@liveblocks/core 3.20.0-rc1 → 3.20.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -6,7 +6,7 @@ var __export = (target, all) => {
6
6
 
7
7
  // src/version.ts
8
8
  var PKG_NAME = "@liveblocks/core";
9
- var PKG_VERSION = "3.20.0-rc1";
9
+ var PKG_VERSION = "3.20.1";
10
10
  var PKG_FORMAT = "esm";
11
11
 
12
12
  // src/dupe-detection.ts
@@ -1570,7 +1570,6 @@ function isUrl(string) {
1570
1570
  function createApiClient({
1571
1571
  baseUrl,
1572
1572
  authManager,
1573
- currentUserId,
1574
1573
  fetchPolyfill
1575
1574
  }) {
1576
1575
  const httpClient = new HttpClient(baseUrl, fetchPolyfill);
@@ -1578,8 +1577,9 @@ function createApiClient({
1578
1577
  const result = await httpClient.get(
1579
1578
  url`/v2/c/rooms/${options.roomId}/threads/delta`,
1580
1579
  await authManager.getAuthValue({
1581
- requestedScope: "comments:read",
1582
- roomId: options.roomId
1580
+ roomId: options.roomId,
1581
+ resource: "comments",
1582
+ access: "read"
1583
1583
  }),
1584
1584
  {
1585
1585
  since: options.since.toISOString()
@@ -1617,8 +1617,9 @@ function createApiClient({
1617
1617
  const result = await httpClient.get(
1618
1618
  url`/v2/c/rooms/${options.roomId}/threads`,
1619
1619
  await authManager.getAuthValue({
1620
- requestedScope: "comments:read",
1621
- roomId: options.roomId
1620
+ roomId: options.roomId,
1621
+ resource: "comments",
1622
+ access: "read"
1622
1623
  }),
1623
1624
  {
1624
1625
  cursor: options.cursor,
@@ -1662,8 +1663,9 @@ function createApiClient({
1662
1663
  const result = await httpClient.get(
1663
1664
  url`/v2/c/rooms/${options.roomId}/threads/comments/search`,
1664
1665
  await authManager.getAuthValue({
1665
- requestedScope: "comments:read",
1666
- roomId: options.roomId
1666
+ roomId: options.roomId,
1667
+ resource: "comments",
1668
+ access: "read"
1667
1669
  }),
1668
1670
  {
1669
1671
  text: options.query.text,
@@ -1684,8 +1686,9 @@ function createApiClient({
1684
1686
  const thread = await httpClient.post(
1685
1687
  url`/v2/c/rooms/${options.roomId}/threads`,
1686
1688
  await authManager.getAuthValue({
1687
- requestedScope: "comments:read",
1688
- roomId: options.roomId
1689
+ roomId: options.roomId,
1690
+ resource: "comments",
1691
+ access: "write"
1689
1692
  }),
1690
1693
  {
1691
1694
  id: threadId,
@@ -1704,8 +1707,9 @@ function createApiClient({
1704
1707
  await httpClient.delete(
1705
1708
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}`,
1706
1709
  await authManager.getAuthValue({
1707
- requestedScope: "comments:read",
1708
- roomId: options.roomId
1710
+ roomId: options.roomId,
1711
+ resource: "comments",
1712
+ access: "write"
1709
1713
  })
1710
1714
  );
1711
1715
  }
@@ -1713,8 +1717,9 @@ function createApiClient({
1713
1717
  const response = await httpClient.rawGet(
1714
1718
  url`/v2/c/rooms/${options.roomId}/thread-with-notification/${options.threadId}`,
1715
1719
  await authManager.getAuthValue({
1716
- requestedScope: "comments:read",
1717
- roomId: options.roomId
1720
+ roomId: options.roomId,
1721
+ resource: "comments",
1722
+ access: "read"
1718
1723
  })
1719
1724
  );
1720
1725
  if (response.ok) {
@@ -1740,8 +1745,9 @@ function createApiClient({
1740
1745
  return await httpClient.post(
1741
1746
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/metadata`,
1742
1747
  await authManager.getAuthValue({
1743
- requestedScope: "comments:read",
1744
- roomId: options.roomId
1748
+ roomId: options.roomId,
1749
+ resource: "comments",
1750
+ access: "write"
1745
1751
  }),
1746
1752
  options.metadata
1747
1753
  );
@@ -1750,8 +1756,9 @@ function createApiClient({
1750
1756
  return await httpClient.post(
1751
1757
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments/${options.commentId}/metadata`,
1752
1758
  await authManager.getAuthValue({
1753
- requestedScope: "comments:read",
1754
- roomId: options.roomId
1759
+ roomId: options.roomId,
1760
+ resource: "comments",
1761
+ access: "write"
1755
1762
  }),
1756
1763
  options.metadata
1757
1764
  );
@@ -1761,8 +1768,9 @@ function createApiClient({
1761
1768
  const comment = await httpClient.post(
1762
1769
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments`,
1763
1770
  await authManager.getAuthValue({
1764
- requestedScope: "comments:read",
1765
- roomId: options.roomId
1771
+ roomId: options.roomId,
1772
+ resource: "comments",
1773
+ access: "write"
1766
1774
  }),
1767
1775
  {
1768
1776
  id: commentId,
@@ -1777,8 +1785,9 @@ function createApiClient({
1777
1785
  const comment = await httpClient.post(
1778
1786
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments/${options.commentId}`,
1779
1787
  await authManager.getAuthValue({
1780
- requestedScope: "comments:read",
1781
- roomId: options.roomId
1788
+ roomId: options.roomId,
1789
+ resource: "comments",
1790
+ access: "write"
1782
1791
  }),
1783
1792
  {
1784
1793
  body: options.body,
@@ -1792,8 +1801,9 @@ function createApiClient({
1792
1801
  await httpClient.delete(
1793
1802
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments/${options.commentId}`,
1794
1803
  await authManager.getAuthValue({
1795
- requestedScope: "comments:read",
1796
- roomId: options.roomId
1804
+ roomId: options.roomId,
1805
+ resource: "comments",
1806
+ access: "write"
1797
1807
  })
1798
1808
  );
1799
1809
  }
@@ -1801,8 +1811,9 @@ function createApiClient({
1801
1811
  const reaction = await httpClient.post(
1802
1812
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments/${options.commentId}/reactions`,
1803
1813
  await authManager.getAuthValue({
1804
- requestedScope: "comments:read",
1805
- roomId: options.roomId
1814
+ roomId: options.roomId,
1815
+ resource: "comments",
1816
+ access: "write"
1806
1817
  }),
1807
1818
  { emoji: options.emoji }
1808
1819
  );
@@ -1812,8 +1823,9 @@ function createApiClient({
1812
1823
  await httpClient.delete(
1813
1824
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/comments/${options.commentId}/reactions/${options.emoji}`,
1814
1825
  await authManager.getAuthValue({
1815
- requestedScope: "comments:read",
1816
- roomId: options.roomId
1826
+ roomId: options.roomId,
1827
+ resource: "comments",
1828
+ access: "write"
1817
1829
  })
1818
1830
  );
1819
1831
  }
@@ -1821,8 +1833,9 @@ function createApiClient({
1821
1833
  await httpClient.post(
1822
1834
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/mark-as-resolved`,
1823
1835
  await authManager.getAuthValue({
1824
- requestedScope: "comments:read",
1825
- roomId: options.roomId
1836
+ roomId: options.roomId,
1837
+ resource: "comments",
1838
+ access: "write"
1826
1839
  })
1827
1840
  );
1828
1841
  }
@@ -1830,8 +1843,9 @@ function createApiClient({
1830
1843
  await httpClient.post(
1831
1844
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/mark-as-unresolved`,
1832
1845
  await authManager.getAuthValue({
1833
- requestedScope: "comments:read",
1834
- roomId: options.roomId
1846
+ roomId: options.roomId,
1847
+ resource: "comments",
1848
+ access: "write"
1835
1849
  })
1836
1850
  );
1837
1851
  }
@@ -1839,8 +1853,9 @@ function createApiClient({
1839
1853
  const subscription = await httpClient.post(
1840
1854
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/subscribe`,
1841
1855
  await authManager.getAuthValue({
1842
- requestedScope: "comments:read",
1843
- roomId: options.roomId
1856
+ roomId: options.roomId,
1857
+ resource: "comments",
1858
+ access: "read"
1844
1859
  })
1845
1860
  );
1846
1861
  return convertToSubscriptionData(subscription);
@@ -1849,8 +1864,9 @@ function createApiClient({
1849
1864
  await httpClient.post(
1850
1865
  url`/v2/c/rooms/${options.roomId}/threads/${options.threadId}/unsubscribe`,
1851
1866
  await authManager.getAuthValue({
1852
- requestedScope: "comments:read",
1853
- roomId: options.roomId
1867
+ roomId: options.roomId,
1868
+ resource: "comments",
1869
+ access: "read"
1854
1870
  })
1855
1871
  );
1856
1872
  }
@@ -1906,8 +1922,9 @@ function createApiClient({
1906
1922
  async () => httpClient.putBlob(
1907
1923
  url`/v2/c/rooms/${roomId}/attachments/${attachment.id}/upload/${encodeURIComponent(attachment.name)}`,
1908
1924
  await authManager.getAuthValue({
1909
- requestedScope: "comments:read",
1910
- roomId
1925
+ roomId,
1926
+ resource: "comments",
1927
+ access: "write"
1911
1928
  }),
1912
1929
  attachment.file,
1913
1930
  { fileSize: attachment.size },
@@ -1924,8 +1941,9 @@ function createApiClient({
1924
1941
  async () => httpClient.post(
