncConfig, type SyncMode, type SyncSource, type SyncStatus, TextEditorType, type ThreadData, type ThreadDataPlain, type ThreadDataWithDeleteInfo, type ThreadDeleteInfo, type ToJson, type ToolResultResponse, type URLSafeString, type UnsubscribeCallback, type UpdateObjectOp, type UpdatePresenceClientMsg, type UpdatePresenceServerMsg, type UpdateStorageClientMsg, type UpdateStorageServerMsg, type UpdateYDocClientMsg, type UploadAttachmentOptions, type UrlMetadata, type User, type UserJoinServerMsg, type UserLeftServerMsg, type UserMentionData, type UserRoomSubscriptionSettings, type UserSubscriptionData, type UserSubscriptionDataPlain, WebsocketCloseCodes, type WithNavigation, type WithOptional, type WithRequired, type YDocUpdateServerMsg, type YjsSyncStatus, asPos, assert, assertNever, autoRetry, b64decode, batch, checkBounds, chunk, cloneLson, compactNodesToNodeStream, compactObject, fancyConsole as console, convertToCommentData, convertToCommentUserReaction, convertToGroupData, convertToInboxNotificationData, convertToSubscriptionData, convertToThreadData, convertToUserSubscriptionData, createClient, createCommentAttachmentId, createCommentId, createInboxNotificationId, createManagedPool, createNotificationSettings, createThreadId, deepLiveify, defineAiTool, deprecate, deprecateIf, detectDupes, entries, errorIf, findLastIndex, freeze, generateUrl, getMentionsFromCommentBody, getSubscriptionKey, hasPermissionAccess, html, htmlSafe, isCommentBodyLink, isCommentBodyMention, isCommentBodyText, isJsonArray, isJsonObject, isJsonScalar, isListStorageNode, isLiveNode, isMapStorageNode, isNotificationChannelEnabled, isNumberOperator, isObjectStorageNode, isPlainObject, isRegisterStorageNode, isRootStorageNode, isStartsWithOperator, isUrl, kInternal, keys, makeAbortController, makeEventSource, makePoller, makePosition, mapValues, memoizeOnSuccess, mergePermissionMatrices, nanoid, nn, nodeStreamToCompactNodes, normalizeRoomAccessesInput, normalizeRoomAccessesUpdateInput, normalizeRoomPermissionInput, objectToQuery, patchNotificationSettings, permissionMatrixFromScopes, permissionMatrixToScopes, raise, resolveMentionsInCommentBody, sanitizeUrl, shallow, shallow2, stableStringify, stringifyCommentBody, throwUsageError, toPlainLson, tryParseJson, url, urljoin, wait, warnOnce, warnOnceIf, withTimeout };
|
|
5772
|
+
export { type AccessLevel, type ActivityData, type AiAssistantContentPart, type AiAssistantMessage, type AiChat, type AiChatMessage, type AiChatsQuery, type AiKnowledgeRetrievalPart, type AiKnowledgeSource, type AiOpaqueToolDefinition, type AiOpaqueToolInvocationProps, type AiReasoningPart, type AiRetrievalPart, type AiSourcesPart, type AiTextPart, type AiToolDefinition, type AiToolExecuteCallback, type AiToolExecuteContext, type AiToolInvocationPart, type AiToolInvocationProps, type AiToolTypePack, type AiUrlSource, type AiUserMessage, type AiWebRetrievalPart, type AsyncError, type AsyncLoading, type AsyncResult, type AsyncSuccess, type Awaitable, type BaseActivitiesData, type BaseAuthResult, type BaseGroupInfo, type BaseMetadata, type BaseRoomInfo, type BaseUserMeta, type Brand, type BroadcastEventClientMsg, type BroadcastOptions, type BroadcastedEventServerMsg, type ChildStorageNode, type Client, type ClientMsg, ClientMsgCode, type ClientOptions, type ClientWireOp, type CommentAttachment, type CommentBody, type CommentBodyBlockElement, type CommentBodyElement, type CommentBodyInlineElement, type CommentBodyLink, type CommentBodyLinkElementArgs, type CommentBodyMention, type CommentBodyMentionElementArgs, type CommentBodyParagraph, type CommentBodyParagraphElementArgs, type CommentBodyText, type CommentBodyTextElementArgs, type CommentData, type CommentDataPlain, type CommentLocalAttachment, type CommentMixedAttachment, type CommentReaction, type CommentUserReaction, type CommentUserReactionPlain, type CommentsEventServerMsg, type CompactChildNode, type CompactListNode, type CompactMapNode, type CompactNode, type CompactObjectNode, type CompactRegisterNode, type CompactRootNode, type ContextualPromptContext, type ContextualPromptResponse, type CopilotId, CrdtType, type CreateListOp, type CreateManagedPoolOptions, type CreateMapOp, type CreateObjectOp, type CreateOp, type CreateRegisterOp, type Cursor, type CustomAuthenticationResult, type DAD, type DCM, type DE, type DFM, type DFMD, type DGI, type DP, type DRI, type DS, type DTM, type DU, DefaultMap, type Delegates, type DeleteCrdtOp, type DeleteObjectKeyOp, Deque, DerivedSignal, DevToolsTreeNode as DevTools, protocol as DevToolsMsg, type DistributiveOmit, type EnsureJson, type EnterOptions, type EventSource, type Feed, type FeedCreateMetadata, type FeedDeletedServerMsg, type FeedFetchMetadataFilter, type FeedMessage, type FeedMessagesAddedServerMsg, type FeedMessagesDeletedServerMsg, type FeedMessagesListServerMsg, type FeedMessagesUpdatedServerMsg, type FeedRequestError, FeedRequestErrorCode, type FeedRequestFailedServerMsg, type FeedUpdateMetadata, type FeedsAddedServerMsg, type FeedsEventServerMsg, type FeedsListServerMsg, type FeedsUpdatedServerMsg, type FetchStorageClientMsg, type FetchYDocClientMsg, type GetThreadsOptions, type GroupData, type GroupDataPlain, type GroupMemberData, type GroupMentionData, type GroupScopes, type HasOpId, type History, type HistoryVersion, HttpError, type ISODateString, type