npm - @nizam-os/dashboard-sdk - Versions diffs - 5.1.1 → 5.2.1 - Mend

@nizam-os/dashboard-sdk 5.1.1 → 5.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/api/resources/organizations/client/Client.d.ts CHANGED Viewed

@@ -13,6 +13,24 @@ export declare namespace OrganizationsClient {
 export declare class OrganizationsClient {
     protected readonly _options: NormalizedClientOptionsWithAuth<OrganizationsClient.Options>;
     constructor(options: OrganizationsClient.Options);
+    /**
+     * Dashboard callers see exactly the organizations they can read — their own memberships plus any cross-tenant read grants (3PL / delegated), resolved via SpiceDB `lookupResources(read)`. Platform staff see every tenant. Allowed sort field: `created_at` (prefix with `-` for descending). RFC 8288 Link header carries `first`, `prev`, `next` rels alongside the body's bidirectional cursors.
+     *
+     * @param {NizamDashboard.ListOrganizationsRequest} request
+     * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link NizamDashboard.UnauthorizedError}
+     * @throws {@link NizamDashboard.ForbiddenError}
+     * @throws {@link NizamDashboard.InternalServerError}
+     *
+     * @example
+     *     await client.organizations.listOrganizations({
+     *         starting_after: "Y3Vyc29yX25leHRfMDFKNVE=",
+     *         ending_before: "Y3Vyc29yX25leHRfMDFKNVE="
+     *     })
+     */
+    listOrganizations(request?: NizamDashboard.ListOrganizationsRequest, requestOptions?: OrganizationsClient.RequestOptions): core.HttpResponsePromise<NizamDashboard.ListResponseOrganization>;
+    private __listOrganizations;
     /**
      * Creates a brand-new tenant with the calling user as the founding admin. The id is assigned by Keycloak so the same value identifies the organization in both systems. Slug is derived from the name when not supplied.
      *
@@ -41,7 +59,7 @@ export declare class OrganizationsClient {
     createOrganization(request: NizamDashboard.CreateOrganizationRequest, requestOptions?: OrganizationsClient.RequestOptions): core.HttpResponsePromise<NizamDashboard.Organization>;
     private __createOrganization;
     /**
-     * Returns one organization. RLS narrows visibility — non-members get 404 indistinguishable from a non-existent id (prevents tenant probing).
+     * Returns one organization. Visible to members, platform staff, and L4-granted cross-tenant readers; everyone else gets 404 — indistinguishable from a non-existent id (prevents tenant probing).
      *
      * @param {NizamDashboard.GetOrganizationRequest} request
      * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -79,7 +97,7 @@ export declare class OrganizationsClient {
     deleteOrganization(request: NizamDashboard.DeleteOrganizationRequest, requestOptions?: OrganizationsClient.RequestOptions): core.HttpResponsePromise<void>;
     private __deleteOrganization;
     /**
-     * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
+     * Set-only partial update. Null/omitted fields stay unchanged. The slug is a Nizam-side handle; Keycloak Organizations are addressed by their immutable KC id, so a slug rename needs no Keycloak change. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
      *
      * > **Requires** `administer` on `organization` (SpiceDB permission expression).
      *