1925
1942
  url`/v2/c/rooms/${roomId}/attachments/${attachment.id}/multipart/${encodeURIComponent(attachment.name)}`,
1926
1943
  await authManager.getAuthValue({
1927
- requestedScope: "comments:read",
1928
- roomId
1944
+ roomId,
1945
+ resource: "comments",
1946
+ access: "write"
1929
1947
  }),
1930
1948
  void 0,
1931
1949
  { signal: abortSignal },
@@ -1950,8 +1968,9 @@ function createApiClient({
1950
1968
  async () => httpClient.putBlob(
1951
1969
  url`/v2/c/rooms/${roomId}/attachments/${attachment.id}/multipart/${createMultiPartUpload.uploadId}/${String(partNumber)}`,
1952
1970
  await authManager.getAuthValue({
1953
- requestedScope: "comments:read",
1954
- roomId
1971
+ roomId,
1972
+ resource: "comments",
1973
+ access: "write"
1955
1974
  }),
1956
1975
  part,
1957
1976
  void 0,
@@ -1974,8 +1993,9 @@ function createApiClient({
1974
1993
  return httpClient.post(
1975
1994
  url`/v2/c/rooms/${roomId}/attachments/${attachment.id}/multipart/${uploadId}/complete`,
1976
1995
  await authManager.getAuthValue({
1977
- requestedScope: "comments:read",
1978
- roomId
1996
+ roomId,
1997
+ resource: "comments",
1998
+ access: "write"
1979
1999
  }),
1980
2000
  { parts: sortedUploadedParts },
1981
2001
  { signal: abortSignal }
@@ -1986,8 +2006,9 @@ function createApiClient({
1986
2006
  await httpClient.rawDelete(
1987
2007
  url`/v2/c/rooms/${roomId}/attachments/${attachment.id}/multipart/${uploadId}`,
1988
2008
  await authManager.getAuthValue({
1989
- requestedScope: "comments:read",
1990
- roomId
2009
+ roomId,
2010
+ resource: "comments",
2011
+ access: "write"
1991
2012
  })
1992
2013
  );
1993
2014
  } catch {
@@ -2004,8 +2025,9 @@ function createApiClient({
2004
2025
  const { urls } = await httpClient.post(
2005
2026
  url`/v2/c/rooms/${roomId}/attachments/presigned-urls`,
2006
2027
  await authManager.getAuthValue({
2007
- requestedScope: "comments:read",
2008
- roomId
2028
+ roomId,
2029
+ resource: "comments",
2030
+ access: "read"
2009
2031
  }),
2010
2032
  { attachmentIds }
2011
2033
  );
@@ -2024,109 +2046,13 @@ function createApiClient({
2024
2046
  const batch2 = getOrCreateAttachmentUrlsStore(options.roomId).batch;
2025
2047
  return batch2.get(options.attachmentId);
2026
2048
  }
2027
- async function uploadChatAttachment(options) {
2028
- const { chatId, attachment, signal } = options;
2029
- const userId = currentUserId.get();
2030
- if (userId === void 0) {
2031
- throw new Error("Attachment upload requires an authenticated user.");
2032
- }
2033
- const ATTACHMENT_PART_SIZE = 5 * 1024 * 1024;
2034
- if (options.attachment.file.size <= ATTACHMENT_PART_SIZE) {
2035
- await httpClient.putBlob(
2036
- url`/v2/c/chats/${chatId}/attachments/${attachment.id}/upload/${encodeURIComponent(attachment.file.name)}`,
2037
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2038
- attachment.file,
2039
- { fileSize: attachment.file.size },
2040
- { signal }
2041
- );
2042
- } else {
2043
- const multipartUpload = await httpClient.post(
2044
- url`/v2/c/chats/${chatId}/attachments/${attachment.id}/multipart/${encodeURIComponent(attachment.file.name)}`,
2045
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2046
- void 0,
2047
- { signal },
2048
- { fileSize: attachment.file.size }
2049
- );
2050
- try {
2051
- const uploadedParts = [];
2052
- const parts = [];
2053
- let start = 0;
2054
- while (start < attachment.file.size) {
2055
- const end = Math.min(
2056
- start + ATTACHMENT_PART_SIZE,
2057
- attachment.file.size
2058
- );
2059
- parts.push({
2060
- number: parts.length + 1,
2061
- part: attachment.file.slice(start, end)
2062
- });
2063
- start = end;
2064
- }
2065
- uploadedParts.push(
2066
- ...await Promise.all(
2067
- parts.map(async ({ number, part }) => {
2068
- return await httpClient.putBlob(
2069
- url`/v2/c/chats/${chatId}/attachments/${attachment.id}/multipart/${multipartUpload.uploadId}/${String(number)}`,
2070
- await authManager.getAuthValue({
2071
- requestedScope: "comments:read"
2072
- }),
2073
- part,
2074
- void 0,
2075
- { signal }
2076
- );
2077
- })
2078
- )
2079
- );
2080
- await httpClient.post(
2081
- url`/v2/c/chats/${chatId}/attachments/${attachment.id}/multipart/${multipartUpload.uploadId}/complete`,
2082
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2083
- { parts: uploadedParts.sort((a, b) => a.number - b.number) },
2084
- { signal }
2085
- );
2086
- } catch (err) {
2087
- try {
2088
- await httpClient.delete(
2089
- url`/v2/c/chats/${chatId}/attachments/${attachment.id}/multipart/${multipartUpload.uploadId}`,
2090
- await authManager.getAuthValue({ requestedScope: "comments:read" })
2091
- );
2092
- } catch {
2093
- }
2094
- throw err;
2095
- }
2096
- }
2097
- }
2098
- const attachmentUrlsBatchStoresByChat = new DefaultMap((chatId) => {
2099
- const batch2 = new Batch(
2100
- async (batchedAttachmentIds) => {
2101
- const attachmentIds = batchedAttachmentIds.flat();
2102
- const { urls } = await httpClient.post(
2103
- url`/v2/c/chats/${chatId}/attachments/presigned-urls`,
2104
- await authManager.getAuthValue({
2105
- requestedScope: "comments:read"
2106
- }),
2107
- { attachmentIds }
2108
- );
2109
- return urls.map(
2110
- (url2) => url2 ?? new Error("There was an error while getting this attachment's URL")
2111
- );
2112
- },
2113
- { delay: 50 }
2114
- );
2115
- return createBatchStore(batch2);
2116
- });
2117
- function getOrCreateChatAttachmentUrlsStore(chatId) {
2118
- return attachmentUrlsBatchStoresByChat.getOrCreate(chatId);
2119
- }
2120
- function getChatAttachmentUrl(options) {
2121
- const batch2 = getOrCreateChatAttachmentUrlsStore(options.chatId).batch;
2122
- return batch2.get(options.attachmentId);
2123
- }
2124
2049
  async function getSubscriptionSettings(options) {
2125
2050
  return httpClient.get(
2126
2051
  url`/v2/c/rooms/${options.roomId}/subscription-settings`,
2127
2052
  await authManager.getAuthValue({
2128
- requestedScope: "comments:read",
2129
- roomId: options.roomId
2053
+ roomId: options.roomId,
2054
+ resource: "comments",
2055
+ access: "read"
2130
2056
  }),
2131
2057
  void 0,
2132
2058
  {
@@ -2138,8 +2064,9 @@ function createApiClient({
2138
2064
  return httpClient.post(
2139
2065
  url`/v2/c/rooms/${options.roomId}/subscription-settings`,
2140
2066
  await authManager.getAuthValue({
2141
- requestedScope: "comments:read",
2142
- roomId: options.roomId
2067
+ roomId: options.roomId,
2068
+ resource: "comments",
2069
+ access: "read"
2143
2070
  }),
2144
2071
  options.settings
2145
2072
  );
@@ -2151,8 +2078,9 @@ function createApiClient({
2151
2078
  await httpClient.post(
2152
2079
  url`/v2/c/rooms/${roomId}/inbox-notifications/read`,
2153
2080
  await authManager.getAuthValue({
2154
- requestedScope: "comments:read",
2155
- roomId
2081
+ roomId,
2082
+ resource: "comments",
2083
+ access: "read"
2156
2084
  }),
2157
2085
  { inboxNotificationIds }
2158
2086
  );
@@ -2172,8 +2100,9 @@ function createApiClient({
2172
2100
  await httpClient.rawPost(
2173
2101
  url`/v2/c/rooms/${options.roomId}/text-mentions`,
2174
2102
  await authManager.getAuthValue({
2175
- requestedScope: "comments:read",
2176
- roomId: options.roomId
2103
+ roomId: options.roomId,
2104
+ resource: "storage",
2105
+ access: "write"
2177
2106
  }),
2178
2107
  {
2179
2108
  userId: options.mention.kind === "user" ? options.mention.id : void 0,
@@ -2187,8 +2116,9 @@ function createApiClient({
2187
2116
  await httpClient.rawDelete(
2188
2117
  url`/v2/c/rooms/${options.roomId}/text-mentions/${options.mentionId}`,
2189
2118
  await authManager.getAuthValue({
2190
- requestedScope: "comments:read",
2191
- roomId: options.roomId
2119
+ roomId: options.roomId,
2120
+ resource: "storage",
2121
+ access: "write"
2192
2122
  })
2193
2123
  );
2194
2124
  }
@@ -2196,8 +2126,9 @@ function createApiClient({
2196
2126
  return httpClient.rawGet(
2197
2127
  url`/v2/c/rooms/${options.roomId}/y-version/${options.versionId}`,
2198
2128
  await authManager.getAuthValue({
2199
- requestedScope: "comments:read",
2200
- roomId: options.roomId
2129
+ roomId: options.roomId,
2130
+ resource: "storage",
2131
+ access: "read"
2201
2132
  })
2202
2133
  );
2203
2134
  }
@@ -2205,8 +2136,9 @@ function createApiClient({
2205
2136
  await httpClient.rawPost(
2206
2137
  url`/v2/c/rooms/${options.roomId}/version`,
2207
2138
  await authManager.getAuthValue({
2208
- requestedScope: "comments:read",
2209
- roomId: options.roomId
2139
+ roomId: options.roomId,
2140
+ resource: "storage",