ISignal, type IUserInfo, type IWebSocket, type IWebSocketCloseEvent, type IWebSocketEvent, type IWebSocketInstance, type IWebSocketMessageEvent, type IYjsProvider, type IgnoredOp, type Immutable, type InboxNotificationCustomData, type InboxNotificationCustomDataPlain, type InboxNotificationData, type InboxNotificationDataPlain, type InboxNotificationDeleteInfo, type InboxNotificationTextMentionData, type InboxNotificationTextMentionDataPlain, type InboxNotificationThreadData, type InboxNotificationThreadDataPlain, type InferFromSchema, type Json, type JsonArray, type JsonObject, type JsonScalar, type KDAD, type LayerKey, type ListStorageNode, LiveList, type LiveListUpdate, LiveMap, type LiveMapUpdate, type LiveNode, LiveObject, type LiveObjectUpdate, type LiveStructure, LiveblocksError, type LiveblocksErrorContext, type LostConnectionEvent, type Lson, type LsonObject, MENTION_CHARACTER, type ManagedPool, type MapStorageNode, type MentionData, type MessageId, MutableSignal, type NoInfr, type NodeMap, type NodeStream, type NotificationChannel, type NotificationChannelSettings, type NotificationKind, type NotificationSettings, type NotificationSettingsPlain, type ObjectStorageNode, type Observable, type Op, OpCode, type OpaqueClient, type OpaqueRoom, type OptionalTupleUnless, type OthersEvent, type ParentToChildNodeMap, type PartialNotificationSettings, type PartialUnless, type Patchable, Permission, type PermissionMatrix, type PermissionResources, type PlainLson, type PlainLsonFields, type PlainLsonList, type PlainLsonMap, type PlainLsonObject, type Poller, type PrivateClientApi, type PrivateRoomApi, Promise_withResolvers, type QueryMetadata, type QueryParams, type ReadonlyJson, type ReadonlyJsonObject, type RegisterStorageNode, type RejectedStorageOpServerMsg, type Relax, type RenderableToolResultResponse, type RequiredAccessLevel, type Resolve, type ResolveGroupsInfoArgs, type ResolveMentionSuggestionsArgs, type ResolveRoomsInfoArgs, type ResolveUsersArgs, type Room, type RoomAccesses, type RoomAccessesInput, type RoomAccessesUpdateInput, type RoomEventMessage, type RoomPermission, type RoomPermissionGrant, type RoomPermissionInput, type RoomPermissionSources, type RoomStateServerMsg, type RoomSubscriptionSettings, type RootStorageNode, type SearchCommentsResult, type SerializedChild, type SerializedCrdt, type SerializedList, type SerializedMap, type SerializedObject, type SerializedRegister, type SerializedRootObject, type ServerMsg, ServerMsgCode, type ServerWireOp, type SetParentKeyOp, Signal, type SignalType, SortedList, type Status, type StorageChunkServerMsg, type StorageNode, type StorageStatus, type StorageUpdate, type StringifyCommentBodyElements, type StringifyCommentBodyOptions, type SubscriptionData, type SubscriptionDataPlain, type SubscriptionDeleteInfo, type SubscriptionDeleteInfoPlain, type SubscriptionKey, type SyncConfig, type SyncMode, type SyncSource, type SyncStatus, TextEditorType, type ThreadData, type ThreadDataPlain, type ThreadDataWithDeleteInfo, type ThreadDeleteInfo, type ToJson, type ToolResultResponse, type URLSafeString, type UnsubscribeCallback, type UpdateObjectOp, type UpdatePresenceClientMsg, type UpdatePresenceServerMsg, type UpdateStorageClientMsg, type UpdateStorageServerMsg, type UpdateYDocClientMsg, type UploadAttachmentOptions, type UrlMetadata, type User, type UserJoinServerMsg, type UserLeftServerMsg, type UserMentionData, type UserRoomSubscriptionSettings, type UserSubscriptionData, type UserSubscriptionDataPlain, WebsocketCloseCodes, type WithNavigation, type WithOptional, type WithRequired, type YDocUpdateServerMsg, type YjsSyncStatus, asPos, assert, assertNever, autoRetry, b64decode, batch, checkBounds, chunk, cloneLson, compactNodesToNodeStream, compactObject, fancyConsole as console, convertToCommentData, convertToCommentUserReaction, convertToGroupData, convertToInboxNotificationData, convertToSubscriptionData, convertToThreadData, convertToUserSubscriptionData, createClient, createCommentAttachmentId, createCommentId, createInboxNotificationId, createManagedPool, createNotificationSettings, createThreadId, deepLiveify, defineAiTool, deprecate, deprecateIf, detectDupes, entries, errorIf, findLastIndex, freeze, generateUrl, getMentionsFromCommentBody, getSubscriptionKey, hasPermissionAccess, html, htmlSafe, isCommentBodyLink, isCommentBodyMention, isCommentBodyText, isJsonArray, isJsonObject, isJsonScalar, isListStorageNode, isLiveNode, isMapStorageNode, isNotificationChannelEnabled, isNumberOperator, isObjectStorageNode, isPlainObject, isRegisterStorageNode, isRootStorageNode, isStartsWithOperator, isUrl, kInternal, keys, makeAbortController, makeEventSource, makePoller, makePosition, mapValues, memoizeOnSuccess, mergePermissionMatrices, mergeRoomPermissionScopes, nanoid, nn, nodeStreamToCompactNodes, normalizeRoomAccessesInput, normalizeRoomAccessesUpdateInput, normalizeRoomPermissionInput, objectToQuery, patchNotificationSettings, permissionMatrixFromScopes, permissionMatrixToScopes, raise, resolveMentionsInCommentBody, sanitizeUrl, shallow, shallow2, stableStringify, stringifyCommentBody, throwUsageError, toPlainLson, tryParseJson, url, urljoin, wait, warnOnce, warnOnceIf, withTimeout };
|
package/dist/index.d.ts
CHANGED
|
@@ -99,34 +99,39 @@ declare const Permission: {
|
|
|
99
99
|
