@mesob/auth-react 0.3.5 → 0.4.0

package/dist/components/iam/role-detail-page.js

@@ -0,0 +1,229 @@
+"use client";
+
+// src/components/iam/role-detail-page.tsx
+import { zodResolver } from "@hookform/resolvers/zod";
+import {
+  EntityFormActions,
+  Form,
+  FormControl,
+  FormField,
+  FormItem,
+  FormLabel,
+  FormMessage,
+  Input,
+  LocaleInputText,
+  LocaleInputTextarea,
+  Section,
+  Skeleton
+} from "@mesob/ui/components";
+import { useLocaleSchemas } from "@mesob/ui/providers";
+import { useQueryClient } from "@tanstack/react-query";
+import { useEffect, useMemo as useMemo2 } from "react";
+import { useForm } from "react-hook-form";
+import { toast } from "sonner";
+import { z } from "zod";
+
+// src/provider.tsx
+import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
+import { deepmerge } from "deepmerge-ts";
+import createFetchClient from "openapi-fetch";
+import createClient from "openapi-react-query";
+import { createContext, useContext, useMemo, useState } from "react";
+
+// src/utils/cookie.ts
+var isProduction = typeof process !== "undefined" && process.env.NODE_ENV === "production";
+
+// src/provider.tsx
+import { jsx } from "react/jsx-runtime";
+var SessionContext = createContext(null);
+var ApiContext = createContext(null);
+var ConfigContext = createContext(null);
+var queryClient = new QueryClient({
+  defaultOptions: {
+    queries: {
+      refetchOnWindowFocus: false
+    }
+  }
+});
+function useApi() {
+  const context = useContext(ApiContext);
+  if (!context) {
+    throw new Error("useApi must be used within MesobAuthProvider");
+  }
+  return context;
+}
+function useConfig() {
+  const context = useContext(ConfigContext);
+  if (!context) {
+    throw new Error("useConfig must be used within MesobAuthProvider");
+  }
+  return context;
+}
+
+// src/components/iam/role-detail-page.tsx
+import { jsx as jsx2, jsxs } from "react/jsx-runtime";
+function RoleDetailPage({
+  roleId,
+  basePath = "/iam/roles"
+}) {
+  const { hooks } = useApi();
+  const { config } = useConfig();
+  const qc = useQueryClient();
+  const { localeInputDefault, requiredSchema, optionalSchema } = useLocaleSchemas();
+  const schema = useMemo2(
+    () => z.object({
+      name: requiredSchema,
+      code: z.string().min(1, "Code is required"),
+      description: optionalSchema
+    }),
+    [requiredSchema, optionalSchema]
+  );
+  const defaults = useMemo2(
+    () => ({
+      name: { ...localeInputDefault },
+      code: "",
+      description: { ...localeInputDefault }
+    }),
+    [localeInputDefault]
+  );
+  const { data, isLoading } = hooks.useQuery(
+    "get",
+    "/roles/{id}",
+    { params: { path: { id: roleId } } },
+    { enabled: !!roleId }
+  );
+  const update = hooks.useMutation("put", "/roles/{id}", {
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ["get", "/roles"] });
+      qc.invalidateQueries({ queryKey: ["get", "/roles/{id}"] });
+      toast.success("Role updated");
+    },
+    onError: () => {
+      toast.error("Failed to update role");
+    }
+  });
+  const remove = hooks.useMutation("delete", "/roles/{id}", {
+    onSuccess: () => {
+      qc.invalidateQueries({ queryKey: ["get", "/roles"] });
+      toast.success("Role deleted");
+      config.navigation?.onNavigate?.(basePath);
+    },
+    onError: () => {
+      toast.error("Failed to delete role");
+    }
+  });
+  const form = useForm({
+    resolver: zodResolver(schema),
+    defaultValues: defaults
+  });
+  const { reset, formState, control, register } = form;
+  useEffect(() => {
+    if (!data?.role) {
+      return;
+    }
+    const r = data.role;
+    reset({
+      name: r.name ?? {},
+      code: r.code,
+      description: r.description ?? {}
+    });
+  }, [data?.role, reset]);
+  if (!roleId) {
+    return null;
+  }
+  const role = data?.role;
+  const editable = role?.isEditable !== false;
+  const deletable = role?.isDeletable !== false;
+  const onSubmit = form.handleSubmit(async (d) => {
+    await update.mutateAsync({
+      params: { path: { id: roleId } },
+      body: {
+        name: d.name,
+        code: d.code,
+        description: d.description ?? void 0
+      }
+    });
+  });
+  const footer = role ? /* @__PURE__ */ jsx2(
+    EntityFormActions,
+    {
+      mode: "edit",
+      onSubmit,
+      onDelete: deletable ? () => remove.mutate({
+        params: { path: { id: roleId } }
+      }) : void 0,
+      isSubmitting: update.isPending,
+      isDeleting: remove.isPending,
+      disabled: !editable,
+      itemName: "role"
+    }
+  ) : null;
+  return /* @__PURE__ */ jsx2(Section, { title: "Role details", footer, defaultOpen: true, children: isLoading || !role ? /* @__PURE__ */ jsx2(RoleDetailSkeleton, {}) : /* @__PURE__ */ jsx2(Form, { ...form, children: /* @__PURE__ */ jsxs("form", { onSubmit, className: "space-y-4", children: [
+    /* @__PURE__ */ jsx2(
+      LocaleInputText,
