@maravilla-labs/platform 0.2.1 → 0.2.2

package/dist/index.js

@@ -175,6 +175,52 @@ var RemoteDatabase = class {
   async deleteMany(collection, filter) {
     return this.deleteOne(collection, filter);
   }
+  async createVectorIndex(collection, spec) {
+    await this.fetch(`${this.baseUrl}/api/db/${collection}/vectorIndexes`, {
+      method: "POST",
+      body: JSON.stringify(spec)
+    });
+  }
+  async dropVectorIndex(collection, field) {
+    const response = await this.fetch(
+      `${this.baseUrl}/api/db/${collection}/vectorIndexes/${encodeURIComponent(field)}`,
+      { method: "DELETE" }
+    );
+    return response.json();
+  }
+  async listVectorIndexes(collection) {
+    const response = await this.fetch(`${this.baseUrl}/api/db/${collection}/vectorIndexes`, {
+      method: "GET"
+    });
+    return response.json();
+  }
+  async findSimilar(collection, query) {
+    const response = await this.fetch(`${this.baseUrl}/api/db/${collection}/vectorSearch`, {
+      method: "POST",
+      body: JSON.stringify(query)
+    });
+    return response.json();
+  }
+  async createIndex(collection, spec) {
+    const response = await this.fetch(`${this.baseUrl}/api/db/${collection}/indexes`, {
+      method: "POST",
+      body: JSON.stringify(spec)
+    });
+    return response.json();
+  }
+  async dropIndex(collection, name) {
+    const response = await this.fetch(
+      `${this.baseUrl}/api/db/${collection}/indexes/${encodeURIComponent(name)}`,
+      { method: "DELETE" }
+    );
+    return response.json();
+  }
+  async listIndexes(collection) {
+    const response = await this.fetch(`${this.baseUrl}/api/db/${collection}/indexes`, {
+      method: "GET"
+    });
+    return response.json();
+  }
 };
 var RemoteStorage = class _RemoteStorage {
   constructor(baseUrl, headers) {
@@ -481,6 +527,38 @@ var RemoteAuthService = class {
       }
     };
   }
+  // ── Request-scoped identity + authorization ──
+  //
+  // These APIs operate on per-request state inside the platform runtime and
+  // don't have a remote equivalent. Throw so callers get a clear message
+  // instead of silently wrong behavior.
+  setCurrentUser(_token) {
+    return Promise.reject(new Error(
+      "platform.auth.setCurrentUser is only available inside the Maravilla runtime. Remote clients should pass the Authorization header with each request instead."
+    ));
+  }
+  getCurrentUser() {
+    throw new Error(
+      "platform.auth.getCurrentUser is only available inside the Maravilla runtime. Remote clients have no per-request caller context."
+    );
+  }
+  can(_action, _resourceId, _node) {
+    return Promise.reject(new Error(
+      "platform.auth.can is only available inside the Maravilla runtime. Remote clients cannot evaluate per-request policies because there is no bound caller."
+    ));
+  }
+};
+var RemotePolicyService = class {
+  setEnabled(_enabled) {
+    throw new Error(
+      "platform.policy.setEnabled is only available inside the Maravilla runtime."
+    );
+  }
+  isEnabled() {
+    throw new Error(
+      "platform.policy.isEnabled is only available inside the Maravilla runtime."
+    );
+  }
 };
 function createRemoteClient(baseUrl, tenant) {
   const headers = {
@@ -497,6 +575,7 @@ function createRemoteClient(baseUrl, tenant) {
   const media = new RemoteMediaService(baseUrl, headers);
   const realtime = new RemoteRealtimeService(baseUrl, headers);
   const auth = new RemoteAuthService(baseUrl, headers);
+  const policy = new RemotePolicyService();
   return {
     env: {
       KV: kvProxy,
@@ -505,7 +584,8 @@ function createRemoteClient(baseUrl, tenant) {
     },
     media,
     realtime,
-    auth
+    auth,
+    policy
   };
 }
 
@@ -1173,6 +1253,174 @@ var MediaRoom = class _MediaRoom {
   }
 };
 