readonly LegacyRoomPresenceWrite: "room:presence:write";
|
|
100
100
|
};
|
|
101
101
|
type Permission = (typeof Permission)[keyof typeof Permission];
|
|
102
|
-
|
|
102
|
+
declare const ACCESS_LEVELS: readonly ["none", "read", "write"];
|
|
103
|
+
type AccessLevel = (typeof ACCESS_LEVELS)[number];
|
|
103
104
|
type RequiredAccessLevel = "read" | "write";
|
|
104
105
|
type PermissionMatrix = {
|
|
105
106
|
room: AccessLevel;
|
|
106
107
|
storage: AccessLevel;
|
|
107
108
|
comments: AccessLevel;
|
|
108
109
|
feeds: AccessLevel;
|
|
109
|
-
personal:
|
|
110
|
+
personal: AccessLevel;
|
|
110
111
|
};
|
|
111
112
|
type PermissionResources = keyof PermissionMatrix;
|
|
112
|
-
declare function permissionMatrixFromScopes(scopes: readonly string[]): PermissionMatrix;
|
|
113
|
-
declare function hasPermissionAccess(scopes: readonly string[], resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
114
|
-
declare function hasPermissionAccess(matrix: Partial<PermissionMatrix>, resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
115
|
-
|
|
116
113
|
type RoomPermissionGrant = {
|
|
117
114
|
resource: string;
|
|
118
|
-
scopes: readonly
|
|
115
|
+
scopes: readonly Permission[];
|
|
119
116
|
};
|
|
120
117
|
type RoomPermission = Permission[];
|
|
121
118
|
type RoomPermissionInput = readonly Permission[];
|
|
122
119
|
type RoomAccesses = Record<string, RoomPermission>;
|
|
123
120
|
type RoomAccessesInput = Record<string, RoomPermissionInput>;
|
|
124
121
|
type RoomAccessesUpdateInput = Record<string, RoomPermissionInput | null>;
|
|
122
|
+
type RoomPermissionSources = {
|
|
123
|
+
defaultAccesses: readonly Permission[];
|
|
124
|
+
groupsAccesses: readonly (readonly Permission[])[];
|
|
125
|
+
userAccesses?: readonly Permission[] | undefined;
|
|
126
|
+
};
|
|
127
|
+
declare function permissionMatrixFromScopes(scopes: readonly string[]): PermissionMatrix;
|
|
128
|
+
declare function hasPermissionAccess(matrix: Partial<PermissionMatrix>, resource: PermissionResources, requiredAccess: RequiredAccessLevel): boolean;
|
|
125
129
|
declare function normalizeRoomPermissionInput(input: RoomPermissionInput): RoomPermission;
|
|
126
130
|
declare function normalizeRoomAccessesInput(input: RoomAccessesInput | undefined): RoomAccesses | undefined;
|
|
127
131
|
declare function normalizeRoomAccessesUpdateInput(input: RoomAccessesUpdateInput | undefined): Record<string, RoomPermission | null> | undefined;
|
|
128
132
|
declare function mergePermissionMatrices(sources: readonly PermissionMatrix[]): PermissionMatrix;
|
|
129
133
|
declare function permissionMatrixToScopes(matrix: PermissionMatrix): RoomPermission;
|
|
134
|
+
declare function mergeRoomPermissionScopes({ defaultAccesses, groupsAccesses, userAccesses, }: RoomPermissionSources): Permission[];
|
|
130
135
|
|
|
131
136
|
type CustomAuthenticationResult = Relax<{
|
|
132
137
|
token: string;
|
|
@@ -4163,7 +4168,7 @@ type StaticSessionInfo = {
|
|
|
4163
4168
|
type DynamicSessionInfo = {
|
|
4164
4169
|
readonly actor: number;
|
|
4165
4170
|
readonly nonce: string;
|
|
4166
|
-
readonly
|
|
4171
|
+
readonly permissionMatrix: PermissionMatrix;
|
|
4167
4172
|
readonly meta: JsonObject;
|
|
4168
4173
|
};
|
|
4169
4174
|
type Polyfills = {
|
|
@@ -5764,4 +5769,4 @@ type EnsureJson<T> = T extends Json ? T : T extends Array<infer I> ? (EnsureJson
|
|
|
5764
5769
|
[K in keyof T as EnsureJson<T[K]> extends never ? never : K]: EnsureJson<T[K]>;
|
|
5765
5770
|
};
|
|
5766
5771
|
|
|
5767
|
-
export { type AccessLevel, type ActivityData, type AiAssistantContentPart, type AiAssistantMessage, type AiChat, type AiChatMessage, type AiChatsQuery, type AiKnowledgeRetrievalPart, type AiKnowledgeSource, type AiOpaqueToolDefinition, type AiOpaqueToolInvocationProps, type AiReasoningPart, type AiRetrievalPart, type AiSourcesPart, type AiTextPart, type AiToolDefinition, type AiToolExecuteCallback, type AiToolExecuteContext, type AiToolInvocationPart, type AiToolInvocationProps, type AiToolTypePack, type AiUrlSource, type AiUserMessage, type AiWebRetrievalPart, type AsyncError, type AsyncLoading, type AsyncResult, type AsyncSuccess, type Awaitable, type BaseActivitiesData, type BaseAuthResult, type BaseGroupInfo, type BaseMetadata, type BaseRoomInfo, type BaseUserMeta, type Brand, type BroadcastEventClientMsg, type BroadcastOptions, type BroadcastedEventServerMsg, type ChildStorageNode, type Client, type ClientMsg, ClientMsgCode, type ClientOptions, type ClientWireOp, type CommentAttachment, type CommentBody, type CommentBodyBlockElement, type CommentBodyElement, type CommentBodyInlineElement, type CommentBodyLink, type CommentBodyLinkElementArgs, type CommentBodyMention, type CommentBodyMentionElementArgs, type CommentBodyParagraph, type CommentBodyParagraphElementArgs, type CommentBodyText, type CommentBodyTextElementArgs, type CommentData, type CommentDataPlain, type CommentLocalAttachment, type CommentMixedAttachment, type CommentReaction, type CommentUserReaction, type CommentUserReactionPlain, type CommentsEventServerMsg, type CompactChildNode, type CompactListNode, type CompactMapNode, type CompactNode, type CompactObjectNode, type CompactRegisterNode, type CompactRootNode, type ContextualPromptContext, type ContextualPromptResponse, type CopilotId, CrdtType, type CreateListOp, type CreateManagedPoolOptions, type