@omnibase/core-js 0.2.0 → 0.4.0

package/dist/permissions/index.js

@@ -0,0 +1,105 @@
+// src/permissions/handler.ts
+import { RelationshipApi, PermissionApi } from "@ory/client";
+var PermissionsClient = class {
+  /**
+   * Ory Keto RelationshipApi for managing subject-object relationships
+   *
+   * Provides methods for creating, updating, and deleting relationships between
+   * subjects (users, groups) and objects (tenants, resources). This API handles
+   * write operations and is used to establish permission structures.
+   *
+   * Key methods:
+   * - `createRelationship()` - Creates a new relationship tuple
+   * - `deleteRelationships()` - Removes existing relationship tuples
+   * - `getRelationships()` - Queries existing relationships
+   * - `patchRelationships()` - Updates multiple relationships atomically
+   *
+   * @example
+   * ```typescript
+   * // Create a relationship
+   * await client.relationships.createRelationship(
+   *   undefined,
+   *   {
+   *     namespace: 'Tenant',
+   *     object: 'tenant_123',
+   *     relation: 'members',
+   *     subjectId: 'user_456'
+   *   }
+   * );
+   * ```
+   *
+   * @since 1.0.0
+   * @group Relationships
+   */
+  relationships;
+  /**
+   * Ory Keto PermissionApi for checking permissions
+   *
+   * Provides methods for querying whether a subject has a specific permission
+   * on an object. This API handles read operations and is optimized for fast
+   * permission checks in your application logic.
+   *
+   * Key methods:
+   * - `checkPermission()` - Checks if a subject has permission on an object
+   * - `checkPermissionOrError()` - Same as above but throws error if denied
+   * - `expandPermissions()` - Expands relationships to show all granted permissions
+   *
+   * @example
+   * ```typescript
+   * // Check permission
+   * const result = await client.permissions.checkPermission(
+   *   undefined,
+   *   {
+   *     namespace: 'Tenant',
+   *     object: 'tenant_123',
+   *     relation: 'view',
+   *     subjectId: 'user_456'
+   *   }
+   * );
+   *
+   * console.log('Has permission:', result.data.allowed);
+   * ```
+   *
+   * @since 1.0.0
+   * @group Permissions
+   */
+  permissions;
+  /**
+   * Creates a new PermissionsClient instance
+   *
+   * Initializes the client with separate endpoints for read and write operations.
+   * The client automatically appends the appropriate Keto API paths to the base URL
+   * for optimal performance and security separation.
+   *
+   * @param apiBaseUrl - The base URL for your Omnibase API instance
+   *
+   * @throws {Error} When the base URL is invalid or cannot be reached
+   *
+   * @example
+   * ```typescript
+   * const client = new PermissionsClient('https://api.example.com');
+   * ```
+   *
+   * @example
+   * Local development:
+   * ```typescript
+   * const client = new PermissionsClient('http://localhost:8080');
+   * ```
+   *
+   * @since 1.0.0
+   * @group Client
+   */
+  constructor(apiBaseUrl) {
+    this.relationships = new RelationshipApi(
+      void 0,
+      `${apiBaseUrl}/api/v1/permissions/write`
+    );
+    this.permissions = new PermissionApi(
+      void 0,
+      `${apiBaseUrl}/api/v1/permissions/read`
+    );
+  }
+};
+export {
+  PermissionsClient
+};

package/dist/tenants/index.cjs

@@ -30,9 +30,9 @@ module.exports = __toCommonJS(tenants_exports);
 
 // src/tenants/switch-tenant.ts
 async function switchActiveTenant(tenantId) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");
@@ -65,9 +65,9 @@ async function switchActiveTenant(tenantId) {
 
 // src/tenants/create-invite.ts
 async function createTenantUserInvite(tenantId, inviteData) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");
@@ -103,9 +103,9 @@ async function createTenantUserInvite(tenantId, inviteData) {
 
 // src/tenants/create-tenant.ts
 async function createTenant(tenantData) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantData.name || !tenantData.user_id) {
     throw new Error("Name and user_id are required");
@@ -135,9 +135,9 @@ async function createTenant(tenantData) {
 
 // src/tenants/accept-invite.ts
 async function acceptTenantInvite(token) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!token) {
     throw new Error("Invite token is required");
@@ -170,9 +170,9 @@ async function acceptTenantInvite(token) {
 
 // src/tenants/delete-tenant.ts
 async function deleteTenant(tenantId) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");

package/dist/tenants/index.d.cts

@@ -74,7 +74,7 @@ type AcceptTenantInviteResponse = ApiResponse<{
  *
  * @returns Promise resolving to the tenant ID and success confirmation
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the token parameter is missing or empty
  * @throws {Error} When the invitation token is invalid or expired
  * @throws {Error} When the invitation has already been accepted
@@ -250,7 +250,7 @@ type CreateTenantUserInviteRequest = {
  *
  * @returns Promise resolving to the created invitation with secure token
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When tenantId parameter is missing or empty
  * @throws {Error} When required fields (email, role) are missing or empty
  * @throws {Error} When the API request fails due to network issues
@@ -407,7 +407,7 @@ type CreateTenantRequest = {
  *
  * @returns Promise resolving to the created tenant with authentication token
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When required fields (name, user_id) are missing or empty
  * @throws {Error} When the API request fails due to network issues
  * @throws {Error} When the server returns an error response (4xx, 5xx status codes)
@@ -485,7 +485,7 @@ type DeleteTenantResponse = ApiResponse<{
  *
  * @returns Promise resolving to a confirmation message
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the tenantId parameter is missing or empty
  * @throws {Error} When the user is not authenticated
  * @throws {Error} When the user is not an owner of the specified tenant
@@ -578,7 +578,7 @@ type SwitchActiveTenantResponse = ApiResponse<{
  *
  * @returns Promise resolving to a new JWT token and success confirmation
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the tenantId parameter is missing or empty
  * @throws {Error} When the user doesn't have access to the specified tenant
  * @throws {Error} When the user is not authenticated