+      {
+        label: "Name",
+        field: "name",
+        required: true,
+        register,
+        errors: formState.errors,
+        placeholder: "e.g. Administrator",
+        disabled: !editable
+      }
+    ),
+    /* @__PURE__ */ jsx2(
+      FormField,
+      {
+        control,
+        name: "code",
+        render: ({ field }) => /* @__PURE__ */ jsxs(FormItem, { children: [
+          /* @__PURE__ */ jsxs(FormLabel, { children: [
+            "Code ",
+            /* @__PURE__ */ jsx2("span", { className: "text-destructive", children: "*" })
+          ] }),
+          /* @__PURE__ */ jsx2(FormControl, { children: /* @__PURE__ */ jsx2(
+            Input,
+            {
+              placeholder: "e.g. admin",
+              disabled: !editable,
+              ...field
+            }
+          ) }),
+          /* @__PURE__ */ jsx2(FormMessage, {})
+        ] })
+      }
+    ),
+    /* @__PURE__ */ jsx2(
+      LocaleInputTextarea,
+      {
+        label: "Description",
+        field: "description",
+        register,
+        errors: formState.errors,
+        placeholder: "Description",
+        rows: 3,
+        disabled: !editable
+      }
+    )
+  ] }) }) });
+}
+function RoleDetailSkeleton() {
+  return /* @__PURE__ */ jsxs("div", { className: "space-y-4", children: [
+    /* @__PURE__ */ jsxs("div", { className: "space-y-2", children: [
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-4 w-16" }),
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-10 w-full" })
+    ] }),
+    /* @__PURE__ */ jsxs("div", { className: "space-y-2", children: [
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-4 w-14" }),
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-10 w-full" })
+    ] }),
+    /* @__PURE__ */ jsxs("div", { className: "space-y-2", children: [
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-4 w-24" }),
+      /* @__PURE__ */ jsx2(Skeleton, { className: "h-20 w-full" })
+    ] })
+  ] });
+}
+export {
+  RoleDetailPage
+};
+//# sourceMappingURL=role-detail-page.js.map

package/dist/components/iam/role-detail-page.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/components/iam/role-detail-page.tsx","../../../src/provider.tsx","../../../src/utils/cookie.ts"],"sourcesContent":["'use client';\n\nimport { zodResolver } from '@hookform/resolvers/zod';\nimport {\n  EntityFormActions,\n  Form,\n  FormControl,\n  FormField,\n  FormItem,\n  FormLabel,\n  FormMessage,\n  Input,\n  LocaleInputText,\n  LocaleInputTextarea,\n  Section,\n  Skeleton,\n} from '@mesob/ui/components';\nimport { useLocaleSchemas } from '@mesob/ui/providers';\nimport { useQueryClient } from '@tanstack/react-query';\nimport { useEffect, useMemo } from 'react';\nimport type { Resolver } from 'react-hook-form';\nimport { useForm } from 'react-hook-form';\nimport { toast } from 'sonner';\nimport { z } from 'zod';\nimport { useApi, useConfig } from '../../provider';\n\ntype RoleFormData = {\n  name: Record<string, string>;\n  code: string;\n  description: Record<string, string>;\n};\n\ntype RoleDetailPageProps = {\n  roleId: string;\n  basePath?: string;\n};\n\nexport function RoleDetailPage({\n  roleId,\n  basePath = '/iam/roles',\n}: RoleDetailPageProps) {\n  const { hooks } = useApi();\n  const { config } = useConfig();\n  const qc = useQueryClient();\n  const { localeInputDefault, requiredSchema, optionalSchema } =\n    useLocaleSchemas();\n  const schema = useMemo(\n    () =>\n      z.object({\n        name: requiredSchema,\n        code: z.string().min(1, 'Code is required'),\n        description: optionalSchema,\n      }),\n    [requiredSchema, optionalSchema],\n  );\n  const defaults: RoleFormData = useMemo(\n    () => ({\n      name: { ...localeInputDefault },\n      code: '',\n      description: { ...localeInputDefault },\n    }),\n    [localeInputDefault],\n  );\n\n  const { data, isLoading } = hooks.useQuery(\n    'get',\n    '/roles/{id}',\n    { params: { path: { id: roleId } } },\n    { enabled: !!roleId },\n  );\n\n  const update = hooks.useMutation('put', '/roles/{id}', {\n    onSuccess: () => {\n      qc.invalidateQueries({ queryKey: ['get', '/roles'] });\n      qc.invalidateQueries({ queryKey: ['get', '/roles/{id}'] });\n      toast.success('Role updated');\n    },\n    onError: () => {\n      toast.error('Failed to update role');\n    },\n  });\n  const remove = hooks.useMutation('delete', '/roles/{id}', {\n    onSuccess: () => {\n      qc.invalidateQueries({ queryKey: ['get', '/roles'] });\n      toast.success('Role deleted');\n      config.navigation?.onNavigate?.