package/dist/api/resources/organizations/client/Client.js CHANGED Viewed

@@ -49,6 +49,76 @@ class OrganizationsClient {
     constructor(options) {
         this._options = (0, BaseClient_js_1.normalizeClientOptionsWithAuth)(options);
     }
+    /**
+     * Dashboard callers see exactly the organizations they can read — their own memberships plus any cross-tenant read grants (3PL / delegated), resolved via SpiceDB `lookupResources(read)`. Platform staff see every tenant. Allowed sort field: `created_at` (prefix with `-` for descending). RFC 8288 Link header carries `first`, `prev`, `next` rels alongside the body's bidirectional cursors.
+     *
+     * @param {NizamDashboard.ListOrganizationsRequest} request
+     * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link NizamDashboard.UnauthorizedError}
+     * @throws {@link NizamDashboard.ForbiddenError}
+     * @throws {@link NizamDashboard.InternalServerError}
+     *
+     * @example
+     *     await client.organizations.listOrganizations({
+     *         starting_after: "Y3Vyc29yX25leHRfMDFKNVE=",
+     *         ending_before: "Y3Vyc29yX25leHRfMDFKNVE="
+     *     })
+     */
+    listOrganizations(request = {}, requestOptions) {
+        return core.HttpResponsePromise.fromPromise(this.__listOrganizations(request, requestOptions));
+    }
+    async __listOrganizations(request = {}, requestOptions) {
+        const { sort, limit, starting_after: startingAfter, ending_before: endingBefore } = request;
+        const _queryParams = {
+            sort,
+            limit,
+            starting_after: startingAfter,
+            ending_before: endingBefore,
+        };
+        const _authRequest = await this._options.authProvider.getAuthRequest();
+        const _headers = (0, headers_js_1.mergeHeaders)(_authRequest.headers, this._options?.headers, requestOptions?.headers);
+        const _response = await core.fetcher({
+            url: core.url.join((await core.Supplier.get(this._options.baseUrl)) ??
+                (await core.Supplier.get(this._options.environment)) ??
+                environments.NizamDashboardEnvironment.Production, "v1/organizations"),
+            method: "GET",
+            headers: _headers,
+            queryString: core.url
+                .queryBuilder()
+                .addMany(_queryParams)
+                .mergeAdditional(requestOptions?.queryParams)
+                .build(),
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body,
+                rawResponse: _response.rawResponse,
+            };
+        }
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 401:
+                    throw new NizamDashboard.UnauthorizedError(_response.error.body, _response.rawResponse);
+                case 403:
+                    throw new NizamDashboard.ForbiddenError(_response.error.body, _response.rawResponse);
+                case 500:
+                    throw new NizamDashboard.InternalServerError(_response.error.body, _response.rawResponse);
+                default:
+                    throw new errors.NizamDashboardError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+        return (0, handleNonStatusCodeError_js_1.handleNonStatusCodeError)(_response.error, _response.rawResponse, "GET", "/v1/organizations");
+    }
     /**
      * Creates a brand-new tenant with the calling user as the founding admin. The id is assigned by Keycloak so the same value identifies the organization in both systems. Slug is derived from the name when not supplied.
      *
@@ -122,7 +192,7 @@ class OrganizationsClient {
         return (0, handleNonStatusCodeError_js_1.handleNonStatusCodeError)(_response.error, _response.rawResponse, "POST", "/v1/organizations");
     }
     /**
-     * Returns one organization. RLS narrows visibility — non-members get 404 indistinguishable from a non-existent id (prevents tenant probing).
+     * Returns one organization. Visible to members, platform staff, and L4-granted cross-tenant readers; everyone else gets 404 — indistinguishable from a non-existent id (prevents tenant probing).
      *
      * @param {NizamDashboard.GetOrganizationRequest} request
      * @param {OrganizationsClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -242,7 +312,7 @@ class OrganizationsClient {
         return (0, handleNonStatusCodeError_js_1.handleNonStatusCodeError)(_response.error, _response.rawResponse, "DELETE", "/v1/organizations/{id}");
     }
     /**
-     * Set-only partial update. Null/omitted fields stay unchanged. A slug rename also renames the Keycloak Organization's alias inside the same transaction so the two stay in lockstep. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
+     * Set-only partial update. Null/omitted fields stay unchanged. The slug is a Nizam-side handle; Keycloak Organizations are addressed by their immutable KC id, so a slug rename needs no Keycloak change. Gated by L4 — admins of the org are allowed; non-admins surface as 403 from Spring Security's access-denied handler.
      *
      * > **Requires** `administer` on `organization` (SpiceDB permission expression).
      *

package/dist/api/resources/organizations/client/requests/ListOrganizationsRequest.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * @example
+ *     {
+ *         starting_after: "Y3Vyc29yX25leHRfMDFKNVE=",
+ *         ending_before: "Y3Vyc29yX25leHRfMDFKNVE="
+ *     }
+ */
+export interface ListOrganizationsRequest {
+    /** Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. */
+    sort?: string | string[];
+    /** Page size. Default 20, maximum 100. Out-of-range values are silently clamped; the response body's `limit` field reflects what was applied. */
+    limit?: number;
+    /** Opaque cursor — return the page starting strictly after this entity in the sort order. Mutually exclusive with `ending_before`. */
+    starting_after?: string;
+    /** Opaque cursor — return the page ending strictly before this entity in the sort order. Mutually exclusive with `starting_after`. */
+    ending_before?: string;
+}

package/dist/api/resources/organizations/client/requests/ListOrganizationsRequest.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+// This file was auto-generated by Fern from our API Definition.
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/api/resources/organizations/client/requests/UpdateOrganizationRequest.d.ts CHANGED Viewed