package/dist/tenants/index.d.ts

@@ -74,7 +74,7 @@ type AcceptTenantInviteResponse = ApiResponse<{
  *
  * @returns Promise resolving to the tenant ID and success confirmation
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the token parameter is missing or empty
  * @throws {Error} When the invitation token is invalid or expired
  * @throws {Error} When the invitation has already been accepted
@@ -250,7 +250,7 @@ type CreateTenantUserInviteRequest = {
  *
  * @returns Promise resolving to the created invitation with secure token
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When tenantId parameter is missing or empty
  * @throws {Error} When required fields (email, role) are missing or empty
  * @throws {Error} When the API request fails due to network issues
@@ -407,7 +407,7 @@ type CreateTenantRequest = {
  *
  * @returns Promise resolving to the created tenant with authentication token
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When required fields (name, user_id) are missing or empty
  * @throws {Error} When the API request fails due to network issues
  * @throws {Error} When the server returns an error response (4xx, 5xx status codes)
@@ -485,7 +485,7 @@ type DeleteTenantResponse = ApiResponse<{
  *
  * @returns Promise resolving to a confirmation message
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the tenantId parameter is missing or empty
  * @throws {Error} When the user is not authenticated
  * @throws {Error} When the user is not an owner of the specified tenant
@@ -578,7 +578,7 @@ type SwitchActiveTenantResponse = ApiResponse<{
  *
  * @returns Promise resolving to a new JWT token and success confirmation
  *
- * @throws {Error} When OMNIBASE_API_URL environment variable is not configured
+ * @throws {Error} When OMNIBASE_AUTH_URL environment variable is not configured
  * @throws {Error} When the tenantId parameter is missing or empty
  * @throws {Error} When the user doesn't have access to the specified tenant
  * @throws {Error} When the user is not authenticated

package/dist/tenants/index.js

@@ -1,8 +1,8 @@
 // src/tenants/switch-tenant.ts
 async function switchActiveTenant(tenantId) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");
@@ -35,9 +35,9 @@ async function switchActiveTenant(tenantId) {
 
 // src/tenants/create-invite.ts
 async function createTenantUserInvite(tenantId, inviteData) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");
@@ -73,9 +73,9 @@ async function createTenantUserInvite(tenantId, inviteData) {
 
 // src/tenants/create-tenant.ts
 async function createTenant(tenantData) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantData.name || !tenantData.user_id) {
     throw new Error("Name and user_id are required");
@@ -105,9 +105,9 @@ async function createTenant(tenantData) {
 
 // src/tenants/accept-invite.ts
 async function acceptTenantInvite(token) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!token) {
     throw new Error("Invite token is required");
@@ -140,9 +140,9 @@ async function acceptTenantInvite(token) {
 
 // src/tenants/delete-tenant.ts
 async function deleteTenant(tenantId) {
-  const baseUrl = process.env.OMNIBASE_API_URL;
+  const baseUrl = process.env.OMNIBASE_AUTH_URL;
   if (!baseUrl) {
-    throw new Error("OMNIBASE_API_URL is not configured");
+    throw new Error("OMNIBASE_AUTH_URL is not configured");
   }
   if (!tenantId) {
     throw new Error("Tenant ID is required");

package/package.json

@@ -1,20 +1,24 @@
 {
   "name": "@omnibase/core-js",
-  "version": "0.2.0",
+  "version": "0.4.0",
   "description": "OmniBase core Javascript SDK - framework agnostic",
   "files": [
     "dist/**/*"
   ],
   "type": "module",
   "scripts": {
-    "build": "tsup src/database/index.ts src/tenants/index.ts src/auth/index.ts src/stripe/index.ts --format cjs,esm --dts",
-    "prepublishOnly": "npm run build",
-    "build:docs": "bunx typedoc"
+    "build": "tsup src/permissions/index.ts src/database/index.ts src/tenants/index.ts src/auth/index.ts src/payments/index.ts --format cjs,esm --dts",
+    "prepublishOnly": "npm run build"
   },
   "exports": {
     "./auth": {
       "types": "./dist/auth/index.d.ts"
     },
+    "./permissions": {
+      "import": "./dist/permissions/index.d.ts",
+      "require": "./dist/permissions/index.cjs",
+      "types": "./dist/permissions/index.d.ts"
+    },
     "./database": {
       "import": "./dist/database/index.js",
       "require": "./dist/database/index.cjs",
@@ -25,10 +29,10 @@
       "require": "./dist/tenants/index.cjs",
       "types": "./dist/tenants/index.d.ts"
     },
-    "./stripe": {
-      "import": "./dist/stripe/index.js",
-      "require": "./dist/stripe/index.cjs",
-      "types": "./dist/stripe/index.d.ts"
+    "./payments": {
+      "import": "./dist/payments/index.js",
+      "require": "./dist/payments/index.cjs",
+      "types": "./dist/payments/index.d.ts"
     }
   },
   "keywords": [
@@ -51,6 +55,7 @@
     "typescript": "^5.9.2"
   },
   "dependencies": {
+    "@ory/client": "^1.22.3",
     "@ory/client-fetch": "^1.22.2",
     "@supabase/postgrest-js": "^1.21.4"
   }