(basePath);\n    },\n    onError: () => {\n      toast.error('Failed to delete role');\n    },\n  });\n\n  const form = useForm<RoleFormData>({\n    resolver: zodResolver(schema) as Resolver<RoleFormData>,\n    defaultValues: defaults,\n  });\n\n  const { reset, formState, control, register } = form;\n\n  useEffect(() => {\n    if (!data?.role) {\n      return;\n    }\n    const r = data.role;\n    reset({\n      name: (r.name ?? {}) as RoleFormData['name'],\n      code: r.code,\n      description: (r.description ?? {}) as RoleFormData['description'],\n    });\n  }, [data?.role, reset]);\n\n  if (!roleId) {\n    return null;\n  }\n\n  const role = data?.role;\n  const editable = role?.isEditable !== false;\n  const deletable = role?.isDeletable !== false;\n  const onSubmit = form.handleSubmit(async (d) => {\n    await update.mutateAsync({\n      params: { path: { id: roleId } },\n      body: {\n        name: d.name,\n        code: d.code,\n        description: d.description ?? undefined,\n      },\n    });\n  });\n\n  const footer = role ? (\n    <EntityFormActions\n      mode=\"edit\"\n      onSubmit={onSubmit}\n      onDelete={\n        deletable\n          ? () =>\n              remove.mutate({\n                params: { path: { id: roleId } },\n              })\n          : undefined\n      }\n      isSubmitting={update.isPending}\n      isDeleting={remove.isPending}\n      disabled={!editable}\n      itemName=\"role\"\n    />\n  ) : null;\n\n  return (\n    <Section title=\"Role details\" footer={footer} defaultOpen>\n      {isLoading || !role ? (\n        <RoleDetailSkeleton />\n      ) : (\n        <Form {...form}>\n          <form onSubmit={onSubmit} className=\"space-y-4\">\n            <LocaleInputText\n              label=\"Name\"\n              field=\"name\"\n              required\n              register={register}\n              errors={formState.errors}\n              placeholder=\"e.g. Administrator\"\n              disabled={!editable}\n            />\n            <FormField\n              control={control}\n              name=\"code\"\n              render={({ field }) => (\n                <FormItem>\n                  <FormLabel>\n                    Code <span className=\"text-destructive\">*</span>\n                  </FormLabel>\n                  <FormControl>\n                    <Input\n                      placeholder=\"e.g. admin\"\n                      disabled={!editable}\n                      {...field}\n                    />\n                  </FormControl>\n                  <FormMessage />\n                </FormItem>\n              )}\n            />\n            <LocaleInputTextarea\n              label=\"Description\"\n              field=\"description\"\n              register={register}\n              errors={formState.errors}\n              placeholder=\"Description\"\n              rows={3}\n              disabled={!editable}\n            />\n          </form>\n        </Form>\n      )}\n    </Section>\n  );\n}\n\nfunction RoleDetailSkeleton() {\n  return (\n    <div className=\"space-y-4\">\n      <div className=\"space-y-2\">\n        <Skeleton className=\"h-4 w-16\" />\n        <Skeleton className=\"h-10 w-full\" />\n      </div>\n      <div className=\"space-y-2\">\n        <Skeleton className=\"h-4 w-14\" />\n        <Skeleton className=\"h-10 w-full\" />\n      </div>\n      <div className=\"space-y-2\">\n        <Skeleton className=\"h-4 w-24\" />\n        <Skeleton className=\"h-20 w-full\" />\n      </div>\n    </div>\n  );\n}\n","'use client';\n\nimport { QueryClient, QueryClientProvider } from '@tanstack/react-query';\nimport { deepmerge } from 'deepmerge-ts';\nimport createFetchClient from 'openapi-fetch';\nimport createClient from 'openapi-react-query';\nimport type { ReactNode } from 'react';\nimport { createContext, useContext, useMemo, useState } from 'react';\nimport type { paths } from './data/openapi';\nimport { createTranslator } from './lib/translations';\nimport {\n  type AuthClientConfig,\n  type AuthResponse,\n  defaultAuthClientConfig,\n  type Session,\n  type User,\n} from './types';\nimport { getSessionCookieName } from './utils/cookie';\nimport { createCustomFetch } from './utils/custom-fetch';\n\n// biome-ignore lint/suspicious/noExplicitAny: OpenAPI hooks type\ntype OpenApiHooks = any;\n\n// --- Utility: Check if running on server ---\nfunction isServer(): boolean {\n  return typeof document === 'undefined';\n}\n\n/**\n * @deprecated Cookie is httpOnly and cannot be read client-side.\n * Use `useSession().isAuthenticated` instead.\n * This function always returns false on client.