@nizam-os/dashboard-sdk 5.1.0 → 5.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/api/resources/organizations/client/Client.d.ts +6 -2
  2. package/dist/api/resources/organizations/client/Client.js +6 -2
  3. package/package.json +1 -1
package/dist/api/resources/organizations/client/Client.d.ts CHANGED
@@ -59,7 +59,9 @@ export declare class OrganizationsClient {
59
59
  getOrganization(request: NizamDashboard.GetOrganizationRequest, requestOptions?: OrganizationsClient.RequestOptions): core.HttpResponsePromise<NizamDashboard.Organization>;
60
60
  private __getOrganization;
61
61
  /**
62
- * Owner-only. Sets `deleted_at` on the organizations row; subsequent reads filter it out. The Keycloak Organization is intentionally left in place — restore is just an UPDATE un-setting `deleted_at`. Members are not removed; their memberships persist alongside the soft-deleted row in case a restore path is added later.
62
+ * Owner-only. Sets `deleted_at` on the organizations row; subsequent reads filter it out. The Keycloak Organization is intentionally left in place — restore is just an UPDATE un-setting `deleted_at`. Members are not removed; their memberships persist alongside the soft-deleted row in case a restore path is added later. L4 @HasPermission ensures the caller is an admin; the owner-only check inside the handler narrows further.
63
+ *
64
+ * > **Requires** `administer` on `organization` (SpiceDB permission expression).
63
65
  *
64
66
  * @param {NizamDashboard.DeleteOrganizationRequest} request
65
67
  * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -77,7 +79,9 @@ export declare class OrganizationsClient {
77
79
  deleteOrganization(request: NizamDashboard.DeleteOrganizationRequest, requestOptions?: OrganizationsClient.RequestOptions): core.HttpResponsePromise<void>;
78
80
  private __deleteOrganization;
79
81
  /**
80
- * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep.
82
+ * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
83
+ *
84
+ * > **Requires** `administer` on `organization` (SpiceDB permission expression).
81
85
  *
82
86
  * @param {NizamDashboard.UpdateOrganizationRequest} request
83
87
  * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
package/dist/api/resources/organizations/client/Client.js CHANGED
@@ -181,7 +181,9 @@ class OrganizationsClient {
181
181
  return (0, handleNonStatusCodeError_js_1.handleNonStatusCodeError)(_response.error, _response.rawResponse, "GET", "/v1/organizations/{id}");
182
182
  }
183
183
  /**
184
- * Owner-only. Sets `deleted_at` on the organizations row; subsequent reads filter it out. The Keycloak Organization is intentionally left in place — restore is just an UPDATE un-setting `deleted_at`. Members are not removed; their memberships persist alongside the soft-deleted row in case a restore path is added later.
184
+ * Owner-only. Sets `deleted_at` on the organizations row; subsequent reads filter it out. The Keycloak Organization is intentionally left in place — restore is just an UPDATE un-setting `deleted_at`. Members are not removed; their memberships persist alongside the soft-deleted row in case a restore path is added later. L4 @HasPermission ensures the caller is an admin; the owner-only check inside the handler narrows further.
185
+ *
186
+ * > **Requires** `administer` on `organization` (SpiceDB permission expression).
185
187
  *
186
188
  * @param {NizamDashboard.DeleteOrganizationRequest} request
187
189
  * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -240,7 +242,9 @@ class OrganizationsClient {
240
242
  return (0, handleNonStatusCodeError_js_1.handleNonStatusCodeError)(_response.error, _response.rawResponse, "DELETE", "/v1/organizations/{id}");
241
243
  }
242
244
  /**
243
- * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep.
245
+ * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
246
+ *
247
+ * > **Requires** `administer` on `organization` (SpiceDB permission expression).
244
248
  *
245
249
  * @param {NizamDashboard.UpdateOrganizationRequest} request
246
250
  * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nizam-os/dashboard-sdk",
3
- "version": "5.1.0",
3
+ "version": "5.1.1",
4
4
  "description": "Nizam Dashboard API SDK for TypeScript / JavaScript.",
5
5
  "license": "MIT",
6
6
  "private": false,