2141
+ access: "write"
2210
2142
  })
2211
2143
  );
2212
2144
  }
@@ -2214,8 +2146,9 @@ function createApiClient({
2214
2146
  await httpClient.rawPost(
2215
2147
  url`/v2/c/rooms/${options.roomId}/text-metadata`,
2216
2148
  await authManager.getAuthValue({
2217
- requestedScope: "comments:read",
2218
- roomId: options.roomId
2149
+ roomId: options.roomId,
2150
+ resource: "storage",
2151
+ access: "read"
2219
2152
  }),
2220
2153
  {
2221
2154
  type: options.type,
@@ -2227,8 +2160,9 @@ function createApiClient({
2227
2160
  const result = await httpClient.post(
2228
2161
  url`/v2/c/rooms/${options.roomId}/ai/contextual-prompt`,
2229
2162
  await authManager.getAuthValue({
2230
- requestedScope: "room:read",
2231
- roomId: options.roomId
2163
+ roomId: options.roomId,
2164
+ resource: "storage",
2165
+ access: "read"
2232
2166
  }),
2233
2167
  {
2234
2168
  prompt: options.prompt,
@@ -2250,8 +2184,9 @@ function createApiClient({
2250
2184
  const result = await httpClient.get(
2251
2185
  url`/v2/c/rooms/${options.roomId}/versions`,
2252
2186
  await authManager.getAuthValue({
2253
- requestedScope: "comments:read",
2254
- roomId: options.roomId
2187
+ roomId: options.roomId,
2188
+ resource: "storage",
2189
+ access: "read"
2255
2190
  })
2256
2191
  );
2257
2192
  return {
@@ -2268,8 +2203,9 @@ function createApiClient({
2268
2203
  const result = await httpClient.get(
2269
2204
  url`/v2/c/rooms/${options.roomId}/versions/delta`,
2270
2205
  await authManager.getAuthValue({
2271
- requestedScope: "comments:read",
2272
- roomId: options.roomId
2206
+ roomId: options.roomId,
2207
+ resource: "storage",
2208
+ access: "read"
2273
2209
  }),
2274
2210
  { since: options.since.toISOString() },
2275
2211
  { signal: options.signal }
@@ -2288,8 +2224,9 @@ function createApiClient({
2288
2224
  const result = await httpClient.rawGet(
2289
2225
  url`/v2/c/rooms/${options.roomId}/storage`,
2290
2226
  await authManager.getAuthValue({
2291
- requestedScope: "room:read",
2292
- roomId: options.roomId
2227
+ roomId: options.roomId,
2228
+ resource: "storage",
2229
+ access: "read"
2293
2230
  })
2294
2231
  );
2295
2232
  return await result.json();
@@ -2302,7 +2239,7 @@ function createApiClient({
2302
2239
  }
2303
2240
  const json = await httpClient.get(
2304
2241
  url`/v2/c/inbox-notifications`,
2305
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2242
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2306
2243
  {
2307
2244
  cursor: options?.cursor,
2308
2245
  limit: PAGE_SIZE,
@@ -2328,7 +2265,7 @@ function createApiClient({
2328
2265
  }
2329
2266
  const json = await httpClient.get(
2330
2267
  url`/v2/c/inbox-notifications/delta`,
2331
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2268
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2332
2269
  { since: options.since.toISOString(), query },
2333
2270
  { signal: options.signal }
2334
2271
  );
@@ -2357,7 +2294,7 @@ function createApiClient({
2357
2294
  }
2358
2295
  const { count } = await httpClient.get(
2359
2296
  url`/v2/c/inbox-notifications/count`,
2360
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2297
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2361
2298
  { query },
2362
2299
  { signal: options?.signal }
2363
2300
  );
@@ -2366,7 +2303,7 @@ function createApiClient({
2366
2303
  async function markAllInboxNotificationsAsRead() {
2367
2304
  await httpClient.post(
2368
2305
  url`/v2/c/inbox-notifications/read`,
2369
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2306
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2370
2307
  {
2371
2308
  inboxNotificationIds: "all"
2372
2309
  }
@@ -2375,7 +2312,7 @@ function createApiClient({
2375
2312
  async function markInboxNotificationsAsRead(inboxNotificationIds) {
2376
2313
  await httpClient.post(
2377
2314
  url`/v2/c/inbox-notifications/read`,
2378
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2315
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2379
2316
  {
2380
2317
  inboxNotificationIds
2381
2318
  }
@@ -2395,19 +2332,19 @@ function createApiClient({
2395
2332
  async function deleteAllInboxNotifications() {
2396
2333
  await httpClient.delete(
2397
2334
  url`/v2/c/inbox-notifications`,
2398
- await authManager.getAuthValue({ requestedScope: "comments:read" })
2335
+ await authManager.getAuthValue({ resource: "personal", access: "write" })
2399
2336
  );
2400
2337
  }
2401
2338
  async function deleteInboxNotification(inboxNotificationId) {
2402
2339
  await httpClient.delete(
2403
2340
  url`/v2/c/inbox-notifications/${inboxNotificationId}`,
2404
- await authManager.getAuthValue({ requestedScope: "comments:read" })
2341
+ await authManager.getAuthValue({ resource: "personal", access: "write" })
2405
2342
  );
2406
2343
  }
2407
2344
  async function getNotificationSettings(options) {
2408
2345
  return httpClient.get(
2409
2346
  url`/v2/c/notification-settings`,
2410
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2347
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2411
2348
  void 0,
2412
2349
  { signal: options?.signal }
2413
2350
  );
@@ -2415,7 +2352,7 @@ function createApiClient({
2415
2352
  async function updateNotificationSettings(settings) {
2416
2353
  return httpClient.post(
2417
2354
  url`/v2/c/notification-settings`,
2418
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2355
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2419
2356
  settings
2420
2357
  );
2421
2358
  }
@@ -2427,7 +2364,7 @@ function createApiClient({
2427
2364
  const PAGE_SIZE = 50;
2428
2365
  const json = await httpClient.get(
2429
2366
  url`/v2/c/threads`,
2430
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2367
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2431
2368
  {
2432
2369
  cursor: options?.cursor,
2433
2370
  query,
@@ -2448,7 +2385,7 @@ function createApiClient({
2448
2385
  async function getUserThreadsSince_experimental(options) {
2449
2386
  const json = await httpClient.get(
2450
2387
  url`/v2/c/threads/delta`,
2451
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2388
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2452
2389
  { since: options.since.toISOString() },
2453
2390
  { signal: options.signal }
2454
2391
  );
@@ -2477,7 +2414,8 @@ function createApiClient({
2477
2414
  const { groups: plainGroups } = await httpClient.post(
2478
2415
  url`/v2/c/groups/find`,
2479
2416
  await authManager.getAuthValue({
2480
- requestedScope: "comments:read"
2417
+ resource: "personal",
2418
+ access: "write"
2481
2419
  }),
2482
2420
  { groupIds }
2483
2421
  );
@@ -2496,7 +2434,7 @@ function createApiClient({
2496
2434
  async function getUrlMetadata(_url) {
2497
2435
  const { metadata } = await httpClient.get(
2498
2436
  url`/v2/c/urls/metadata`,
2499
- await authManager.getAuthValue({ requestedScope: "comments:read" }),
2437
+ await authManager.getAuthValue({ resource: "personal", access: "write" }),
2500
2438
  { url: _url }
2501
2439
  );
2502
2440
  return metadata;
@@ -2536,10 +2474,6 @@ function createApiClient({
2536
2474
  getAttachmentUrl,
2537
2475
  uploadAttachment,
2538
2476
  getOrCreateAttachmentUrlsStore,
2539
- // User attachments
2540
- uploadChatAttachment,
2541
- getOrCreateChatAttachmentUrlsStore,
2542
- getChatAttachmentUrl,
2543
2477
  // Room storage
2544
2478
  streamStorage,
2545
2479
  // Notifications
@@ -5233,22 +5167,327 @@ function createReceivingToolInvocation(invocationId, name, partialArgsText = "")
5233
5167
  };
5234
5168
  }
5235
5169
 
5236
- // src/protocol/AuthToken.ts
5237
- var Permission = /* @__PURE__ */ ((Permission2) => {
5238
- Permission2["Read"] = "room:read";
5239
- Permission2["Write"] = "room:write";
5240
- Permission2["PresenceWrite"] = "room:presence:write";
5241
- Permission2["CommentsWrite"] = "comments:write";
5242
- Permission2["CommentsRead"] = "comments:read";
5243
- Permission2["FeedsWrite"] = "feeds:write";
5244
- return Permission2;
5245
- })(Permission || {});
5246
- function canWriteStorage(scopes) {
5247
- return scopes.includes("room:write" /* Write */);
5248
- }
5249
- function canComment(scopes) {
5250
- return scopes.includes("comments:write" /* CommentsWrite */) || scopes.includes("room:write" /* Write */);
5170
+ // src/permissions.ts
5171
+ var Permission = {
5172
+ /**
5173
+ * Default permission for a room.
5174
+ */
5175
+ Read: "*:read",
5176
+ Write: "*:write",
5177
+ /**
5178
+ * Legacy aliases for default room permissions.