@@ -14,7 +14,7 @@ export interface UpdateOrganizationRequest {
     id: string;
     /** New display name. Omit to leave unchanged. */
     name?: string;
-    /** New URL-safe slug. Cross-tenant unique. Cascades to the Keycloak Organization's alias. Omit to leave unchanged. */
+    /** New URL-safe slug. Cross-tenant unique. Omit to leave unchanged. */
     slug?: string;
     /** New business category — lowercase slug from /v1/lookups/business-categories. Omit to leave unchanged. */
     business_category?: string;

package/dist/api/resources/organizations/client/requests/index.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 export type { CreateOrganizationRequest } from "./CreateOrganizationRequest.js";
 export type { DeleteOrganizationRequest } from "./DeleteOrganizationRequest.js";
 export type { GetOrganizationRequest } from "./GetOrganizationRequest.js";
+export type { ListOrganizationsRequest } from "./ListOrganizationsRequest.js";
 export type { UpdateOrganizationRequest } from "./UpdateOrganizationRequest.js";

package/dist/api/types/ListResponseOrganization.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+import type * as NizamDashboard from "../index.js";
+/**
+ * Envelope for paginated list responses (Stripe-style cursor pagination).
+ */
+export interface ListResponseOrganization {
+    /** Object type discriminator (Stripe pattern). Always `list` for this envelope. */
+    object?: ListResponseOrganization.Object_ | undefined;
+    /** Page of resources. Empty array when there are no matches. */
+    data?: NizamDashboard.Organization[] | undefined;
+    /** True when more pages exist; pass `next_cursor` as `?starting_after=` to fetch the next page. */
+    has_more?: boolean | undefined;
+    /** True when earlier pages exist; pass `prev_cursor` as `?ending_before=` to fetch the previous page. */
+    has_previous?: boolean | undefined;
+    /** Opaque cursor for the next page. `null` on the last page. */
+    next_cursor?: string | undefined;
+    /** Opaque cursor for the previous page. `null` on the first page. */
+    prev_cursor?: string | undefined;
+    /** Page size that produced this response. */
+    limit?: number | undefined;
+}
+export declare namespace ListResponseOrganization {
+    /** Object type discriminator (Stripe pattern). Always `list` for this envelope. */
+    const Object_: {
+        readonly List: "list";
+    };
+    type Object_ = (typeof Object_)[keyof typeof Object_];
+}

package/dist/api/types/ListResponseOrganization.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+// This file was auto-generated by Fern from our API Definition.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ListResponseOrganization = void 0;
+var ListResponseOrganization;
+(function (ListResponseOrganization) {
+    /** Object type discriminator (Stripe pattern). Always `list` for this envelope. */
+    ListResponseOrganization.Object_ = {
+        List: "list",
+    };
+})(ListResponseOrganization || (exports.ListResponseOrganization = ListResponseOrganization = {}));

package/dist/api/types/index.d.ts CHANGED Viewed

@@ -17,6 +17,7 @@ export * from "./ListResponseCountry.js";
 export * from "./ListResponseCurrency.js";
 export * from "./ListResponseLanguage.js";
 export * from "./ListResponseMembership.js";
+export * from "./ListResponseOrganization.js";
 export * from "./ListResponseTimezone.js";
 export * from "./ListResponseUserResource.js";
 export * from "./Membership.js";

package/dist/api/types/index.js CHANGED Viewed

@@ -33,6 +33,7 @@ __exportStar(require("./ListResponseCountry.js"), exports);
 __exportStar(require("./ListResponseCurrency.js"), exports);
 __exportStar(require("./ListResponseLanguage.js"), exports);
 __exportStar(require("./ListResponseMembership.js"), exports);
+__exportStar(require("./ListResponseOrganization.js"), exports);
 __exportStar(require("./ListResponseTimezone.js"), exports);
 __exportStar(require("./ListResponseUserResource.js"), exports);
 __exportStar(require("./Membership.js"), exports);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nizam-os/dashboard-sdk",
-  "version": "5.1.1",
+  "version": "5.2.1",
   "description": "Nizam Dashboard API SDK for TypeScript / JavaScript.",
   "license": "MIT",
   "private": false,