\n */\nexport function hasAuthCookie(_cookieName: string): boolean {\n  // Cookie is httpOnly, can't check client-side\n  // Always return false - use useSession() for auth status\n  return false;\n}\n\n// --- Types ---\nexport type AuthStatus = 'loading' | 'authenticated' | 'unauthenticated';\n\ntype AuthState = {\n  user: User | null;\n  session: Session | null;\n  status: AuthStatus;\n  error: Error | null;\n};\n\ntype SessionContextValue = AuthState & {\n  isLoading: boolean;\n  isAuthenticated: boolean;\n  refresh: () => Promise<void>;\n  signOut: () => Promise<void>;\n};\n\ntype ApiContextValue = {\n  hooks: OpenApiHooks;\n  setAuth: (auth: AuthResponse) => void;\n  clearAuth: () => void;\n  refresh: () => Promise<void>;\n};\n\ntype ConfigContextValue = {\n  config: AuthClientConfig;\n  cookieName: string;\n  t: (key: string, params?: Record<string, string | number>) => string;\n};\n\nconst SessionContext = createContext<SessionContextValue | null>(null);\nconst ApiContext = createContext<ApiContextValue | null>(null);\nconst ConfigContext = createContext<ConfigContextValue | null>(null);\n\nconst queryClient = new QueryClient({\n  defaultOptions: {\n    queries: {\n      refetchOnWindowFocus: false,\n    },\n  },\n});\n\n// --- Hooks ---\n\n/**\n * Get session state including user, session, and auth status.\n * - `status`: 'loading' | 'authenticated' | 'unauthenticated'\n * - `isLoading`: true while fetching session\n * - `isAuthenticated`: true if user and session exist\n */\nexport function useSession(): SessionContextValue {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error('useSession must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\nexport function useApi(): ApiContextValue {\n  const context = useContext(ApiContext);\n  if (!context) {\n    throw new Error('useApi must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\nexport function useConfig(): ConfigContextValue {\n  const context = useContext(ConfigContext);\n  if (!context) {\n    throw new Error('useConfig must be used within MesobAuthProvider');\n  }\n  return context;\n}\n\n/**\n * @deprecated Cookie is httpOnly, can't be checked client-side.\n * Use `useSession().isAuthenticated` instead.\n */\nexport function useHasAuthCookie(): boolean {\n  const { status } = useSession();\n  return status === 'authenticated' || status === 'loading';\n}\n\n// --- Provider ---\n\ntype MesobAuthProviderProps = {\n  config: AuthClientConfig;\n  children: ReactNode;\n};\n\nexport function MesobAuthProvider({\n  config,\n  children,\n}: MesobAuthProviderProps) {\n  const mergedConfig = useMemo(\n    () =>\n      deepmerge(\n        { ...defaultAuthClientConfig } as Partial<AuthClientConfig>,\n        config,\n      ) as AuthClientConfig,\n    [config],\n  );\n\n  const api = useMemo(\n    () =>\n      createFetchClient<paths>({\n        baseUrl: mergedConfig.baseURL,\n        fetch: createCustomFetch(mergedConfig),\n      }),\n    [mergedConfig],\n  );\n\n  const hooks = useMemo(() => createClient(api), [api]);\n  const cookieName = useMemo(\n    () => getSessionCookieName(mergedConfig),\n    [mergedConfig],\n  );\n\n  return (\n    <QueryClientProvider client={queryClient}>\n      <AuthStateProvider\n        config={mergedConfig}\n        hooks={hooks}\n        cookieName={cookieName}\n      >\n        {children}\n      </AuthStateProvider>\n    </QueryClientProvider>\n  );\n}\n\ntype AuthStateProviderProps = {\n  config: AuthClientConfig;\n  hooks: OpenApiHooks;\n  cookieName: string;\n  children: ReactNode;\n};\n\nfunction AuthStateProvider({\n  config,\n  hooks,\n  cookieName,\n  children,\n}: AuthStateProviderProps) {\n  // Manual override for sign-out / sign-in\n  const [override, setOverride] = useState<AuthState | null>(null);\n\n  // Always fetch session - cookie is httpOnly, can't check client-side\n  // Server will read the cookie and return user/session if valid\n  const {\n    data: sessionData,\n    isLoading,\n    isFetched,\n    error: sessionError,\n    refetch,\n  } = hooks.useQuery(\n    'get',\n    '/session',\n    {},\n    {\n      enabled: !(override || isServer()),\n      refetchOnMount: false,\n      refetchOnWindowFocus: false,\n      refetchOnReconnect: false,\n      retry: false,\n      gcTime: 0,\n      staleTime: 0,\n    },\n  );\n\n  // Derive state directly - no useEffect\n  const user = override?.user ?? sessionData?.user ?? null;\n  const session = override?.session ?? sessionData?.session ?? null;\n  const error = override?.error ?? (sessionError as Error | null);\n\n  // Check error status code\n  const errorStatus = (() => {\n    if (!sessionError) {\n      return null;\n    }\n    const err = sessionError as { status?: number };\n    return err.status ?? null;\n  })();\n\n  // Check if error is a network/connection error\n  const isNetworkError = (() => {\n    if (!sessionError) {\n      return false;\n    }\n    const error = sessionError as Error & { cause?: unknown; data?: unknown };\n    const errorMessage =\n      error.message || String(error) || JSON.stringify(error);\n    // Network errors: TypeError, DOMException, or fetch failures\n    if (\n      error instanceof TypeError ||\n      error instanceof DOMException ||\n      error.name === 'TypeError' ||\n      errorMessage.includes('Failed to fetch') ||\n      errorMessage.includes('ERR_CONNECTION_REFUSED') ||\n      errorMessage.includes('NetworkError') ||\n      errorMessage.includes('Network request failed') ||\n      errorMessage.includes('fetch