5179
+ */
5180
+ RoomWrite: "room:write",
5181
+ RoomRead: "room:read",
5182
+ /**
5183
+ * Storage
5184
+ */
5185
+ StorageRead: "storage:read",
5186
+ StorageWrite: "storage:write",
5187
+ StorageNone: "storage:none",
5188
+ /**
5189
+ * Comments
5190
+ */
5191
+ CommentsWrite: "comments:write",
5192
+ CommentsRead: "comments:read",
5193
+ CommentsNone: "comments:none",
5194
+ /**
5195
+ * Feeds
5196
+ */
5197
+ FeedsRead: "feeds:read",
5198
+ FeedsWrite: "feeds:write",
5199
+ FeedsNone: "feeds:none",
5200
+ /**
5201
+ * Legacy
5202
+ */
5203
+ LegacyRoomPresenceWrite: "room:presence:write"
5204
+ };
5205
+ var ACCESS_LEVELS = ["none", "read", "write"];
5206
+ var basePermissionScopes = /* @__PURE__ */ new Set([
5207
+ Permission.Read,
5208
+ Permission.Write,
5209
+ Permission.RoomRead,
5210
+ Permission.RoomWrite
5211
+ ]);
5212
+ var ACCESS_LEVEL_RANKS = {
5213
+ none: 0,
5214
+ read: 1,
5215
+ write: 2
5216
+ };
5217
+ var PERMISSIONS_BY_RESOURCE = {
5218
+ room: {
5219
+ read: [Permission.Read, Permission.RoomRead],
5220
+ write: [Permission.Write, Permission.RoomWrite]
5221
+ },
5222
+ personal: {
5223
+ write: []
5224
+ },
5225
+ storage: {
5226
+ write: [Permission.StorageWrite],
5227
+ read: [Permission.StorageRead],
5228
+ none: [Permission.StorageNone]
5229
+ },
5230
+ comments: {
5231
+ write: [Permission.CommentsWrite],
5232
+ read: [Permission.CommentsRead],
5233
+ none: [Permission.CommentsNone]
5234
+ },
5235
+ feeds: {
5236
+ write: [Permission.FeedsWrite],
5237
+ read: [Permission.FeedsRead],
5238
+ none: [Permission.FeedsNone]
5239
+ }
5240
+ };
5241
+ var NO_PERMISSION_MATRIX = {
5242
+ room: "none",
5243
+ storage: "none",
5244
+ comments: "none",
5245
+ feeds: "none",
5246
+ personal: "none"
5247
+ };
5248
+ var BASE_PERMISSION_RESOURCE = "room";
5249
+ var ROOM_PERMISSION_RESOURCES = [
5250
+ "storage",
5251
+ "comments",
5252
+ "feeds"
5253
+ ];
5254
+ var VALID_PERMISSIONS = new Set(Object.values(Permission));
5255
+ function isPermission(permission) {
5256
+ return VALID_PERMISSIONS.has(permission);
5257
+ }
5258
+ function resolveResourceAccess(scopes, resource) {
5259
+ const permissions = PERMISSIONS_BY_RESOURCE[resource];
5260
+ let resourceAccess;
5261
+ for (const access of ACCESS_LEVELS) {
5262
+ const scopedPermissions = permissions[access];
5263
+ if (scopedPermissions !== void 0 && scopedPermissions.some((permission) => scopes.includes(permission))) {
5264
+ resourceAccess = access;
5265
+ }
5266
+ }
5267
+ return resourceAccess;
5268
+ }
5269
+ function permissionMatrixFromResolvedScopes(resolved) {
5270
+ if (!resolved.hasDefaultPermission) {
5271
+ return { ...NO_PERMISSION_MATRIX };
5272
+ }
5273
+ const matrix = {
5274
+ ...NO_PERMISSION_MATRIX,
5275
+ [BASE_PERMISSION_RESOURCE]: resolved.baseAccess,
5276
+ personal: "write"
5277
+ };
5278
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5279
+ matrix[resource] = resolved.matrix[resource] ?? resolved.baseAccess;
5280
+ }
5281
+ return matrix;
5282
+ }
5283
+ function permissionMatrixFromScopes(scopes) {
5284
+ return permissionMatrixFromResolvedScopes(resolvePermissionScopes(scopes));
5285
+ }
5286
+ function resolvePermissionScopes(scopes) {
5287
+ const hasDefaultPermission = scopes.includes(Permission.Write) || scopes.includes(Permission.Read) || scopes.includes(Permission.RoomWrite) || scopes.includes(Permission.RoomRead);
5288
+ const baseAccess = scopes.includes(Permission.Write) || scopes.includes(Permission.RoomWrite) ? "write" : scopes.includes(Permission.Read) || scopes.includes(Permission.RoomRead) ? "read" : "none";
5289
+ const matrix = {};
5290
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5291
+ const access = resolveResourceAccess(scopes, resource);
5292
+ if (access !== void 0) {
5293
+ matrix[resource] = access;
5294
+ }
5295
+ }
5296
+ return { hasDefaultPermission, baseAccess, matrix };
5297
+ }
5298
+ function hasPermissionAccess(matrix, resource, requiredAccess) {
5299
+ const access = matrix[resource] ?? "none";
5300
+ return ACCESS_LEVEL_RANKS[access] >= ACCESS_LEVEL_RANKS[requiredAccess];
5301
+ }
5302
+ function resolveRoomPermissionMatrix(permissions, roomId) {
5303
+ const matchedPermissions = permissions.filter(
5304
+ (entry) => roomPatternMatches(entry.pattern, roomId)
5305
+ );
5306
+ if (matchedPermissions.length === 0) {
5307
+ return void 0;
5308
+ }
5309
+ let hasDefaultPermission = false;
5310
+ let baseAccess = "none";
5311
+ const explicitMatrix = {};
5312
+ const explicitSpecificity = {};
5313
+ for (const entry of matchedPermissions) {
5314
+ const resolved = resolvePermissionScopes(entry.scopes);
5315
+ const specificity = roomPatternSpecificity(entry.pattern);
5316
+ if (resolved.hasDefaultPermission) {
5317
+ hasDefaultPermission = true;
5318
+ baseAccess = strongestAccess(baseAccess, resolved.baseAccess);
5319
+ }
5320
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5321
+ const access = resolved.matrix[resource];
5322
+ if (access !== void 0) {
5323
+ const currentSpecificity = explicitSpecificity[resource] ?? -1;
5324
+ if (specificity > currentSpecificity) {
5325
+ explicitMatrix[resource] = access;
5326
+ explicitSpecificity[resource] = specificity;
5327
+ } else if (specificity === currentSpecificity) {
5328
+ explicitMatrix[resource] = strongestAccess(
5329
+ explicitMatrix[resource] ?? "none",
5330
+ access
5331
+ );
5332
+ }
5333
+ }
5334
+ }
5335
+ }
5336
+ return permissionMatrixFromResolvedScopes({
5337
+ hasDefaultPermission,
5338
+ baseAccess,
5339
+ matrix: explicitMatrix
5340
+ });
5341
+ }
5342
+ function normalizeRoomPermissions(permissions) {
5343
+ if (!Array.isArray(permissions)) {
5344
+ throw new Error("Permission list must be an array");
5345
+ }
5346
+ const result = [];
5347
+ for (const permission of permissions) {
5348
+ if (!isPermission(permission)) {
5349
+ throw new Error(`Not a valid permission: ${permission}`);
5350
+ }
5351
+ result.push(permission);
5352
+ }
5353
+ return result;
5354
+ }
5355
+ function normalizeRoomAccesses(accesses) {
5356
+ if (accesses === void 0) {
5357
+ return void 0;
5358
+ }
5359
+ return Object.fromEntries(
5360
+ Object.entries(accesses).map(([id, permissions]) => [
5361
+ id,
5362
+ normalizeRoomPermissions(permissions)
5363
+ ])
5364
+ );
5365
+ }
5366
+ function normalizeUpdateRoomAccesses(accesses) {
5367
+ if (accesses === void 0) {
5368
+ return void 0;
5369
+ }
5370
+ return Object.fromEntries(
5371
+ Object.entries(accesses).map(([id, permissions]) => [
5372
+ id,
5373
+ permissions === null ? null : normalizeRoomPermissions(permissions)
5374
+ ])
5375
+ );
5376
+ }
5377
+ function permissionMatrixToScopes(matrix) {
5378
+ const scopes = [];
5379
+ const baseAccess = matrix.room;
5380
+ if (baseAccess !== "none") {
5381
+ scopes.push(permissionForAccessLevel(BASE_PERMISSION_RESOURCE, baseAccess));
5382
+ }
5383
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5384
+ const access = matrix[resource];
5385
+ if (access !== baseAccess) {
5386
+ scopes.push(permissionForAccessLevel(resource, access));
5387
+ }
5388
+ }
5389
+ return scopes;
5251
5390
  }
5391
+ function mergeRoomPermissionScopes({
5392
+ defaultAccesses,
5393
+ groupsAccesses,
5394
+ userAccesses
5395
+ }) {
5396
+ const sources = [
5397
+ resolvePermissionScopes(defaultAccesses),
5398
+ mergeResolvedScopesByHighestAccess(
5399
+ groupsAccesses.map(resolvePermissionScopes)
5400
+ ),
5401
+ resolvePermissionScopes(userAccesses)
5402
+ ];
5403
+ const merged = {
5404
+ hasDefaultPermission: false,
5405
+ baseAccess: "none",
5406
+ matrix: {}
5407
+ };
5408
+ for (const source of sources) {
5409
+ if (source.hasDefaultPermission) {
5410
+ merged.hasDefaultPermission = true;
5411
+ merged.baseAccess = source.baseAccess;
5412
+ }
5413
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5414
+ const access = source.matrix[resource];
5415
+ if (access !== void 0) {
5416
+ merged.matrix[resource] = access;
5417
+ }
5418
+ }
5419
+ }
5420
+ return permissionMatrixToScopes(permissionMatrixFromResolvedScopes(merged));
5421
+ }
5422
+ function mergeResolvedScopesByHighestAccess(sources) {
5423
+ const merged = {
5424
+ hasDefaultPermission: false,
5425
+ baseAccess: "none",
5426
+ matrix: {}
5427
+ };
5428
+ for (const source of sources) {
5429
+ if (source.hasDefaultPermission) {
5430
+ merged.hasDefaultPermission = true;
5431
+ merged.baseAccess = strongestAccess(merged.baseAccess, source.baseAccess);
5432
+ }
5433
+ for (const resource of ROOM_PERMISSION_RESOURCES) {
5434
+ const access = source.matrix[resource];
5435
+ if (access !== void 0) {
5436
+ merged.matrix[resource] = strongestAccess(