CreateMapOp, type CreateObjectOp, type CreateOp, type CreateRegisterOp, type Cursor, type CustomAuthenticationResult, type DAD, type DCM, type DE, type DFM, type DFMD, type DGI, type DP, type DRI, type DS, type DTM, type DU, DefaultMap, type Delegates, type DeleteCrdtOp, type DeleteObjectKeyOp, Deque, DerivedSignal, DevToolsTreeNode as DevTools, protocol as DevToolsMsg, type DistributiveOmit, type EnsureJson, type EnterOptions, type EventSource, type Feed, type FeedCreateMetadata, type FeedDeletedServerMsg, type FeedFetchMetadataFilter, type FeedMessage, type FeedMessagesAddedServerMsg, type FeedMessagesDeletedServerMsg, type FeedMessagesListServerMsg, type FeedMessagesUpdatedServerMsg, type FeedRequestError, FeedRequestErrorCode, type FeedRequestFailedServerMsg, type FeedUpdateMetadata, type FeedsAddedServerMsg, type FeedsEventServerMsg, type FeedsListServerMsg, type FeedsUpdatedServerMsg, type FetchStorageClientMsg, type FetchYDocClientMsg, type GetThreadsOptions, type GroupData, type GroupDataPlain, type GroupMemberData, type GroupMentionData, type GroupScopes, type HasOpId, type History, type HistoryVersion, HttpError, type ISODateString, type ISignal, type IUserInfo, type IWebSocket, type IWebSocketCloseEvent, type IWebSocketEvent, type IWebSocketInstance, type IWebSocketMessageEvent, type IYjsProvider, type IgnoredOp, type Immutable, type InboxNotificationCustomData, type InboxNotificationCustomDataPlain, type InboxNotificationData, type InboxNotificationDataPlain, type InboxNotificationDeleteInfo, type InboxNotificationTextMentionData, type InboxNotificationTextMentionDataPlain, type InboxNotificationThreadData, type InboxNotificationThreadDataPlain, type InferFromSchema, type Json, type JsonArray, type JsonObject, type JsonScalar, type KDAD, type LayerKey, type ListStorageNode, LiveList, type LiveListUpdate, LiveMap, type LiveMapUpdate, type LiveNode, LiveObject, type LiveObjectUpdate, type LiveStructure, LiveblocksError, type LiveblocksErrorContext, type LostConnectionEvent, type Lson, type LsonObject, MENTION_CHARACTER, type ManagedPool, type MapStorageNode, type MentionData, type MessageId, MutableSignal, type NoInfr, type NodeMap, type NodeStream, type NotificationChannel, type NotificationChannelSettings, type NotificationKind, type NotificationSettings, type NotificationSettingsPlain, type ObjectStorageNode, type Observable, type Op, OpCode, type OpaqueClient, type OpaqueRoom, type OptionalTupleUnless, type OthersEvent, type ParentToChildNodeMap, type PartialNotificationSettings, type PartialUnless, type Patchable, Permission, type PermissionMatrix, type PermissionResources, type PlainLson, type PlainLsonFields, type PlainLsonList, type PlainLsonMap, type PlainLsonObject, type Poller, type PrivateClientApi, type PrivateRoomApi, Promise_withResolvers, type QueryMetadata, type QueryParams, type ReadonlyJson, type ReadonlyJsonObject, type RegisterStorageNode, type RejectedStorageOpServerMsg, type Relax, type RenderableToolResultResponse, type RequiredAccessLevel, type Resolve, type ResolveGroupsInfoArgs, type ResolveMentionSuggestionsArgs, type ResolveRoomsInfoArgs, type ResolveUsersArgs, type Room, type RoomAccesses, type RoomAccessesInput, type RoomAccessesUpdateInput, type RoomEventMessage, type RoomPermission, type RoomPermissionGrant, type RoomPermissionInput, type RoomStateServerMsg, type RoomSubscriptionSettings, type RootStorageNode, type SearchCommentsResult, type SerializedChild, type SerializedCrdt, type SerializedList, type SerializedMap, type SerializedObject, type SerializedRegister, type SerializedRootObject, type ServerMsg, ServerMsgCode, type ServerWireOp, type SetParentKeyOp, Signal, type SignalType, SortedList, type Status, type StorageChunkServerMsg, type StorageNode, type StorageStatus, type StorageUpdate, type StringifyCommentBodyElements, type StringifyCommentBodyOptions, type SubscriptionData, type SubscriptionDataPlain, type SubscriptionDeleteInfo, type SubscriptionDeleteInfoPlain, type SubscriptionKey, type SyncConfig, type SyncMode, type SyncSource, type SyncStatus, TextEditorType, type ThreadData, type ThreadDataPlain, type ThreadDataWithDeleteInfo, type ThreadDeleteInfo, type ToJson, type ToolResultResponse, type URLSafeString, type UnsubscribeCallback, type UpdateObjectOp, type UpdatePresenceClientMsg, type UpdatePresenceServerMsg, type UpdateStorageClientMsg, type UpdateStorageServerMsg, type UpdateYDocClientMsg, type UploadAttachmentOptions, type UrlMetadata, type User, type UserJoinServerMsg, type UserLeftServerMsg, type UserMentionData, type UserRoomSubscriptionSettings, type UserSubscriptionData, type UserSubscriptionDataPlain, WebsocketCloseCodes, type WithNavigation, type WithOptional, type WithRequired, type YDocUpdateServerMsg, type YjsSyncStatus, asPos, assert, assertNever, autoRetry, b64decode, batch, checkBounds, chunk, cloneLson, compactNodesToNodeStream, compactObject, fancyConsole as