failed')\n    ) {\n      return true;\n    }\n    // Check error cause\n    if (error.cause) {\n      const causeStr = String(error.cause);\n      if (\n        causeStr.includes('Failed to fetch') ||\n        causeStr.includes('ERR_CONNECTION_REFUSED') ||\n        causeStr.includes('NetworkError')\n      ) {\n        return true;\n      }\n    }\n    return false;\n  })();\n\n  // Compute status\n  // biome-ignore lint: Status determination requires multiple checks\n  const status: AuthStatus = (() => {\n    if (override) {\n      return override.status;\n    }\n    if (isServer()) {\n      return 'loading';\n    }\n    if (user && session) {\n      return 'authenticated';\n    }\n    // Check for network errors or auth errors first - allow auth page to show\n    if (isNetworkError || errorStatus === 401) {\n      return 'unauthenticated';\n    }\n    // If we have an error but it's not a network error, still check loading state\n    if (sessionError && !isNetworkError && errorStatus !== 401) {\n      if (errorStatus && errorStatus >= 500) {\n        return 'authenticated';\n      }\n      // Other errors mean unauthenticated\n      if (isFetched) {\n        return 'unauthenticated';\n      }\n    }\n    if (isLoading || !isFetched) {\n      return 'loading';\n    }\n    if (isFetched && !user && !session) {\n      return 'unauthenticated';\n    }\n    return 'unauthenticated';\n  })();\n\n  const signOutMutation = hooks.useMutation('post', '/sign-out');\n  const t = createTranslator(config.messages || {});\n\n  const setAuth = (auth: AuthResponse) => {\n    setOverride({\n      user: auth.user,\n      session: auth.session,\n      status: 'authenticated',\n      error: null,\n    });\n  };\n\n  const clearAuth = () => {\n    setOverride({\n      user: null,\n      session: null,\n      status: 'unauthenticated',\n      error: null,\n    });\n  };\n\n  const refresh = async () => {\n    setOverride(null);\n    await refetch();\n  };\n\n  const signOut = async () => {\n    try {\n      await signOutMutation.mutateAsync({});\n    } finally {\n      clearAuth();\n    }\n  };\n\n  return (\n    <ConfigContext.Provider value={{ config, cookieName, t }}>\n      <ApiContext.Provider value={{ hooks, setAuth, clearAuth, refresh }}>\n        <SessionContext.Provider\n          value={{\n            user,\n            session,\n            status,\n            error,\n            isLoading: status === 'loading',\n            isAuthenticated: status === 'authenticated',\n            refresh,\n            signOut,\n          }}\n        >\n          {children}\n        </SessionContext.Provider>\n      </ApiContext.Provider>\n    </ConfigContext.Provider>\n  );\n}\n","import type { AuthClientConfig } from '../types';\n\nconst isProduction =\n  typeof process !== 'undefined' && process.env.NODE_ENV === 'production';\n\nexport const getSessionCookieName = (config: AuthClientConfig): string => {\n  const prefix = config.cookiePrefix || '';\n  const baseName = 'session_token';\n  if (prefix) {\n    return `${prefix}_${baseName}`;\n  }\n  return isProduction ? '__Host-session_token' : baseName;\n};\n"],"mappings":";;;AAEA,SAAS,mBAAmB;AAC5B;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,wBAAwB;AACjC,SAAS,sBAAsB;AAC/B,SAAS,WAAW,WAAAA,gBAAe;AAEnC,SAAS,eAAe;AACxB,SAAS,aAAa;AACtB,SAAS,SAAS;;;ACrBlB,SAAS,aAAa,2BAA2B;AACjD,SAAS,iBAAiB;AAC1B,OAAO,uBAAuB;AAC9B,OAAO,kBAAkB;AAEzB,SAAS,eAAe,YAAY,SAAS,gBAAgB;;;ACL7D,IAAM,eACJ,OAAO,YAAY,eAAe,QAAQ,IAAI,aAAa;;;AD4JvD;AA1FN,IAAM,iBAAiB,cAA0C,IAAI;AACrE,IAAM,aAAa,cAAsC,IAAI;AAC7D,IAAM,gBAAgB,cAAyC,IAAI;AAEnE,IAAM,cAAc,IAAI,YAAY;AAAA,EAClC,gBAAgB;AAAA,IACd,SAAS;AAAA,MACP,sBAAsB;AAAA,IACxB;AAAA,EACF;AACF,CAAC;AAkBM,SAAS,SAA0B;AACxC,QAAM,UAAU,WAAW,UAAU;AACrC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,8CAA8C;AAAA,EAChE;AACA,SAAO;AACT;AAEO,SAAS,YAAgC;AAC9C,QAAM,UAAU,WAAW,aAAa;AACxC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,iDAAiD;AAAA,EACnE;AACA,SAAO;AACT;;;ADmBI,gBAAAC,MAuCc,YAvCd;AA7FG,SAAS,eAAe;AAAA,EAC7B;AAAA,EACA,WAAW;AACb,GAAwB;AACtB,QAAM,EAAE,MAAM,IAAI,OAAO;AACzB,QAAM,EAAE,OAAO,IAAI,UAAU;AAC7B,QAAM,KAAK,eAAe;AAC1B,QAAM,EAAE,oBAAoB,gBAAgB,eAAe,IACzD,iBAAiB;AACnB,QAAM,SAASC;AAAA,IACb,MACE,EAAE,OAAO;AAAA,MACP,MAAM;AAAA,MACN,MAAM,EAAE,OAAO,EAAE,IAAI,GAAG,kBAAkB;AAAA,MAC1C,aAAa;AAAA,IACf,CAAC;AAAA,IACH,CAAC,gBAAgB,cAAc;AAAA,EACjC;AACA,QAAM,WAAyBA;AAAA,IAC7B,OAAO;AAAA,MACL,MAAM,EAAE,GAAG,mBAAmB;AAAA,MAC9B,MAAM;AAAA,MACN,aAAa,EAAE,GAAG,mBAAmB;AAAA,IACvC;AAAA,IACA,CAAC,kBAAkB;AAAA,EACrB;AAEA,QAAM,EAAE,MAAM,UAAU,IAAI,MAAM;AAAA,IAChC;AAAA,IACA;AAAA,IACA,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,OAAO,EAAE,EAAE;AAAA,IACnC,EAAE,SAAS,CAAC,CAAC,OAAO;AAAA,EACtB;AAEA,QAAM,SAAS,MAAM,YAAY,OAAO,eAAe;AAAA,IACrD,WAAW,MAAM;AACf,SAAG,kBAAkB,EAAE,UAAU,CAAC,OAAO,QAAQ,EAAE,CAAC;AACpD,SAAG,kBAAkB,EAAE,UAAU,CAAC,OAAO,aAAa,EAAE,CAAC;AACzD,YAAM,QAAQ,cAAc;AAAA,IAC9B;AAAA,IACA,SAAS,MAAM;AACb,YAAM,MAAM,uBAAuB;AAAA,IACrC;AAAA,EACF,CAAC;AACD,QAAM,SAAS,MAAM,YAAY,UAAU,eAAe;AAAA,IACxD,WAAW,MAAM;AACf,SAAG,kBAAkB,EAAE,UAAU,CAAC,OAAO,QAAQ,EAAE,CAAC;AACpD,YAAM,QAAQ,cAAc;AAC5B,aAAO,YAAY,aAAa,QAAQ;AAAA,IAC1C;AAAA,IACA,SAAS,MAAM;AACb,YAAM,MAAM,uBAAuB;AAAA,IACrC;AAAA,EACF,CAAC;AAED,QAAM,OAAO,QAAsB;AAAA,IACjC,UAAU,YAAY,MAAM;AAAA,IAC5B,eAAe;AAAA,EACjB,CAAC;AAED,QAAM,EAAE,OAAO,WAAW,SAAS,SAAS,IAAI;AAEhD,YAAU,MAAM;AACd,QAAI,CAAC,MAAM,MAAM;AACf;AAAA,IACF;AACA,UAAM,IAAI,KAAK;AACf,UAAM;AAAA,MACJ,MAAO,EAAE,QAAQ,CAAC;AAAA,MAClB,MAAM,EAAE;AAAA,MACR,aAAc,EAAE,eAAe,CAAC;AAAA,IAClC,CAAC;AAAA,EACH,GAAG,CAAC,MAAM,MAAM,KAAK,CAAC;AAEtB,MAAI,CAAC,QAAQ;AACX,WAAO;AAAA,EACT;AAEA,QAAM,OAAO,MAAM;AACnB,QAAM,WAAW,MAAM,eAAe;AACtC,QAAM,YAAY,MAAM,gBAAgB;AACxC,QAAM,WAAW,KAAK,aAAa,OAAO,MAAM;AAC9C,UAAM,OAAO,YAAY;AAAA,MACvB,QAAQ,EAAE,MAAM,EAAE,IAAI,OAAO,EAAE;AAAA,MAC/B,MAAM;AAAA,QACJ,MAAM,EAAE;AAAA,QACR,MAAM,EAAE;AAAA,QACR,aAAa,EAAE,eAAe;AAAA,MAChC;AAAA,IACF,CAAC;AAAA,EACH,CAAC;AAED,QAAM,SAAS,OACb,gBAAAD;AAAA,IAAC;AAAA;AAAA,MACC,MAAK;AAAA,MACL;AAAA,MACA,UACE,YACI,MACE,OAAO,OAAO;AAAA,QACZ,QAAQ,EAAE,MAAM,EAAE,IAAI,OAAO,EAAE;AAAA,MACjC,CAAC,IACH;AAAA,MAEN,cAAc,OAAO;AAAA,MACrB,YAAY,OAAO;AAAA,MACnB,UAAU,CAAC;AAAA,MACX,UAAS;AAAA;AAAA,EACX,IACE;AAEJ,SACE,gBAAAA,KAAC,WAAQ,OAAM,gBAAe,QAAgB,aAAW,MACtD,uBAAa,CAAC,OACb,gBAAAA,KAAC,sBAAmB,IAEpB,gBAAAA,KAAC,QAAM,GAAG,MACR,+BAAC,UAAK,UAAoB,WAAU,aAClC;AAAA,oBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,OAAM;AAAA,QACN,OAAM;AAAA,QACN,UAAQ;AAAA,QACR;AAAA,QACA,QAAQ,UAAU;AAAA,QAClB,aAAY;AAAA,QACZ,UAAU,CAAC;AAAA;AAAA,IACb;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC;AAAA,QACA,MAAK;AAAA,QACL,QAAQ,CAAC,EAAE,MAAM,MACf,qBAAC,YACC;AAAA,+BAAC,aAAU;AAAA;AAAA,YACJ,gBAAAA,KAAC,UAAK,WAAU,oBAAmB,eAAC;AAAA,aAC3C;AAAA,UACA,gBAAAA,KAAC,eACC,0BAAAA;AAAA,YAAC;AAAA;AAAA,cACC,aAAY;AAAA,cACZ,UAAU,CAAC;AAAA,cACV,GAAG;AAAA;AAAA,UACN,GACF;AAAA,UACA,gBAAAA,KAAC,eAAY;AAAA,WACf;AAAA;AAAA,IAEJ;AAAA,IACA,gBAAAA;AAAA,MAAC;AAAA;AAAA,QACC,OAAM;AAAA,QACN,OAAM;AAAA,QACN;AAAA,QACA,QAAQ,UAAU;AAAA,QAClB,aAAY;AAAA,QACZ,MAAM;AAAA,QACN,UAAU,CAAC;AAAA;AAAA,IACb;AAAA,KACF,GACF,GAEJ;AAEJ;AAEA,SAAS,qBAAqB;AAC5B,SACE,qBAAC,SAAI,WAAU,aACb;AAAA,yBAAC,SAAI,WAAU,aACb;AAAA,sBAAAA,KAAC,YAAS,WAAU,YAAW;AAAA,MAC/B,gBAAAA,KAAC,YAAS,WAAU,eAAc;AAAA,OACpC;AAAA,IACA,qBAAC,SAAI,WAAU,aACb;AAAA,sBAAAA,KAAC,YAAS,WAAU,YAAW;AAAA,MAC/B,gBAAAA,KAAC,YAAS,WAAU,eAAc;AAAA,OACpC;AAAA,IACA,qBAAC,SAAI,WAAU,aACb;AAAA,sBAAAA,KAAC,YAAS,WAAU,YAAW;AAAA,MAC/B,gBAAAA,KAAC,YAAS,WAAU,eAAc;AAAA,OACpC;AAAA,KACF;AAEJ;","names":["useMemo","jsx","useMemo"]}

package/dist/components/iam/role-permissions-page.d.ts

@@ -0,0 +1,8 @@
+import * as react_jsx_runtime from 'react/jsx-runtime';
+
+type RolePermissionsPageProps = {
+    roleId: string;
+};
+declare function RolePermissionsPage({ roleId }: RolePermissionsPageProps): react_jsx_runtime.JSX.Element | null;
+
+export { RolePermissionsPage };

package/dist/components/iam/role-permissions-page.js

@@ -0,0 +1,397 @@
+"use client";
+
+// src/components/iam/role-permissions-page.tsx
+import {
+  Badge as Badge2,
+  Button,
+  DataTablePagination,
+  DeleteConfirmButton,
+  DisplayTable,
+  EntityEmptyState,
+  EntityFilter,
+  EntityHeader,
+  EntityLoadingState,
+  EntitySearch,
+  EntitySort,
+  EntityViewToggle,
+  PageBody,
+  Tbody,
+  Td,
+  Th,
+  Thead,
+  Tr,
+  useEntityPagination,
+  useEntityParams
+} from "@mesob/ui/components";
+import { IconKey as IconKey2, IconPlus, IconTrash } from "@tabler/icons-react";
+import { useQueryClient } from "@tanstack/react-query";
+import { useMemo as useMemo2 } from "react";
+import { toast } from "sonner";
+
+// src/provider.tsx
+import { QueryClient, QueryClientProvider } from "@tanstack/react-query";
+import { deepmerge } from "deepmerge-ts";
+import createFetchClient from "openapi-fetch";
+import createClient from "openapi-react-query";
+import { createContext, useContext, useMemo, useState } from "react";
+
+// src/utils/cookie.ts
+var isProduction = typeof process !== "undefined" && process.env.NODE_ENV === "production";
+
+// src/provider.tsx
+import { jsx } from "react/jsx-runtime";
+var SessionContext = createContext(null);
+var ApiContext = createContext(null);
+var ConfigContext = createContext(null);
+var queryClient = new QueryClient({
+  defaultOptions: {
+    queries: {
+      refetchOnWindowFocus: false
+    }
+  }
+});
+function useApi() {
+  const context = useContext(ApiContext);
+  if (!context) {
+    throw new Error("useApi must be used within MesobAuthProvider");
+  }
+  return context;
+}
+
+// src/components/iam/permission-selector.tsx
+import {
+  Badge,
+  EntitySelector,
+  useEntitySectionState
+} from "@mesob/ui/components";
+import { IconKey } from "@tabler/icons-react";
+import { jsx as jsx2, jsxs } from "react/jsx-runtime";
+var permissionColumns = [
+  {
+    key: "permission",
+    header: "Permission",
+    cell: (permission) => /* @__PURE__ */ jsxs("div", { className: "space-y-1", children: [