5437
+ merged.matrix[resource] ?? "none",
5438
+ access
5439
+ );
5440
+ }
5441
+ }
5442
+ }
5443
+ return merged;
5444
+ }
5445
+ function permissionForAccessLevel(resource, access, field = resource) {
5446
+ const levels = PERMISSIONS_BY_RESOURCE[resource];
5447
+ const permissions = levels[access];
5448
+ if (permissions === void 0 || permissions.length === 0) {
5449
+ throw new Error(
5450
+ `Invalid permission level for ${field}: ${JSON.stringify(access) ?? String(access)}`
5451
+ );
5452
+ }
5453
+ return permissions[0];
5454
+ }
5455
+ function strongestAccess(left, right) {
5456
+ return ACCESS_LEVEL_RANKS[right] > ACCESS_LEVEL_RANKS[left] ? right : left;
5457
+ }
5458
+ function roomPatternMatches(pattern, roomId) {
5459
+ if (pattern.includes("*")) {
5460
+ return roomId.startsWith(pattern.replace("*", ""));
5461
+ }
5462
+ return pattern === roomId;
5463
+ }
5464
+ function roomPatternSpecificity(pattern) {
5465
+ return pattern.replace("*", "").length;
5466
+ }
5467
+ function validatePermissionsSet(scopes) {
5468
+ const unknownScopes = scopes.filter((scope) => !VALID_PERMISSIONS.has(scope));
5469
+ if (unknownScopes.length > 0) {
5470
+ return `Unknown permission scope(s): ${unknownScopes.join(", ")}`;
5471
+ }
5472
+ const baseScopes = scopes.filter((scope) => basePermissionScopes.has(scope));
5473
+ if (baseScopes.length !== 1) {
5474
+ return `Permissions must include exactly one of ${Permission.Read}, ${Permission.Write} (or the legacy aliases ${Permission.RoomRead}, ${Permission.RoomWrite}), got ${baseScopes.length === 0 ? "none" : baseScopes.join(", ")}`;
5475
+ }
5476
+ const seenFeatures = /* @__PURE__ */ new Set();
5477
+ for (const scope of scopes) {
5478
+ if (basePermissionScopes.has(scope) || scope === Permission.LegacyRoomPresenceWrite) {
5479
+ continue;
5480
+ }
5481
+ const feature = scope.slice(0, scope.indexOf(":"));
5482
+ if (seenFeatures.has(feature)) {
5483
+ return `Permissions can include at most one scope per feature, got multiple "${feature}" scopes`;
5484
+ }
5485
+ seenFeatures.add(feature);
5486
+ }
5487
+ return true;
5488
+ }
5489
+
5490
+ // src/protocol/AuthToken.ts
5252
5491
  function isValidAuthTokenPayload(data) {
5253
5492
  return isPlainObject(data) && (data.k === "acc" /* ACCESS_TOKEN */ || data.k === "id" /* ID_TOKEN */);
5254
5493
  }
@@ -5287,47 +5526,22 @@ function createAuthManager(authOptions, onAuthenticate) {
5287
5526
  const authentication = prepareAuthentication(authOptions);
5288
5527
  const seenTokens = /* @__PURE__ */ new Set();
5289
5528
  const tokens = [];
5290
- const expiryTimes = [];
5291
5529
  const requestPromises = /* @__PURE__ */ new Map();
5292
5530
  function reset() {
5293
5531
  seenTokens.clear();
5294
5532
  tokens.length = 0;
5295
- expiryTimes.length = 0;
5296
5533
  requestPromises.clear();
5297
5534
  }
5298
- function hasCorrespondingScopes(requestedScope, scopes) {
5299
- if (requestedScope === "comments:read") {
5300
- return scopes.includes("comments:read" /* CommentsRead */) || scopes.includes("comments:write" /* CommentsWrite */) || scopes.includes("room:read" /* Read */) || scopes.includes("room:write" /* Write */);
5301
- } else if (requestedScope === "room:read") {
5302
- return scopes.includes("room:read" /* Read */) || scopes.includes("room:write" /* Write */);
5303
- }
5304
- return false;
5305
- }
5306
5535
  function getCachedToken(requestOptions) {
5307
5536
  const now2 = Math.ceil(Date.now() / 1e3);
5308
5537
  for (let i = tokens.length - 1; i >= 0; i--) {
5309
- const token = tokens[i];
5310
- const expiresAt = expiryTimes[i];
5311
- if (expiresAt <= now2) {
5538
+ const cachedToken = tokens[i];
5539
+ if (cachedToken.expiresAt <= now2) {
5312
5540
  tokens.splice(i, 1);
5313
- expiryTimes.splice(i, 1);
5314
5541
  continue;
5315
5542
  }
5316
- if (token.parsed.k === "id" /* ID_TOKEN */) {
5317
- return token;
5318
- } else if (token.parsed.k === "acc" /* ACCESS_TOKEN */) {
5319
- if (!requestOptions.roomId && Object.entries(token.parsed.perms).length === 0) {
5320
- return token;
5321
- }
5322
- for (const [resource, scopes] of Object.entries(token.parsed.perms)) {
5323
- if (!requestOptions.roomId) {
5324
- if (resource.includes("*") && hasCorrespondingScopes(requestOptions.requestedScope, scopes)) {
5325
- return token;
5326
- }
5327
- } else if (resource.includes("*") && requestOptions.roomId.startsWith(resource.replace("*", "")) || requestOptions.roomId === resource && hasCorrespondingScopes(requestOptions.requestedScope, scopes)) {
5328
- return token;
5329
- }
5330
- }
5543
+ if (cachedTokenSatisfiesRequest(cachedToken, requestOptions)) {
5544
+ return cachedToken.token;
5331
5545
  }
5332
5546
  }
5333
5547
  return void 0;
@@ -5345,6 +5559,10 @@ function createAuthManager(authOptions, onAuthenticate) {
5345
5559
  });
5346
5560
  const parsed = parseAuthToken(response.token);
5347
5561
  if (seenTokens.has(parsed.raw)) {
5562
+ const cachedToken = getCachedToken(options);
5563
+ if (cachedToken?.raw === parsed.raw) {
5564
+ return cachedToken;
5565
+ }
5348
5566
  throw new StopRetrying(
5349
5567
  "The same Liveblocks auth token was issued from the backend before. Caching Liveblocks tokens is not supported."
5350
5568
  );
@@ -5385,11 +5603,12 @@ function createAuthManager(authOptions, onAuthenticate) {
5385
5603
  return { type: "secret", token: cachedToken };
5386
5604
  }
5387
5605
  let currentPromise;
5388
- if (requestOptions.roomId) {
5389
- currentPromise = requestPromises.get(requestOptions.roomId);
5606
+ const requestKey = getAuthRequestKey(requestOptions);
5607
+ if (requestKey !== void 0) {
5608
+ currentPromise = requestPromises.get(requestKey);
5390
5609
  if (currentPromise === void 0) {
5391
5610
  currentPromise = makeAuthRequest(requestOptions);
5392
- requestPromises.set(requestOptions.roomId, currentPromise);
5611
+ requestPromises.set(requestKey, currentPromise);
5393
5612
  }
5394
5613
  } else {
5395
5614
  currentPromise = requestPromises.get("liveblocks-user-token");
@@ -5403,12 +5622,12 @@ function createAuthManager(authOptions, onAuthenticate) {
5403
5622
  const BUFFER = 30;
5404
5623
  const expiresAt = Math.floor(Date.now() / 1e3) + (token.parsed.exp - token.parsed.iat) - BUFFER;
5405
5624
  seenTokens.add(token.raw);
5406
- tokens.push(token);
5407
- expiryTimes.push(expiresAt);
5625
+ const cachedToken2 = makeCachedToken(token, expiresAt);
5626
+ tokens.push(cachedToken2);
5408
5627
  return { type: "secret", token };
5409
5628
  } finally {
5410
- if (requestOptions.roomId) {
5411
- requestPromises.delete(requestOptions.roomId);
5629
+ if (requestKey !== void 0) {
5630
+ requestPromises.delete(requestKey);
5412
5631
  } else {
5413
5632
  requestPromises.delete("liveblocks-user-token");
5414
5633
  }
@@ -5419,6 +5638,43 @@ function createAuthManager(authOptions, onAuthenticate) {
5419
5638
  getAuthValue
5420
5639
  };
5421
5640
  }
5641
+ function getAuthRequestKey(request) {
5642
+ if (request.roomId === void 0) {
5643
+ return void 0;
5644
+ }
5645
+ return `${request.roomId}:${request.resource}:${request.access}`;
5646
+ }
5647
+ function makeCachedToken(token, expiresAt) {
5648
+ if (token.parsed.k === "acc" /* ACCESS_TOKEN */) {
5649
+ return {
5650
+ token,
5651
+ expiresAt,
5652
+ permissions: Object.entries(token.parsed.perms).map(
5653
+ ([pattern, scopes]) => ({
5654
+ pattern,
5655
+ scopes: normalizeRoomPermissions(scopes)
5656
+ })
5657
+ )
5658
+ };
5659
+ }
5660
+ return { token, expiresAt };
5661
+ }
5662
+ function cachedTokenSatisfiesRequest(cachedToken, request) {
5663
+ if (cachedToken.token.parsed.k === "id" /* ID_TOKEN */) {
5664
+ return true;
5665
+ }
5666
+ if (request.resource === "personal") {
5667
+ return true;
5668
+ }
5669
+ if (request.roomId === void 0) {
5670
+ return false;
5671
+ }
5672
+ const matrix = resolveRoomPermissionMatrix(
5673
+ cachedToken.permissions ?? [],
5674
+ request.roomId
5675
+ );
5676
+ return matrix !== void 0 && hasPermissionAccess(matrix, request.resource, request.access);
5677
+ }
5422
5678
  function prepareAuthentication(authOptions) {
5423
5679
  const { publicApiKey, authEndpoint } = authOptions;
5424
5680
  if (authEndpoint !== void 0 && publicApiKey !== void 0) {
@@ -5784,6 +6040,9 @@ var UnacknowledgedOps = class {
5784
6040
  #createOpsByPosition = /* @__PURE__ */ new Map();
5785
6041
  // parentId -> (opId -> Create op)
5786
6042
  #createOpsByParent = /* @__PURE__ */ new Map();
6043
+ // opIds of pending ops that were in flight when a connection died, so the
6044
+ // server may already have processed them. See isPossiblyStored().