console, convertToCommentData, convertToCommentUserReaction, convertToGroupData, convertToInboxNotificationData, convertToSubscriptionData, convertToThreadData, convertToUserSubscriptionData, createClient, createCommentAttachmentId, createCommentId, createInboxNotificationId, createManagedPool, createNotificationSettings, createThreadId, deepLiveify, defineAiTool, deprecate, deprecateIf, detectDupes, entries, errorIf, findLastIndex, freeze, generateUrl, getMentionsFromCommentBody, getSubscriptionKey, hasPermissionAccess, html, htmlSafe, isCommentBodyLink, isCommentBodyMention, isCommentBodyText, isJsonArray, isJsonObject, isJsonScalar, isListStorageNode, isLiveNode, isMapStorageNode, isNotificationChannelEnabled, isNumberOperator, isObjectStorageNode, isPlainObject, isRegisterStorageNode, isRootStorageNode, isStartsWithOperator, isUrl, kInternal, keys, makeAbortController, makeEventSource, makePoller, makePosition, mapValues, memoizeOnSuccess, mergePermissionMatrices, nanoid, nn, nodeStreamToCompactNodes, normalizeRoomAccessesInput, normalizeRoomAccessesUpdateInput, normalizeRoomPermissionInput, objectToQuery, patchNotificationSettings, permissionMatrixFromScopes, permissionMatrixToScopes, raise, resolveMentionsInCommentBody, sanitizeUrl, shallow, shallow2, stableStringify, stringifyCommentBody, throwUsageError, toPlainLson, tryParseJson, url, urljoin, wait, warnOnce, warnOnceIf, withTimeout };
|
|
5772
|
+
export { type AccessLevel, type ActivityData, type AiAssistantContentPart, type AiAssistantMessage, type AiChat, type AiChatMessage, type AiChatsQuery, type AiKnowledgeRetrievalPart, type AiKnowledgeSource, type AiOpaqueToolDefinition, type AiOpaqueToolInvocationProps, type AiReasoningPart, type AiRetrievalPart, type AiSourcesPart, type AiTextPart, type AiToolDefinition, type AiToolExecuteCallback, type AiToolExecuteContext, type AiToolInvocationPart, type AiToolInvocationProps, type AiToolTypePack, type AiUrlSource, type AiUserMessage, type AiWebRetrievalPart, type AsyncError, type AsyncLoading, type AsyncResult, type AsyncSuccess, type Awaitable, type BaseActivitiesData, type BaseAuthResult, type BaseGroupInfo, type BaseMetadata, type BaseRoomInfo, type BaseUserMeta, type Brand, type BroadcastEventClientMsg, type BroadcastOptions, type BroadcastedEventServerMsg, type ChildStorageNode, type Client, type ClientMsg, ClientMsgCode, type ClientOptions, type ClientWireOp, type CommentAttachment, type CommentBody, type CommentBodyBlockElement, type CommentBodyElement, type CommentBodyInlineElement, type CommentBodyLink, type CommentBodyLinkElementArgs, type CommentBodyMention, type CommentBodyMentionElementArgs, type CommentBodyParagraph, type CommentBodyParagraphElementArgs, type CommentBodyText, type CommentBodyTextElementArgs, type CommentData, type CommentDataPlain, type CommentLocalAttachment, type CommentMixedAttachment, type CommentReaction, type CommentUserReaction, type CommentUserReactionPlain, type CommentsEventServerMsg, type CompactChildNode, type CompactListNode, type CompactMapNode, type CompactNode, type CompactObjectNode, type CompactRegisterNode, type CompactRootNode, type ContextualPromptContext, type ContextualPromptResponse, type CopilotId, CrdtType, type CreateListOp, type CreateManagedPoolOptions, type CreateMapOp, type CreateObjectOp, type CreateOp, type CreateRegisterOp, type Cursor, type CustomAuthenticationResult, type DAD, type DCM, type DE, type DFM, type DFMD, type DGI, type DP, type DRI, type DS, type DTM, type DU, DefaultMap, type Delegates, type DeleteCrdtOp, type DeleteObjectKeyOp, Deque, DerivedSignal, DevToolsTreeNode as DevTools, protocol as DevToolsMsg, type DistributiveOmit, type EnsureJson, type EnterOptions, type EventSource, type Feed, type FeedCreateMetadata, type FeedDeletedServerMsg, type FeedFetchMetadataFilter, type FeedMessage, type FeedMessagesAddedServerMsg, type FeedMessagesDeletedServerMsg, type FeedMessagesListServerMsg, type FeedMessagesUpdatedServerMsg, type FeedRequestError, FeedRequestErrorCode, type FeedRequestFailedServerMsg, type FeedUpdateMetadata, type FeedsAddedServerMsg, type FeedsEventServerMsg, type FeedsListServerMsg, type FeedsUpdatedServerMsg, type FetchStorageClientMsg, type FetchYDocClientMsg, type GetThreadsOptions, type GroupData, type GroupDataPlain, type GroupMemberData, type GroupMentionData, type GroupScopes, type HasOpId, type History, type HistoryVersion, HttpError, type ISODateString, type ISignal, type IUserInfo, type IWebSocket, type IWebSocketCloseEvent, type IWebSocketEvent, type IWebSocketInstance, type IWebSocketMessageEvent, type IYjsProvider, type IgnoredOp, type Immutable, type InboxNotificationCustomData, type InboxNotificationCustomDataPlain, type InboxNotificationData, type InboxNotificationDataPlain, type InboxNotificationDeleteInfo, type InboxNotificationTextMentionData, type InboxNotificationTextMentionDataPlain, type InboxNotificationThreadData, type InboxNotificationThreadDataPlain, type InferFromSchema, type Json, type JsonArray, type JsonObject, type JsonScalar, type KDAD, type LayerKey, type ListStorageNode, LiveList, type LiveListUpdate, LiveMap, type LiveMapUpdate, type LiveNode, LiveObject, type LiveObjectUpdate, type LiveStructure, LiveblocksError, type LiveblocksErrorContext, type LostConnectionEvent, type Lson, type LsonObject, MENTION_CHARACTER, type ManagedPool, type MapStorageNode, type MentionData, type MessageId, MutableSignal, type NoInfr, type NodeMap, type NodeStream, type NotificationChannel, type NotificationChannelSettings, type NotificationKind, type NotificationSettings, type NotificationSettingsPlain, type ObjectStorageNode, type Observable, type Op, OpCode, type OpaqueClient, type OpaqueRoom, type OptionalTupleUnless, type OthersEvent, type