+      /* @__PURE__ */ jsx2("p", { className: "font-medium", children: permission.activity }),
+      /* @__PURE__ */ jsx2("p", { className: "font-mono text-xs text-muted-foreground", children: permission.id })
+    ] })
+  },
+  {
+    key: "scope",
+    header: "Scope",
+    cell: (permission) => /* @__PURE__ */ jsxs("div", { className: "flex flex-wrap gap-2", children: [
+      /* @__PURE__ */ jsx2(Badge, { variant: "secondary", children: permission.application }),
+      /* @__PURE__ */ jsx2(Badge, { variant: "outline", children: permission.feature })
+    ] })
+  }
+];
+function PermissionSelector({
+  trigger,
+  multiple = true,
+  onSelect,
+  excludeIds = []
+}) {
+  const { hooks } = useApi();
+  const state = useEntitySectionState({
+    defaultSort: "id",
+    defaultOrder: "asc",
+    defaultPageSize: 10,
+    searchParamName: "search"
+  });
+  const permissionsQuery = state.queryConfig;
+  const { data, isPending, isFetching } = hooks.useQuery(
+    "get",
+    "/permissions",
+    permissionsQuery
+  );
+  const items = (data?.permissions ?? []).filter(
+    (permission) => !excludeIds.includes(permission.id)
+  );
+  const config = {
+    title: "Select permission(s)",
+    multiple,
+    entityName: "permission",
+    entityIcon: IconKey,
+    columns: permissionColumns,
+    getItemLabel: (permission) => permission.id,
+    searchPlaceholder: "Search permissions...",
+    filterOptions: [
+      { label: "All", value: "" },
+      { label: "Application", value: "application" },
+      { label: "Feature", value: "feature" },
+      { label: "Activity", value: "activity" }
+    ],
+    sortOptions: [
+      { label: "ID", value: "id" },
+      { label: "Application", value: "application" },
+      { label: "Feature", value: "feature" },
+      { label: "Activity", value: "activity" }
+    ],
+    showViewToggle: false,
+    wrapHeaderInCard: false
+  };
+  return /* @__PURE__ */ jsx2(
+    EntitySelector,
+    {
+      trigger,
+      config,
+      onSelect,
+      items,
+      total: items.length,
+      isLoading: isPending || isFetching,
+      state
+    }
+  );
+}
+
+// src/components/iam/role-permissions-page.tsx
+import { jsx as jsx3, jsxs as jsxs2 } from "react/jsx-runtime";
+var TABLE_COLUMN_COUNT = 4;
+function RolePermissionsPage({ roleId }) {
+  const { hooks } = useApi();
+  const qc = useQueryClient();
+  const { queryConfig, params, setParams } = useEntityParams({
+    searchKey: "search",
+    defaultSort: "application",
+    defaultOrder: "asc"
+  });
+  const permissionsQuery = useMemo2(
+    () => ({
+      params: {
+        path: { id: roleId },
+        query: queryConfig.params.query
+      }
+    }),
+    [queryConfig, roleId]
+  );
+  const { data, isPending, isFetching } = hooks.useQuery(
+    "get",
+    "/roles/{id}/permissions",
+    permissionsQuery,
+    { enabled: !!roleId }
+  );
+  const assignPermissions = hooks.useMutation(
+    "post",
+    "/roles/{id}/permissions",
+    {
+      onSuccess: (result) => {
+        qc.invalidateQueries({ queryKey: ["get", "/roles"] });
+        qc.invalidateQueries({ queryKey: ["get", "/roles/{id}"] });
+        qc.invalidateQueries({ queryKey: ["get", "/roles/{id}/permissions"] });
+        toast.success(
+          result?.created ? `${result.created} permission(s) added` : "No changes"
+        );
+      },
+      onError: () => {
+        toast.error("Failed to assign permissions");
+      }
+    }
+  );
+  const revokePermission = hooks.useMutation(
+    "delete",
+    "/roles/{id}/permissions/{permissionId}",
+    {
+      onSuccess: () => {
+        qc.invalidateQueries({ queryKey: ["get", "/roles"] });
+        qc.invalidateQueries({ queryKey: ["get", "/roles/{id}"] });
+        qc.invalidateQueries({
+          queryKey: ["get", "/roles/{id}/permissions"]
+        });
+        toast.success("Permission removed");
+      },
+      onError: () => {
+        toast.error("Failed to remove permission");
+      }
+    }
+  );
+  const permissions = data?.permissions ?? [];
+  const { total, pageCount } = useEntityPagination({
+    items: permissions,
+    total: data?.total,
+    pageSize: params.pageSize
+  });
+  const isLoading = isPending || isFetching;
+  const currentView = params.view || "table";
+  if (!roleId) {
+    return null;
+  }
+  let content;
+  if (isLoading) {
+    content = /* @__PURE__ */ jsx3(
+      EntityLoadingState,
+      {
+        view: currentView,
+        rowCount: params.pageSize,
+        columnCount: TABLE_COLUMN_COUNT,
+        cardCount: params.pageSize
+      }
+    );
+  } else if (total === 0) {
+    content = /* @__PURE__ */ jsx3(
+      EntityEmptyState,
+      {
+        icon: IconKey2,
+        entityName: "permission",
+        title: "No permissions assigned",
+        description: "Assign permissions from the selector to grant access to this role."