6045
+ #possiblyStoredOpIds = /* @__PURE__ */ new Set();
5787
6046
  #posKey(parentId, parentKey) {
5788
6047
  return `${parentId}
5789
6048
  ${parentKey}`;
@@ -5823,6 +6082,7 @@ ${parentKey}`;
5823
6082
  return;
5824
6083
  }
5825
6084
  this.#byOpId.delete(opId);
6085
+ this.#possiblyStoredOpIds.delete(opId);
5826
6086
  if (isCreateOp(op)) {
5827
6087
  const posKey = this.#posKey(op.parentId, op.parentKey);
5828
6088
  const atPosition = this.#createOpsByPosition.get(posKey);
@@ -5856,6 +6116,19 @@ ${parentKey}`;
5856
6116
  values() {
5857
6117
  return this.#byOpId.values();
5858
6118
  }
6119
+ isPossiblyStored(opId) {
6120
+ return this.#possiblyStoredOpIds.has(opId);
6121
+ }
6122
+ /**
6123
+ * Mark every currently pending op as possibly stored on the server. Called
6124
+ * when the connection dies: all of these ops were in flight, and their
6125
+ * (possibly lost) acks would have been the only way to know their fate.
6126
+ */
6127
+ markAllAsPossiblyStored() {
6128
+ for (const opId of this.#byOpId.keys()) {
6129
+ this.#possiblyStoredOpIds.add(opId);
6130
+ }
6131
+ }
5859
6132
  };
5860
6133
 
5861
6134
  // src/crdts/AbstractCrdt.ts
@@ -6452,7 +6725,7 @@ var LiveList = class _LiveList extends AbstractCrdt {
6452
6725
  }
6453
6726
  return result.modified.updates[0];
6454
6727
  }
6455
- #applyRemoteInsert(op, fromSnapshot) {
6728
+ #applyRemoteInsert(op) {
6456
6729
  if (this._pool === void 0) {
6457
6730
  throw new Error("Can't attach child if managed pool is not present");
6458
6731
  }
@@ -6462,7 +6735,7 @@ var LiveList = class _LiveList extends AbstractCrdt {
6462
6735
  this.#shiftItemPosition(existingItemIndex, key);
6463
6736
  }
6464
6737
  const { newItem, newIndex } = this.#createAttachItemAndSort(op, key);
6465
- const bumpDeltas = fromSnapshot ? [] : this.#bumpUnackedPushesAbove(key);
6738
+ const bumpDeltas = this.#bumpUnackedPushesAbove(key);
6466
6739
  return {
6467
6740
  modified: makeUpdate(this, [
6468
6741
  insertDelta(newIndex, newItem),
@@ -6477,6 +6750,13 @@ var LiveList = class _LiveList extends AbstractCrdt {
6477
6750
  * the single source of truth, so an item drops out the instant its op is
6478
6751
  * acked, with no per-instance membership to leak. Yielded in push order.
6479
6752
  *
6753
+ * Excludes ops that may already be stored on the server (they were in
6754
+ * flight when a connection died, so their fate is unknown): the bump
6755
+ * prediction assumes the server has not processed the op yet, which is only
6756
+ * guaranteed for ops sent on the current connection. For these excluded
6757
+ * ops, the server's (re-)ack states the authoritative position; predicting
6758
+ * locally could produce a wrong position that no ack would correct.
6759
+ *
6480
6760
  * Restricted to items currently in `#items`: a pushed node whose op is still
6481
6761
  * pending may have been pulled out of the list (e.g. implicitly deleted by a
6482
6762
  * remote set, or removed by an undo) while still living in the pool, and such
@@ -6490,6 +6770,9 @@ var LiveList = class _LiveList extends AbstractCrdt {
6490
6770
  if (op.intent !== "push") {
6491
6771
  continue;
6492
6772
  }
6773
+ if (this._pool.unacknowledgedOps.isPossiblyStored(op.opId)) {
6774
+ continue;
6775
+ }
6493
6776
  const node = this._pool.getNode(op.id);
6494
6777
  if (node !== void 0 && this.#items.includes(node)) {
6495
6778
  yield node;
@@ -6654,7 +6937,7 @@ var LiveList = class _LiveList extends AbstractCrdt {
6654
6937
  }
6655
6938
  }
6656
6939
  /** @internal */
6657
- _attachChild(op, source, fromSnapshot = false) {
6940
+ _attachChild(op, source) {
6658
6941
  if (this._pool === void 0) {
6659
6942
  throw new Error("Can't attach child if managed pool is not present");
6660
6943
  }
@@ -6669,7 +6952,7 @@ var LiveList = class _LiveList extends AbstractCrdt {
6669
6952
  }
6670
6953
  } else {
6671
6954
  if (source === 1 /* THEIRS */) {
6672
- result = this.#applyRemoteInsert(op, fromSnapshot);
6955
+ result = this.#applyRemoteInsert(op);
6673
6956
  } else if (source === 2 /* OURS */) {
6674
6957
  result = this.#applyInsertAck(op);
6675
6958
  } else {
@@ -7928,6 +8211,7 @@ var LiveObject = class _LiveObject extends AbstractCrdt {
7928
8211
  const id = nn(this._id);
7929
8212
  const parentKey = nn(child._parentKey);
7930
8213
  const reverse = child._toOps(id, parentKey);
8214
+ const deletedItem = liveNodeToLson(child);
7931
8215
  for (const [key, value] of this.#synced) {
7932
8216
  if (value === child) {
7933
8217
  this.#synced.delete(key);
@@ -7939,7 +8223,7 @@ var LiveObject = class _LiveObject extends AbstractCrdt {
7939
8223
  node: this,
7940
8224
  type: "LiveObject",
7941
8225
  updates: {
7942
- [parentKey]: { type: "delete" }
8226
+ [parentKey]: { type: "delete", deletedItem }
7943
8227
  }
7944
8228
  };
7945
8229
  return { modified: storageUpdate, reverse };
@@ -8247,7 +8531,7 @@ var LiveObject = class _LiveObject extends AbstractCrdt {
8247
8531
  const preciseSize = new TextEncoder().encode(jsonString).length;
8248
8532
  if (preciseSize > MAX_LIVE_OBJECT_SIZE) {
8249
8533
  throw new Error(
8250
- `LiveObject size exceeded limit: ${preciseSize} bytes > ${MAX_LIVE_OBJECT_SIZE} bytes. See https://liveblocks.io/docs/platform/limits#Liveblocks-Storage-limits`
8534
+ `LiveObject size exceeded limit: ${preciseSize} bytes > ${MAX_LIVE_OBJECT_SIZE} bytes. See https://liveblocks.io/docs/pricing/limits#Other-limits`
8251
8535
  );
8252
8536
  }
8253
8537
  }
@@ -8541,23 +8825,68 @@ function dumpPool(pool) {
8541
8825
  (r) => ` ${r.id} parent=${r.parentId} key=${r.key || "\u2014"} ${r.value}`
8542
8826
  ).join("\n");
8543
8827
  }
8544
- function getTreesDiffOperations(currentItems, newItems) {
8828
+ function isJsonEq(a, b) {
8829
+ if (a === b) {
8830
+ return true;
8831
+ }
8832
+ if (typeof a !== "object" || a === null || typeof b !== "object" || b === null) {
8833
+ return false;
8834
+ }
8835
+ if (Array.isArray(a) || Array.isArray(b)) {
8836
+ if (!Array.isArray(a) || !Array.isArray(b) || a.length !== b.length) {
8837
+ return false;
8838
+ }
8839
+ for (let i = 0; i < a.length; i++) {
8840
+ if (!isJsonEq(a[i], b[i])) {
8841
+ return false;
8842
+ }
8843
+ }
8844
+ return true;
8845
+ }
8846
+ const aKeys = Object.keys(a);
8847
+ if (aKeys.length !== Object.keys(b).length) {
8848
+ return false;
8849
+ }
8850
+ for (const key of aKeys) {
8851
+ if (!isJsonEq(a[key], b[key])) {
8852
+ return false;
8853
+ }
8854
+ }
8855
+ return true;
8856
+ }
8857
+ function diffNodeMap(prev, next) {
8545
8858
  const ops = [];
8546
- currentItems.forEach((_, id) => {
8547
- if (!newItems.get(id)) {
8859
+ prev.forEach((_, id) => {
8860
+ if (!next.get(id)) {
8548
8861
  ops.push({ type: OpCode.DELETE_CRDT, id });
8549
8862
  }
8550
8863
  });
8551
- newItems.forEach((crdt, id) => {
8552
- const currentCrdt = currentItems.get(id);
8864
+ next.forEach((crdt, id) => {
8865
+ const currentCrdt = prev.get(id);
8553
8866
  if (currentCrdt) {
8554
8867
  if (crdt.type === CrdtType.OBJECT) {
8555
- if (currentCrdt.type !== CrdtType.OBJECT || stringifyOrLog(crdt.data) !== stringifyOrLog(currentCrdt.data)) {
8556
- ops.push({
8557
- type: OpCode.UPDATE_OBJECT,
8558
- id,
8559
- data: crdt.data
8560
- });
8868
+ if (currentCrdt.type !== CrdtType.OBJECT) {
8869
+ ops.push({ type: OpCode.UPDATE_OBJECT, id, data: crdt.data });
8870
+ } else {
8871
+ const changed = /* @__PURE__ */ new Map();
8872
+ for (const key of Object.keys(crdt.data)) {
8873
+ const value = crdt.data[key];
8874
+ if (value !== void 0 && !isJsonEq(value, currentCrdt.data[key])) {