ParentToChildNodeMap, type PartialNotificationSettings, type PartialUnless, type Patchable, Permission, type PermissionMatrix, type PermissionResources, type PlainLson, type PlainLsonFields, type PlainLsonList, type PlainLsonMap, type PlainLsonObject, type Poller, type PrivateClientApi, type PrivateRoomApi, Promise_withResolvers, type QueryMetadata, type QueryParams, type ReadonlyJson, type ReadonlyJsonObject, type RegisterStorageNode, type RejectedStorageOpServerMsg, type Relax, type RenderableToolResultResponse, type RequiredAccessLevel, type Resolve, type ResolveGroupsInfoArgs, type ResolveMentionSuggestionsArgs, type ResolveRoomsInfoArgs, type ResolveUsersArgs, type Room, type RoomAccesses, type RoomAccessesInput, type RoomAccessesUpdateInput, type RoomEventMessage, type RoomPermission, type RoomPermissionGrant, type RoomPermissionInput, type RoomPermissionSources, type RoomStateServerMsg, type RoomSubscriptionSettings, type RootStorageNode, type SearchCommentsResult, type SerializedChild, type SerializedCrdt, type SerializedList, type SerializedMap, type SerializedObject, type SerializedRegister, type SerializedRootObject, type ServerMsg, ServerMsgCode, type ServerWireOp, type SetParentKeyOp, Signal, type SignalType, SortedList, type Status, type StorageChunkServerMsg, type StorageNode, type StorageStatus, type StorageUpdate, type StringifyCommentBodyElements, type StringifyCommentBodyOptions, type SubscriptionData, type SubscriptionDataPlain, type SubscriptionDeleteInfo, type SubscriptionDeleteInfoPlain, type SubscriptionKey, type SyncConfig, type SyncMode, type SyncSource, type SyncStatus, TextEditorType, type ThreadData, type ThreadDataPlain, type ThreadDataWithDeleteInfo, type ThreadDeleteInfo, type ToJson, type ToolResultResponse, type URLSafeString, type UnsubscribeCallback, type UpdateObjectOp, type UpdatePresenceClientMsg, type UpdatePresenceServerMsg, type UpdateStorageClientMsg, type UpdateStorageServerMsg, type UpdateYDocClientMsg, type UploadAttachmentOptions, type UrlMetadata, type User, type UserJoinServerMsg, type UserLeftServerMsg, type UserMentionData, type UserRoomSubscriptionSettings, type UserSubscriptionData, type UserSubscriptionDataPlain, WebsocketCloseCodes, type WithNavigation, type WithOptional, type WithRequired, type YDocUpdateServerMsg, type YjsSyncStatus, asPos, assert, assertNever, autoRetry, b64decode, batch, checkBounds, chunk, cloneLson, compactNodesToNodeStream, compactObject, fancyConsole as console, convertToCommentData, convertToCommentUserReaction, convertToGroupData, convertToInboxNotificationData, convertToSubscriptionData, convertToThreadData, convertToUserSubscriptionData, createClient, createCommentAttachmentId, createCommentId, createInboxNotificationId, createManagedPool, createNotificationSettings, createThreadId, deepLiveify, defineAiTool, deprecate, deprecateIf, detectDupes, entries, errorIf, findLastIndex, freeze, generateUrl, getMentionsFromCommentBody, getSubscriptionKey, hasPermissionAccess, html, htmlSafe, isCommentBodyLink, isCommentBodyMention, isCommentBodyText, isJsonArray, isJsonObject, isJsonScalar, isListStorageNode, isLiveNode, isMapStorageNode, isNotificationChannelEnabled, isNumberOperator, isObjectStorageNode, isPlainObject, isRegisterStorageNode, isRootStorageNode, isStartsWithOperator, isUrl, kInternal, keys, makeAbortController, makeEventSource, makePoller, makePosition, mapValues, memoizeOnSuccess, mergePermissionMatrices, mergeRoomPermissionScopes, nanoid, nn, nodeStreamToCompactNodes, normalizeRoomAccessesInput, normalizeRoomAccessesUpdateInput, normalizeRoomPermissionInput, objectToQuery, patchNotificationSettings, permissionMatrixFromScopes, permissionMatrixToScopes, raise, resolveMentionsInCommentBody, sanitizeUrl, shallow, shallow2, stableStringify, stringifyCommentBody, throwUsageError, toPlainLson, tryParseJson, url, urljoin, wait, warnOnce, warnOnceIf, withTimeout };
|
package/dist/index.js
CHANGED
|
@@ -6,7 +6,7 @@ var __export = (target, all) => {
|
|
|
6
6
|
|
|
7
7
|
// src/version.ts
|
|
8
8
|
var PKG_NAME = "@liveblocks/core";
|
|
9
|
-
var PKG_VERSION = "3.20.0-
|
|
9
|
+
var PKG_VERSION = "3.20.0-perm6";
|
|
10
10
|
var PKG_FORMAT = "esm";
|
|
11
11
|
|
|
12
12
|
// src/dupe-detection.ts
|
|
@@ -5167,7 +5167,7 @@ function createReceivingToolInvocation(invocationId, name, partialArgsText = "")
|
|
|
5167
5167
|
};
|
|
5168
5168
|
}
|
|
5169
5169
|
|
|
5170
|
-
// src/
|
|
5170
|
+
// src/permissions.ts
|
|
5171
5171
|
var Permission = {
|
|
5172
5172
|
/**
|
|
5173
5173
|
* Default permission for a room.
|
|
@@ -5202,24 +5202,13 @@ var Permission = {
|
|
|
5202
5202
|
*/
|
|
5203
5203
|
LegacyRoomPresenceWrite: "room:presence:write"
|
|
5204
5204
|
};
|
|
5205
|
-
var ACCESS_LEVELS = [
|
|
5206
|
-
|
|
5207
|
-
"read",
|
|
5208
|
-
"write"
|
|
5209
|
-
];
|
|
5210
|
-
var ACCESS_RANKS = {
|
|
5205
|
+
var ACCESS_LEVELS = ["none", "read", "write"];
|
|
5206
|
+
var ACCESS_LEVEL_RANKS = {
|
|
5211
5207
|
none: 0,
|
|
5212
5208
|
read: 1,
|
|
5213
5209
|
write: 2
|
|
5214
5210
|
};
|
|
5215
|
-
var
|
|
5216
|
-
room: "none",
|
|
5217
|
-
storage: "none",
|
|
5218
|
-
comments: "none",
|
|
5219
|
-
feeds: "none",
|
|
5220
|
-
personal: "write"
|
|
5221
|
-
};
|
|
5222
|
-
var RESOURCE_PERMISSIONS = {
|
|
5211
|
+
var PERMISSIONS_BY_RESOURCE = {
|
|
5223
5212