+      }
+    );
+  } else if (currentView === "table") {
+    content = /* @__PURE__ */ jsxs2("div", { className: "space-y-4", children: [
+      /* @__PURE__ */ jsxs2(DisplayTable, { withTableBorder: true, children: [
+        /* @__PURE__ */ jsx3(Thead, { children: /* @__PURE__ */ jsxs2(Tr, { children: [
+          /* @__PURE__ */ jsx3(Th, { children: "Permission" }),
+          /* @__PURE__ */ jsx3(Th, { children: "Application" }),
+          /* @__PURE__ */ jsx3(Th, { children: "Feature" }),
+          /* @__PURE__ */ jsx3(Th, { className: "w-[60px]" })
+        ] }) }),
+        /* @__PURE__ */ jsx3(Tbody, { children: permissions.map((permission) => /* @__PURE__ */ jsxs2(Tr, { children: [
+          /* @__PURE__ */ jsx3(Td, { children: /* @__PURE__ */ jsxs2("div", { className: "space-y-1", children: [
+            /* @__PURE__ */ jsx3("p", { className: "font-medium", children: permission.activity }),
+            /* @__PURE__ */ jsx3("p", { className: "font-mono text-xs text-muted-foreground", children: permission.id })
+          ] }) }),
+          /* @__PURE__ */ jsx3(Td, { children: /* @__PURE__ */ jsx3(Badge2, { variant: "secondary", children: permission.application }) }),
+          /* @__PURE__ */ jsx3(Td, { children: /* @__PURE__ */ jsx3(Badge2, { variant: "outline", children: permission.feature }) }),
+          /* @__PURE__ */ jsx3(Td, { children: /* @__PURE__ */ jsx3(
+            DeleteConfirmButton,
+            {
+              entityName: "permission",
+              onConfirm: () => revokePermission.mutate({
+                params: {
+                  path: { id: roleId, permissionId: permission.id }
+                }
+              }),
+              triggerClassName: "size-8 text-destructive hover:text-destructive"
+            }
+          ) })
+        ] }, permission.id)) })
+      ] }),
+      /* @__PURE__ */ jsx3(
+        DataTablePagination,
+        {
+          pageIndex: params.page - 1,
+          pageSize: params.pageSize,
+          pageCount,
+          totalRows: total,
+          onPageChange: (page) => setParams({ page: page + 1 }),
+          onPageSizeChange: (pageSize) => setParams({ pageSize, page: 1 })
+        }
+      )
+    ] });
+  } else {
+    content = /* @__PURE__ */ jsxs2("div", { className: "space-y-4", children: [
+      /* @__PURE__ */ jsx3("div", { className: "grid grid-cols-1 gap-4 md:grid-cols-2 xl:grid-cols-3", children: permissions.map((permission) => /* @__PURE__ */ jsx3(
+        "div",
+        {
+          className: "rounded-xl border border-border/60 bg-card p-4 shadow-sm",
+          children: /* @__PURE__ */ jsxs2("div", { className: "flex items-start justify-between gap-3", children: [
+            /* @__PURE__ */ jsxs2("div", { className: "space-y-2", children: [
+              /* @__PURE__ */ jsx3("p", { className: "font-semibold", children: permission.activity }),
+              /* @__PURE__ */ jsxs2("div", { className: "flex flex-wrap gap-2", children: [
+                /* @__PURE__ */ jsx3(Badge2, { variant: "secondary", children: permission.application }),
+                /* @__PURE__ */ jsx3(Badge2, { variant: "outline", children: permission.feature })
+              ] }),
+              /* @__PURE__ */ jsx3("p", { className: "font-mono text-xs text-muted-foreground", children: permission.id })
+            ] }),
+            /* @__PURE__ */ jsx3(
+              Button,
+              {
+                type: "button",
+                variant: "ghost",
+                size: "icon",
+                onClick: () => revokePermission.mutate({
+                  params: {
+                    path: { id: roleId, permissionId: permission.id }
+                  }
+                }),
+                disabled: revokePermission.isPending,
+                children: /* @__PURE__ */ jsx3(IconTrash, { className: "h-4 w-4" })
+              }
+            )
+          ] })
+        },
+        permission.id
+      )) }),
+      /* @__PURE__ */ jsx3(
+        DataTablePagination,
+        {
+          pageIndex: params.page - 1,
+          pageSize: params.pageSize,
+          pageCount,
+          totalRows: total,
+          onPageChange: (page) => setParams({ page: page + 1 }),
+          onPageSizeChange: (pageSize) => setParams({ pageSize, page: 1 })
+        }
+      )
+    ] });
+  }
+  return /* @__PURE__ */ jsxs2(PageBody, { className: "px-0 pb-6", children: [
+    /* @__PURE__ */ jsx3(
+      EntityHeader,
+      {
+        icon: /* @__PURE__ */ jsx3(IconKey2, { className: "h-5 w-5" }),
+        title: "Role permissions",
+        actions: /* @__PURE__ */ jsx3(
+          PermissionSelector,
+          {
+            trigger: /* @__PURE__ */ jsxs2(Button, { size: "sm", loading: assignPermissions.isPending, children: [
+              /* @__PURE__ */ jsx3(IconPlus, { className: "h-4 w-4" }),
+              "Add permissions"
+            ] }),
+            onSelect: (selectedPermissions) => {
+              if (!selectedPermissions.length) {
+                return;
+              }
+              assignPermissions.mutate({
+                params: { path: { id: roleId } },
+                body: {
+                  permissionIds: selectedPermissions.map(
+                    (permission) => permission.id
+                  )
+                }
+              });
+            },
+            excludeIds: permissions.map((permission) => permission.id)
+          }
+        ),
+        search: /* @__PURE__ */ jsx3(
+          EntitySearch,
+          {
+            paramKey: "search",
+            placeholder: "Search assigned permissions..."
+          }
+        ),
+        filter: /* @__PURE__ */ jsx3(
+          EntityFilter,
+          {
+            options: [
+              { label: "All", value: "" },
+              { label: "Application", value: "application" },
+              { label: "Feature", value: "feature" },
+              { label: "Activity", value: "activity" }
+            ],
+            placeholder: "Search field"
+          }
+        ),
+        sort: /* @__PURE__ */ jsx3(
+          EntitySort,
+          {
+            defaultSort: "application",
+            defaultOrder: "asc",
+            options: [
+              { label: "ID", value: "id" },
+              { label: "Application", value: "application" },
+              { label: "Feature", value: "feature" },
+              { label: "Activity", value: "activity" }
+            ]
+          }
+        ),
+        view: /* @__PURE__ */ jsx3(EntityViewToggle, { views: ["table", "card"] })
+      }
+    ),
+    content
+  ] });
+}
+export {
+  RolePermissionsPage
+};
+//# sourceMappingURL=role-permissions-page.js.map