8875
+ changed.set(key, value);
8876
+ }
8877
+ }
8878
+ if (changed.size > 0) {
8879
+ ops.push({
8880
+ type: OpCode.UPDATE_OBJECT,
8881
+ id,
8882
+ data: Object.fromEntries(changed)
8883
+ });
8884
+ }
8885
+ for (const key of Object.keys(currentCrdt.data)) {
8886
+ if (!(key in crdt.data)) {
8887
+ ops.push({ type: OpCode.DELETE_OBJECT_KEY, id, key });
8888
+ }
8889
+ }
8561
8890
  }
8562
8891
  }
8563
8892
  if (crdt.parentKey !== currentCrdt.parentKey) {
@@ -8780,7 +9109,7 @@ function partialSyncConnection(room) {
8780
9109
  });
8781
9110
  }
8782
9111
  function partialSyncStorage(room) {
8783
- const root = room.getStorageSnapshot();
9112
+ const root = room.getStorageOrNull();
8784
9113
  if (root) {
8785
9114
  sendToPanel({
8786
9115
  msg: "room::sync::partial",
@@ -8810,7 +9139,7 @@ function partialSyncOthers(room) {
8810
9139
  }
8811
9140
  }
8812
9141
  function fullSync(room) {
8813
- const root = room.getStorageSnapshot();
9142
+ const root = room.getStorageOrNull();
8814
9143
  const me = room[kInternal].getSelf_forDevTools();
8815
9144
  const others = room[kInternal].getOthers_forDevTools();
8816
9145
  room.fetchYDoc("");
@@ -9235,15 +9564,15 @@ var ClientMsgCode = Object.freeze({
9235
9564
 
9236
9565
  // src/refs/ManagedOthers.ts
9237
9566
  function makeUser(conn, presence) {
9238
- const { connectionId, id, info } = conn;
9239
- const canWrite = canWriteStorage(conn.scopes);
9567
+ const { connectionId, id, info, access } = conn;
9568
+ const { canWrite, canComment } = access;
9240
9569
  return freeze(
9241
9570
  compactObject({
9242
9571
  connectionId,
9243
9572
  id,
9244
9573
  info,
9245
9574
  canWrite,
9246
- canComment: canComment(conn.scopes),
9575
+ canComment,
9247
9576
  isReadOnly: !canWrite,
9248
9577
  // Deprecated, kept for backward-compatibility
9249
9578
  presence
@@ -9314,7 +9643,7 @@ var ManagedOthers = class {
9314
9643
  * Records a known connection. This records the connection ID and the
9315
9644
  * associated metadata.
9316
9645
  */
9317
- setConnection(connectionId, metaUserId, metaUserInfo, scopes) {
9646
+ setConnection(connectionId, metaUserId, metaUserInfo, access) {
9318
9647
  this.#internal.mutate((state) => {
9319
9648
  state.connections.set(
9320
9649
  connectionId,
@@ -9322,7 +9651,7 @@ var ManagedOthers = class {
9322
9651
  connectionId,
9323
9652
  id: metaUserId,
9324
9653
  info: metaUserInfo,
9325
- scopes
9654
+ access
9326
9655
  })
9327
9656
  );
9328
9657
  if (!state.presences.has(connectionId)) {
@@ -9475,6 +9804,14 @@ function defaultMessageFromContext(context) {
9475
9804
 
9476
9805
  // src/room.ts
9477
9806
  var FEEDS_TIMEOUT = 5e3;
9807
+ function connectionAccessFromScopes(scopes) {
9808
+ const roomPermissions = normalizeRoomPermissions(scopes);
9809
+ const matrix = permissionMatrixFromScopes(roomPermissions);
9810
+ return {
9811
+ canWrite: hasPermissionAccess(matrix, "storage", "write"),
9812
+ canComment: hasPermissionAccess(matrix, "comments", "write")
9813
+ };
9814
+ }
9478
9815
  function makeIdFactory(connectionId) {
9479
9816
  let count = 0;
9480
9817
  return () => `${connectionId}:${count++}`;
@@ -9526,6 +9863,19 @@ function makeNodeMapBuffer() {
9526
9863
  }
9527
9864
  };
9528
9865
  }
9866
+ function topLevelKeysOf(nodes) {
9867
+ const keys2 = /* @__PURE__ */ new Set();
9868
+ const root = nodes.get("root");
9869
+ for (const key in root?.data) {
9870
+ keys2.add(key);
9871
+ }
9872
+ for (const node of nodes.values()) {
9873
+ if (node.parentId === "root") {
9874
+ keys2.add(node.parentKey);
9875
+ }
9876
+ }
9877
+ return keys2;
9878
+ }
9529
9879
  function createRoom(options, config) {
9530
9880
  const roomId = config.roomId;
9531
9881
  const initialPresence = options.initialPresence;
@@ -9647,12 +9997,13 @@ function createRoom(options, config) {
9647
9997
  )
9648
9998
  };
9649
9999
  if (_getStorage$ !== null) {
9650
- refreshStorage({ flush: false });
10000
+ refreshStorage();
9651
10001
  }
9652
10002
  flushNowOrSoon();
9653
10003
  }
9654
10004
  function onDidDisconnect() {
9655
10005
  clearTimeout(context.buffer.flushTimerID);
10006
+ context.unacknowledgedOps.markAllAsPossiblyStored();
9656
10007
  }
9657
10008
  managedSocket.events.onMessage.subscribe(handleServerMessage);
9658
10009
  managedSocket.events.statusDidChange.subscribe(onStatusDidChange);
@@ -9698,8 +10049,8 @@ function createRoom(options, config) {
9698
10049
  }
9699
10050
  }
9700
10051
  function isStorageWritable() {
9701
- const scopes = context.dynamicSessionInfoSig.get()?.scopes;
9702
- return scopes !== void 0 ? canWriteStorage(scopes) : true;
10052
+ const permissionMatrix = context.dynamicSessionInfoSig.get()?.permissionMatrix;
10053
+ return permissionMatrix !== void 0 ? hasPermissionAccess(permissionMatrix, "storage", "write") : true;
9703
10054
  }
9704
10055
  const eventHub = {
9705
10056
  status: makeEventSource(),
@@ -9760,14 +10111,22 @@ function createRoom(options, config) {
9760
10111
  if (staticSession === null || dynamicSession === null) {
9761
10112
  return null;
9762
10113
  } else {
9763
- const canWrite = canWriteStorage(dynamicSession.scopes);
10114
+ const canWrite = hasPermissionAccess(
10115
+ dynamicSession.permissionMatrix,
10116
+ "storage",
10117
+ "write"
10118
+ );
9764
10119
  return {
9765
10120
  connectionId: dynamicSession.actor,
9766
10121
  id: staticSession.userId,
9767
10122
  info: staticSession.userInfo,
9768
10123
  presence: myPresence,
9769
10124
  canWrite,
9770
- canComment: canComment(dynamicSession.scopes)
10125
+ canComment: hasPermissionAccess(
10126
+ dynamicSession.permissionMatrix,
10127
+ "comments",
10128
+ "write"
10129
+ )
9771
10130
  };
9772
10131
  }
9773
10132
  }
@@ -9793,12 +10152,8 @@ function createRoom(options, config) {
9793
10152
  for (const [id, crdt] of context.pool.nodes) {
9794
10153
  currentItems.set(id, crdt._serialize());
9795
10154
  }
9796
- const ops = getTreesDiffOperations(currentItems, nodes);
9797
- const result = applyRemoteOps(
9798
- ops,
9799
- /* fromSnapshot */
9800
- true
9801
- );
10155
+ const ops = diffNodeMap(currentItems, nodes);
10156
+ const result = applyRemoteOps(ops);
9802
10157
  notify(result.updates);
9803
10158
  } else {
9804
10159
  context.root = LiveObject._fromItems(
@@ -9807,10 +10162,11 @@ function createRoom(options, config) {
9807
10162
  );
9808
10163
  }
9809
10164
  const canWrite = self.get()?.canWrite ?? true;
10165
+ const serverTopLevelKeys = topLevelKeysOf(nodes);
9810
10166
  const root = context.root;
9811
10167
  disableHistory(() => {
9812
10168
  for (const key in context.initialStorage) {
9813
- if (root.get(key) === void 0) {
10169
+ if (!serverTopLevelKeys.has(key)) {
9814
10170
  if (canWrite) {
9815
10171
  root.set(key, cloneLson(context.initialStorage[key]));
9816
10172
  } else {
@@ -9880,16 +10236,15 @@ function createRoom(options, config) {
9880
10236
  );
9881
10237
  return { opsToEmit: opsWithOpIds, reverse, updates };
9882
10238
  }
9883
- function applyRemoteOps(ops, fromSnapshot = false) {
10239
+ function applyRemoteOps(ops) {
9884
10240
  return applyOps(
9885
10241
  [],
9886
10242
  ops,
9887
10243
  /* isLocal */
9888
- false,
9889
- fromSnapshot
10244
+ false
9890
10245
  );
9891
10246
  }
9892
- function applyOps(pframes, ops, isLocal, fromSnapshot = false) {
10247
+ function applyOps(pframes, ops, isLocal) {
9893
10248
  const output = {
9894
10249
  reverse: new Deque(),
9895
10250
  storageUpdates: /* @__PURE__ */ new Map(),
@@ -9925,7 +10280,7 @@ function createRoom(options, config) {