|
room: {
|
|
5224
5213
|
read: [Permission.Read, Permission.RoomRead],
|
|
5225
5214
|
write: [Permission.Write, Permission.RoomWrite]
|
|
@@ -5243,14 +5232,22 @@ var RESOURCE_PERMISSIONS = {
|
|
|
5243
5232
|
none: [Permission.FeedsNone]
|
|
5244
5233
|
}
|
|
5245
5234
|
};
|
|
5246
|
-
var
|
|
5235
|
+
var NO_PERMISSION_MATRIX = {
|
|
5236
|
+
room: "none",
|
|
5237
|
+
storage: "none",
|
|
5238
|
+
comments: "none",
|
|
5239
|
+
feeds: "none",
|
|
5240
|
+
personal: "none"
|
|
5241
|
+
};
|
|
5242
|
+
var BASE_PERMISSION_RESOURCE = "room";
|
|
5247
5243
|
var ROOM_PERMISSION_RESOURCES = [
|
|
5248
5244
|
"storage",
|
|
5249
5245
|
"comments",
|
|
5250
5246
|
"feeds"
|
|
5251
5247
|
];
|
|
5248
|
+
var VALID_PERMISSIONS = new Set(Object.values(Permission));
|
|
5252
5249
|
function resolveResourceAccess(scopes, resource) {
|
|
5253
|
-
const permissions =
|
|
5250
|
+
const permissions = PERMISSIONS_BY_RESOURCE[resource];
|
|
5254
5251
|
let resourceAccess;
|
|
5255
5252
|
for (const access of ACCESS_LEVELS) {
|
|
5256
5253
|
const scopedPermissions = permissions[access];
|
|
@@ -5260,13 +5257,14 @@ function resolveResourceAccess(scopes, resource) {
|
|
|
5260
5257
|
}
|
|
5261
5258
|
return resourceAccess;
|
|
5262
5259
|
}
|
|
5263
|
-
function
|
|
5260
|
+
function permissionMatrixFromResolvedScopes(resolved) {
|
|
5264
5261
|
if (!resolved.hasDefaultPermission) {
|
|
5265
|
-
return NO_PERMISSION_MATRIX;
|
|
5262
|
+
return { ...NO_PERMISSION_MATRIX };
|
|
5266
5263
|
}
|
|
5267
5264
|
const matrix = {
|
|
5268
5265
|
...NO_PERMISSION_MATRIX,
|
|
5269
|
-
[
|
|
5266
|
+
[BASE_PERMISSION_RESOURCE]: resolved.baseAccess,
|
|
5267
|
+
personal: "write"
|
|
5270
5268
|
};
|
|
5271
5269
|
for (const resource of ROOM_PERMISSION_RESOURCES) {
|
|
5272
5270
|
matrix[resource] = resolved.matrix[resource] ?? resolved.baseAccess;
|
|
@@ -5274,9 +5272,9 @@ function resolveFullPermissionMatrix(resolved) {
|
|
|
5274
5272
|
return matrix;
|
|
5275
5273
|
}
|
|
5276
5274
|
function permissionMatrixFromScopes(scopes) {
|
|
5277
|
-
return
|
|
5275
|
+
return permissionMatrixFromResolvedScopes(resolvePermissionScopes(scopes));
|
|
5278
5276
|
}
|
|
5279
|
-
function
|
|
5277
|
+
function resolvePermissionScopes(scopes) {
|
|
5280
5278
|
const hasDefaultPermission = scopes.includes(Permission.Write) || scopes.includes(Permission.Read) || scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
|
|
5281
5279
|
const baseAccess = scopes.includes(Permission.Write) || scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.Read) || scopes.includes(Permission.RoomRead) ? "read" : "none";
|
|
5282
5280
|
const matrix = {};
|
|
@@ -5288,26 +5286,9 @@ function resolvePermissionMatrix(scopes) {
|
|
|
5288
5286
|
}
|
|
5289
5287
|
return { hasDefaultPermission, baseAccess, matrix };
|
|
5290
5288
|
}
|
|
5291
|
-
function hasPermissionAccess(
|
|
5292
|
-
const matrix = isPermissionScopes(source) ? permissionMatrixFromScopes(source) : source;
|
|
5289
|
+
function hasPermissionAccess(matrix, resource, requiredAccess) {
|
|
5293
5290
|
const access = matrix[resource] ?? "none";
|
|
5294
|
-
return
|
|
5295
|
-
}
|
|
5296
|
-
function isPermissionScopes(source) {
|
|
5297
|
-
return Array.isArray(source);
|
|
5298
|
-
}
|
|
5299
|
-
|
|
5300
|
-
// src/permissions.ts
|
|
5301
|
-
var VALID_PERMISSIONS = new Set(Object.values(Permission));
|
|
5302
|
-
function permissionForAccessLevel(resource, access, field = resource) {
|
|
5303
|
-
const levels = RESOURCE_PERMISSIONS[resource];
|
|
5304
|
-
const permissions = levels[access];
|
|
5305
|
-
if (permissions === void 0 || permissions.length === 0) {
|
|
5306
|
-
throw new Error(
|
|
5307
|
-
`Invalid permission level for ${field}: ${JSON.stringify(access) ?? String(access)}`
|
|
5308
|
-
);
|
|
5309
|
-
}
|
|
5310
|
-
return permissions[0];
|
|
5291
|
+
return ACCESS_LEVEL_RANKS[access] >= ACCESS_LEVEL_RANKS[requiredAccess];
|
|
5311
5292
|
}
|
|
5312
5293
|
function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
5313
5294
|
const matchedPermissions = permissions.filter(
|
|
@@ -5321,7 +5302,7 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
|
5321
5302
|
const explicitMatrix = {};
|
|
5322
5303
|
const explicitSpecificity = {};
|
|
5323
5304
|
for (const permission of matchedPermissions) {
|
|
5324
|
-
const resolved =
|
|
5305
|
+
const resolved = resolvePermissionScopes(permission.scopes);
|
|
5325
5306
|
const specificity = getResourceSpecificity(permission.resource);
|
|
5326
5307
|
if (resolved.hasDefaultPermission) {
|
|
5327
5308
|
hasDefaultPermission = true;
|
|
@@ -5343,7 +5324,7 @@ function resolveRoomPermissionMatrix(permissions, roomId) {
|
|
|
5343
5324
|
}
|
|
5344
5325
|
}
|
|
5345
5326
|
}
|
|
5346
|
-
return
|
|
5327
|
+
return permissionMatrixFromResolvedScopes({
|
|
5347
5328
|
hasDefaultPermission,
|
|
5348
5329
|
baseAccess,
|
|
5349
5330
|
matrix: explicitMatrix
|
|
@@ -5388,16 +5369,14 @@ function mergePermissionMatrices(sources) {
|
|
|
5388
5369
|
storage: strongestMatrixAccess(sources, "storage"),
|
|
5389
5370
|
comments: strongestMatrixAccess(sources, "comments"),
|
|
5390
5371
|
feeds: strongestMatrixAccess(sources, "feeds"),
|
|
5391
|
-
personal: "
|
|
5372
|
+
personal: strongestMatrixAccess(sources, "personal")
|
|
5392
5373
|
};
|
|
5393
5374
|
}
|
|
5394
5375
|