+// src/push.ts
+var DEFAULT_BASE_PATH = "/_rt/push";
+var DEFAULT_SW_PATH = "/_rt/push/sw.js";
+var VISITOR_STORAGE_KEY = "maravilla.push.visitorId";
+var REGISTER_TIMEOUT_MS = 1e4;
+function assertPushSupported() {
+  if (typeof navigator === "undefined" || !("serviceWorker" in navigator)) {
+    throw new Error("Web Push is not supported: serviceWorker is unavailable");
+  }
+  if (typeof window === "undefined" || !("PushManager" in window)) {
+    throw new Error("Web Push is not supported: PushManager is unavailable");
+  }
+}
+function base64UrlToArrayBuffer(input) {
+  const padding = "=".repeat((4 - input.length % 4) % 4);
+  const base64 = (input + padding).replace(/-/g, "+").replace(/_/g, "/");
+  const raw = atob(base64);
+  const buffer = new ArrayBuffer(raw.length);
+  const view = new Uint8Array(buffer);
+  for (let i = 0; i < raw.length; i++) {
+    view[i] = raw.charCodeAt(i);
+  }
+  return buffer;
+}
+function arrayBufferToBase64Url(buffer) {
+  if (!buffer) return void 0;
+  const bytes = new Uint8Array(buffer);
+  let binary = "";
+  for (let i = 0; i < bytes.length; i++) {
+    binary += String.fromCharCode(bytes[i]);
+  }
+  return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function randomUuid() {
+  const c = typeof crypto !== "undefined" ? crypto : void 0;
+  if (c && typeof c.randomUUID === "function") {
+    return c.randomUUID();
+  }
+  const bytes = new Uint8Array(16);
+  if (c && typeof c.getRandomValues === "function") {
+    c.getRandomValues(bytes);
+  } else {
+    for (let i = 0; i < 16; i++) bytes[i] = Math.floor(Math.random() * 256);
+  }
+  bytes[6] = bytes[6] & 15 | 64;
+  bytes[8] = bytes[8] & 63 | 128;
+  const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+  return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
+}
+function resolveVisitorId(userId, visitorId) {
+  if (visitorId) return visitorId;
+  if (userId) return null;
+  try {
+    const stored = window.localStorage.getItem(VISITOR_STORAGE_KEY);
+    if (stored) return stored;
+    const fresh = randomUuid();
+    window.localStorage.setItem(VISITOR_STORAGE_KEY, fresh);
+    return fresh;
+  } catch {
+    return randomUuid();
+  }
+}
+async function fetchVapidPublicKey(basePath) {
+  const res = await fetch(`${basePath}/vapid-public-key`, {
+    method: "GET",
+    credentials: "same-origin",
+    headers: { Accept: "application/json" }
+  });
+  if (!res.ok) {
+    throw new Error(`Failed to fetch VAPID public key: ${res.status} ${res.statusText}`);
+  }
+  const body = await res.json();
+  if (!body || typeof body.publicKey !== "string" || body.publicKey.length === 0) {
+    throw new Error("VAPID public key response is missing `publicKey`");
+  }
+  return body.publicKey;
+}
+function extractKeys(sub) {
+  return {
+    p256dh: arrayBufferToBase64Url(sub.getKey("p256dh")),
+    auth: arrayBufferToBase64Url(sub.getKey("auth"))
+  };
+}
+async function registerPush(opts = {}) {
+  assertPushSupported();
+  const basePath = opts.basePath ?? DEFAULT_BASE_PATH;
+  const swPath = opts.swPath ?? DEFAULT_SW_PATH;
+  const topics = opts.topics ?? [];
+  const userId = opts.userId ?? null;
+  const visitorId = resolveVisitorId(userId, opts.visitorId);
+  const timeout = new Promise(
+    (_, reject) => setTimeout(
+      () => reject(new Error(`registerPush timed out after ${REGISTER_TIMEOUT_MS}ms`)),
+      REGISTER_TIMEOUT_MS
+    )
+  );
+  const flow = (async () => {
+    const publicKey = await fetchVapidPublicKey(basePath);
+    const registration = await navigator.serviceWorker.register(swPath);
+    const existing = await registration.pushManager.getSubscription();
+    const subscription = existing ?? await registration.pushManager.subscribe({
+      userVisibleOnly: true,
+      applicationServerKey: base64UrlToArrayBuffer(publicKey)
+    });
+    const { p256dh, auth } = extractKeys(subscription);
+    const res = await fetch(`${basePath}/subscribe`, {
+      method: "POST",
+      credentials: "same-origin",
+      headers: { "Content-Type": "application/json", Accept: "application/json" },
+      body: JSON.stringify({
+        provider: "web-push",
+        endpoint: subscription.endpoint,
+        p256dh,
+        auth,
+        userId,
+        visitorId,
+        topics
+      })
+    });
+    if (!res.ok) {
+      throw new Error(`Subscribe failed: ${res.status} ${res.statusText}`);
+    }
+    const saved = await res.json();
+    if (!saved || typeof saved.id !== "string" || saved.id.length === 0) {
+      throw new Error("Subscribe response is missing `id`");
+    }
+    return { subscription, subscriptionId: saved.id };
+  })();
+  return Promise.race([flow, timeout]);
+}
+async function unregisterPush(subscriptionId, opts = {}) {
+  if (!subscriptionId) {
+    throw new Error("subscriptionId is required");
+  }
+  const basePath = opts.basePath ?? DEFAULT_BASE_PATH;
+  const res = await fetch(`${basePath}/unsubscribe`, {
+    method: "POST",
+    credentials: "same-origin",
+    headers: { "Content-Type": "application/json" },
+    body: JSON.stringify({ subscriptionId })
+  });
+  if (!res.ok && res.status !== 404) {
+    throw new Error(`Unsubscribe failed: ${res.status} ${res.statusText}`);
+  }
+}
+function offsetBefore(anchor, offset) {
+  const anchorDate = anchor instanceof Date ? anchor : new Date(anchor);
+  if (Number.isNaN(anchorDate.getTime())) {
+    throw new Error(`offsetBefore: invalid anchor "${String(anchor)}"`);
+  }
+  const match = /^(\d+)\s*(s|m|h|d|w)$/i.exec(offset.trim());
+  if (!match) {
+    throw new Error(
+      `offsetBefore: invalid offset "${offset}" \u2014 expected something like "30m", "1h", "2d", "1w"`
+    );
+  }
+  const amount = Number(match[1]);
+  const unit = match[2].toLowerCase();
+  const UNIT_MS = {
+    s: 1e3,
+    m: 6e4,
+    h: 36e5,
+    d: 864e5,
+    w: 6048e5
+  };
+  return new Date(anchorDate.getTime() - amount * UNIT_MS[unit]);
+}
+
 // src/index.ts
 var cachedPlatform = void 0;
 function getPlatform(options) {
@@ -1218,8 +1466,11 @@ export {
   detachTrack,
   getOrCreateClientId,
   getPlatform,
+  offsetBefore,
+  registerPush,
   renFetch,
   storageDelete,
-  storageUpload
+  storageUpload,
+  unregisterPush
 };
 //# sourceMappingURL=index.js.map