9925
10280
  } else {
9926
10281
  source = 1 /* THEIRS */;
9927
10282
  }
9928
- const applyOpResult = applyOp(op, source, fromSnapshot);
10283
+ const applyOpResult = applyOp(op, source);
9929
10284
  if (applyOpResult.modified) {
9930
10285
  const nodeId = applyOpResult.modified.node._id;
9931
10286
  if (!(nodeId && createdNodeIds.has(nodeId))) {
@@ -9951,7 +10306,7 @@ function createRoom(options, config) {
9951
10306
  }
9952
10307
  };
9953
10308
  }
9954
- function applyOp(op, source, fromSnapshot = false) {
10309
+ function applyOp(op, source) {
9955
10310
  if (isIgnoredOp(op)) {
9956
10311
  return { modified: false };
9957
10312
  }
@@ -9990,7 +10345,7 @@ function createRoom(options, config) {
9990
10345
  if (parentNode === void 0) {
9991
10346
  return { modified: false };
9992
10347
  }
9993
- return parentNode._attachChild(op, source, fromSnapshot);
10348
+ return parentNode._attachChild(op, source);
9994
10349
  }
9995
10350
  }
9996
10351
  }
@@ -10061,7 +10416,9 @@ function createRoom(options, config) {
10061
10416
  context.dynamicSessionInfoSig.set({
10062
10417
  actor: message.actor,
10063
10418
  nonce: message.nonce,
10064
- scopes: message.scopes,
10419
+ permissionMatrix: permissionMatrixFromScopes(
10420
+ normalizeRoomPermissions(message.scopes)
10421
+ ),
10065
10422
  meta: message.meta
10066
10423
  });
10067
10424
  context.idFactory = makeIdFactory(message.actor);
@@ -10082,7 +10439,7 @@ function createRoom(options, config) {
10082
10439
  connectionId,
10083
10440
  user.id,
10084
10441
  user.info,
10085
- user.scopes
10442
+ connectionAccessFromScopes(user.scopes)
10086
10443
  );
10087
10444
  }
10088
10445
  return { type: "reset" };
@@ -10102,7 +10459,7 @@ function createRoom(options, config) {
10102
10459
  message.actor,
10103
10460
  message.id,
10104
10461
  message.info,
10105
- message.scopes
10462
+ connectionAccessFromScopes(message.scopes)
10106
10463
  );
10107
10464
  context.buffer.messages.push({
10108
10465
  type: ClientMsgCode.UPDATE_PRESENCE,
@@ -10592,29 +10949,18 @@ function createRoom(options, config) {
10592
10949
  notifyStorageStatus();
10593
10950
  eventHub.storageDidLoad.notify();
10594
10951
  }
10595
- async function streamStorage() {
10596
- if (!managedSocket.authValue) return;
10597
- const nodes = new Map(
10598
- await httpClient.streamStorage({ roomId })
10599
- );
10600
- processInitialStorage(nodes);
10601
- }
10602
- function refreshStorage(options2) {
10952
+ function refreshStorage() {
10603
10953
  const messages = context.buffer.messages;
10604
- if (config.unstable_streamData) {
10605
- void streamStorage();
10606
- } else if (!messages.some((msg) => msg.type === ClientMsgCode.FETCH_STORAGE)) {
10954
+ if (!messages.some((msg) => msg.type === ClientMsgCode.FETCH_STORAGE)) {
10607
10955
  messages.push({ type: ClientMsgCode.FETCH_STORAGE });
10608
10956
  nodeMapBuffer.take();
10609
10957
  stopwatch?.start();
10610
10958
  }
10611
- if (options2.flush) {
10612
- flushNowOrSoon();
10613
- }
10614
10959
  }
10615
10960
  function startLoadingStorage() {
10616
10961
  if (_getStorage$ === null) {
10617
- refreshStorage({ flush: true });
10962
+ refreshStorage();
10963
+ flushNowOrSoon();
10618
10964
  _getStorage$ = new Promise((resolve) => {
10619
10965
  _resolveStoragePromise = resolve;
10620
10966
  });
@@ -10622,7 +10968,7 @@ function createRoom(options, config) {
10622
10968
  }
10623
10969
  return _getStorage$;
10624
10970
  }
10625
- function getStorageSnapshot() {
10971
+ function getStorageOrNull() {
10626
10972
  const root = context.root;
10627
10973
  if (root !== void 0) {
10628
10974
  return root;
@@ -10936,7 +11282,7 @@ function createRoom(options, config) {
10936
11282
  }
10937
11283
  }
10938
11284
  function isStorageReady() {
10939
- return getStorageSnapshot() !== null;
11285
+ return getStorageOrNull() !== null;
10940
11286
  }
10941
11287
  async function waitUntilStorageReady() {
10942
11288
  while (!isStorageReady()) {
@@ -11179,7 +11525,9 @@ function createRoom(options, config) {
11179
11525
  _dump: () => {
11180
11526
  const n = context.pool.nodes.size;
11181
11527
  return `Room "${roomId}" (${n} node${n === 1 ? "" : "s"}):
11182
- ${dumpPool(context.pool)}`;
11528
+ ${dumpPool(
11529
+ context.pool
11530
+ )}`;
11183
11531
  },
11184
11532
  destroy: () => {
11185
11533
  pendingFeedsRequests.forEach(
@@ -11226,7 +11574,9 @@ ${dumpPool(context.pool)}`;
11226
11574
  updateFeedMessage,
11227
11575
  deleteFeedMessage,
11228
11576
  getStorage,
11229
- getStorageSnapshot,
11577
+ getStorageOrNull,
11578
+ getStorageSnapshot: getStorageOrNull,
11579
+ // Deprecated alias, will be removed in the future
11230
11580
  getStorageStatus,
11231
11581
  isPresenceReady,
11232
11582
  isStorageReady,
@@ -11372,7 +11722,11 @@ function isRoomEventName(value) {
11372
11722
  }
11373
11723
  function makeAuthDelegateForRoom(roomId, authManager) {
11374
11724
  return async () => {
11375
- return authManager.getAuthValue({ requestedScope: "room:read", roomId });
11725
+ return authManager.getAuthValue({
11726
+ roomId,
11727
+ resource: "room",
11728
+ access: "read"
11729
+ });
11376
11730
  };
11377
11731
  }
11378
11732
  function makeCreateSocketDelegateForRoom(roomId, baseUrl, WebSocketPolyfill) {
@@ -11444,7 +11798,6 @@ function createClient(options) {
11444
11798
  const httpClient = createApiClient({
11445
11799
  baseUrl,
11446
11800
  fetchPolyfill,
11447
- currentUserId,
11448
11801
  authManager
11449
11802
  });
11450
11803
  const roomsById = /* @__PURE__ */ new Map();
@@ -11462,7 +11815,8 @@ function createClient(options) {
11462
11815
  ),
11463
11816
  authenticate: async () => {
11464
11817
  const resp = await authManager.getAuthValue({
11465
- requestedScope: "room:read"
11818
+ resource: "personal",
11819
+ access: "write"
11466
11820
  });
11467
11821
  if (resp.type === "public") {
11468
11822
  throw new StopRetrying(
@@ -11535,7 +11889,6 @@ function createClient(options) {
11535
11889
  enableDebugLogging: clientOptions.enableDebugLogging,
11536
11890
  baseUrl,
11537
11891
  errorEventSource: liveblocksErrorSource,
11538
- unstable_streamData: !!clientOptions.unstable_streamData,
11539
11892
  roomHttpClient: httpClient,
11540
11893
  createSyncSource,
11541
11894
  badgeLocation: clientOptions.badgeLocation ?? "bottom-right"
@@ -12359,6 +12712,7 @@ export {
12359
12712
  createManagedPool,
12360
12713
  createNotificationSettings,
12361
12714
  createThreadId,
12715
+ deepLiveify,
12362
12716
  defineAiTool,
12363
12717
  deprecate,
12364
12718
  deprecateIf,
@@ -12370,6 +12724,7 @@ export {
12370
12724
  generateUrl,
12371
12725
  getMentionsFromCommentBody,
12372
12726
  getSubscriptionKey,
12727
+ hasPermissionAccess,
12373
12728
  html,
12374
12729
  htmlSafe,
12375
12730
  isCommentBodyLink,
@@ -12397,11 +12752,16 @@ export {
12397
12752
  makePosition,
12398
12753
  mapValues,
12399
12754
  memoizeOnSuccess,
12755
+ mergeRoomPermissionScopes,
12400
12756
  nanoid,
12401
12757
  nn,
12402
12758
  nodeStreamToCompactNodes,
12759
+ normalizeRoomAccesses,
12760
+ normalizeRoomPermissions,
12761
+ normalizeUpdateRoomAccesses,
12403
12762
  objectToQuery,
12404
12763
  patchNotificationSettings,
12764
+ permissionMatrixFromScopes,
12405
12765
  raise,
12406
12766
  resolveMentionsInCommentBody,
12407
12767
  sanitizeUrl,
@@ -12414,6 +12774,7 @@ export {
12414
12774
  tryParseJson,
12415
12775
  url,
12416
12776
  urljoin,
12777
+ validatePermissionsSet,
12417
12778
  wait,
12418
12779
  warnOnce,
12419
12780
  warnOnceIf,