function permissionMatrixToScopes(matrix) {
|
|
5395
5376
|
const scopes = [];
|
|
5396
5377
|
const baseAccess = matrix.room;
|
|
5397
5378
|
if (baseAccess !== "none") {
|
|
5398
|
-
scopes.push(
|
|
5399
|
-
permissionForAccessLevel(DEFAULT_PERMISSION_RESOURCE, baseAccess)
|
|
5400
|
-
);
|
|
5379
|
+
scopes.push(permissionForAccessLevel(BASE_PERMISSION_RESOURCE, baseAccess));
|
|
5401
5380
|
}
|
|
5402
5381
|
for (const resource of ROOM_PERMISSION_RESOURCES) {
|
|
5403
5382
|
const access = matrix[resource];
|
|
@@ -5407,6 +5386,28 @@ function permissionMatrixToScopes(matrix) {
|
|
|
5407
5386
|
}
|
|
5408
5387
|
return scopes;
|
|
5409
5388
|
}
|
|
5389
|
+
function mergeRoomPermissionScopes({
|
|
5390
|
+
defaultAccesses,
|
|
5391
|
+
groupsAccesses,
|
|
5392
|
+
userAccesses
|
|
5393
|
+
}) {
|
|
5394
|
+
const sources = [
|
|
5395
|
+
permissionMatrixFromScopes(defaultAccesses),
|
|
5396
|
+
...groupsAccesses.map((scopes) => permissionMatrixFromScopes(scopes)),
|
|
5397
|
+
...userAccesses !== void 0 ? [permissionMatrixFromScopes(userAccesses)] : []
|
|
5398
|
+
];
|
|
5399
|
+
return permissionMatrixToScopes(mergePermissionMatrices(sources));
|
|
5400
|
+
}
|
|
5401
|
+
function permissionForAccessLevel(resource, access, field = resource) {
|
|
5402
|
+
const levels = PERMISSIONS_BY_RESOURCE[resource];
|
|
5403
|
+
const permissions = levels[access];
|
|
5404
|
+
if (permissions === void 0 || permissions.length === 0) {
|
|
5405
|
+
throw new Error(
|
|
5406
|
+
`Invalid permission level for ${field}: ${JSON.stringify(access) ?? String(access)}`
|
|
5407
|
+
);
|
|
5408
|
+
}
|
|
5409
|
+
return permissions[0];
|
|
5410
|
+
}
|
|
5410
5411
|
function strongestMatrixAccess(sources, resource) {
|
|
5411
5412
|
return sources.reduce(
|
|
5412
5413
|
(strongest, source) => strongestAccess(strongest, source[resource]),
|
|
@@ -5414,7 +5415,7 @@ function strongestMatrixAccess(sources, resource) {
|
|
|
5414
5415
|
);
|
|
5415
5416
|
}
|
|
5416
5417
|
function strongestAccess(left, right) {
|
|
5417
|
-
return
|
|
5418
|
+
return ACCESS_LEVEL_RANKS[right] > ACCESS_LEVEL_RANKS[left] ? right : left;
|
|
5418
5419
|
}
|
|
5419
5420
|
function resourceMatchesRoomId(resource, roomId) {
|
|
5420
5421
|
if (resource.includes("*")) {
|
|
@@ -9501,14 +9502,22 @@ var ClientMsgCode = Object.freeze({
|
|
|
9501
9502
|
// src/refs/ManagedOthers.ts
|
|
9502
9503
|
function makeUser(conn, presence) {
|
|
9503
9504
|
const { connectionId, id, info } = conn;
|
|
9504
|
-
const canWrite = hasPermissionAccess(
|
|
9505
|
+
const canWrite = hasPermissionAccess(
|
|
9506
|
+
conn.permissionMatrix,
|
|
9507
|
+
"storage",
|
|
9508
|
+
"write"
|
|
9509
|
+
);
|
|
9505
9510
|
return freeze(
|
|
9506
9511
|
compactObject({
|
|
9507
9512
|
connectionId,
|
|
9508
9513
|
id,
|
|
9509
9514
|
info,
|
|
9510
9515
|
canWrite,
|
|
9511
|
-
canComment: hasPermissionAccess(
|
|
9516
|
+
canComment: hasPermissionAccess(
|
|
9517
|
+
conn.permissionMatrix,
|
|
9518
|
+
"comments",
|
|
9519
|
+
"write"
|
|
9520
|
+
),
|
|
9512
9521
|
isReadOnly: !canWrite,
|
|
9513
9522
|
// Deprecated, kept for backward-compatibility
|
|
9514
9523
|
presence
|
|
@@ -9587,7 +9596,7 @@ var ManagedOthers = class {
|
|
|
9587
9596
|
connectionId,
|
|
9588
9597
|
id: metaUserId,
|
|
9589
9598
|
info: metaUserInfo,
|
|
9590
|
-
scopes
|
|
9599
|
+
permissionMatrix: permissionMatrixFromScopes(scopes)
|
|
9591
9600
|
})
|
|
9592
9601
|
);
|
|
9593
9602
|
if (!state.presences.has(connectionId)) {
|
|
@@ -9964,8 +9973,8 @@ function createRoom(options, config) {
|
|
|
9964
9973
|
}
|
|
9965
9974
|
}
|
|
9966
9975
|
function isStorageWritable() {
|
|
9967
|
-
const
|
|
9968
|
-
return
|
|
9976
|
+
const permissionMatrix = context.dynamicSessionInfoSig.get()?.permissionMatrix;
|
|
9977
|
+
return permissionMatrix !== void 0 ? hasPermissionAccess(permissionMatrix, "storage", "write") : true;
|
|
9969
9978
|
}
|
|
9970
9979
|
const eventHub = {
|
|
9971
9980
|
status: makeEventSource(),
|
|
@@ -10027,7 +10036,7 @@ function createRoom(options, config) {
|
|
|
10027
10036
|
return null;
|
|
10028
10037
|
} else {
|
|
10029
10038
|
const canWrite = hasPermissionAccess(
|
|
10030
|
-
dynamicSession.
|
|
10039
|
+
dynamicSession.permissionMatrix,
|
|
10031
10040
|
"storage",
|
|
10032
10041
|
"write"
|
|
10033
10042
|
);
|
|
@@ -10038,7 +10047,7 @@ function createRoom(options, config) {
|
|
|
10038
10047
|
presence: myPresence,
|
|
10039
10048
|
canWrite,
|
|
10040
10049
|
canComment: hasPermissionAccess(
|
|
10041
|
-
dynamicSession.
|
|
10050
|
+
dynamicSession.permissionMatrix,
|
|
10042
10051
|
"comments",
|
|
10043
10052
|
"write"
|
|
10044
10053
|
)
|
|
@@ -10330,7 +10339,7 @@ function createRoom(options, config) {
|
|
|
10330
10339
|
context.dynamicSessionInfoSig.set({
|
|
10331
10340
|
actor: message.actor,
|
|
10332
10341
|
nonce: message.nonce,
|
|
10333
|
-
|
|
10342
|
+
permissionMatrix: permissionMatrixFromScopes(message.scopes),
|
|
10334
10343
|
meta: message.meta
|
|
10335
10344
|
});
|
|
10336
10345
|
context.idFactory = makeIdFactory(message.actor);
|
|
@@ -12677,6 +12686,7 @@ export {
|
|
|
12677
12686
|
mapValues,
|
|
12678
12687
|
memoizeOnSuccess,
|
|
12679
12688
|
mergePermissionMatrices,
|
|
12689
|
+
mergeRoomPermissionScopes,
|
|
12680
12690
|
nanoid,
|
|
12681
12691
|
nn,
|
|
12682
12692
|
nodeStreamToCompactNodes,
|