@palettelab/cli 0.3.33 → 0.3.35

package/README.md

@@ -275,10 +275,11 @@ async def create_invoice(body: InvoiceIn, ctx: PluginContext = Depends(get_plugi
 
 Backend SDK features for app-owned data:
 
-- `PluginContext` exposes `user_id`, `organization_id`, `plugin_id`, `permissions`, `config`, `storage`, `ctx.db`, `ctx.redis`, and `ctx.vector`.
+- `PluginContext` exposes `user_id`, `organization_id`, `plugin_id`, `permissions`, `config`, `storage`, `ctx.db`, `ctx.members`, `ctx.redis`, and `ctx.vector`.
 - `ctx.db` is the full scoped SQLAlchemy `AsyncSession` for app-owned database data.
 - `ctx.repo(Model)` gives org-safe CRUD helpers for app tables.
 - `ctx.data_rooms` gives backend access to Palette Data Rooms without importing platform internals.
+- `ctx.members` gives backend access to current organisation members; it exposes list/get/invite/update-role helpers, but no delete/remove helper.
 - `ctx.has_permission("...")`, `ctx.has_any_permission([...])`, and `ctx.has_all_permissions([...])` check declared permissions.
 - `ctx.config_value("key")` and `ctx.require_config("key")` read app install/config values.
 - `ctx.secret("KEY")` reads app secrets from config or environment variables.
@@ -509,6 +510,51 @@ management. For advanced Qdrant features, use `ctx.vector.client()` with
 `collection_name()`, `scoped_filter()`, `merge_filter()`, `scoped_payload()`,
 and `scoped_point()` so custom calls remain scoped.
 
+Common managed-service commands:
+
+```python
+# Redis strings, counters, and key discovery
+await ctx.redis.get("key", default=None)
+await ctx.redis.set("key", {"json": True}, ttl=600)
+await ctx.redis.delete("key1", "key2")
+await ctx.redis.exists("key")
+await ctx.redis.expire("key", 300)
+await ctx.redis.ttl("key")
+await ctx.redis.incr("counter")
+await ctx.redis.decr("counter")
+await ctx.redis.scan(prefix="cache:", limit=100)
+
+# Redis hashes, lists, sets, sorted sets, streams, locks
+await ctx.redis.hset("hash", "field", {"value": 1})
+await ctx.redis.hgetall("hash")
+await ctx.redis.lpush("queue", {"job": 1})
+await ctx.redis.lrange("queue", 0, -1)
+await ctx.redis.sadd("tags", "red", "blue")
+await ctx.redis.smembers("tags")
+await ctx.redis.zadd("scores", {"alice": 10})
+await ctx.redis.zrange("scores", 0, -1, with_scores=True)
+await ctx.redis.xadd("events", {"type": "created"})
+await ctx.redis.xread({"events": "0-0"}, count=10)
+await ctx.redis.lock("invoice:1", token, ttl=30)
+await ctx.redis.unlock("invoice:1", token)
+
+# Redis provider-style data-plane calls
+await ctx.redis.execute("MSET", "a", "1", "b", "2")
+values = await ctx.redis.execute("MGET", "a", "b")
+
+# Vector search
+await ctx.vector.upsert_texts("knowledge", [{"id": "doc-1", "text": "Text"}])
+await ctx.vector.upsert_vectors("knowledge", [{"id": "vec-1", "vector": [0.1, 0.2]}])
+hits = await ctx.vector.search("knowledge", query="invoice policy", top_k=10)
+record = await ctx.vector.get("knowledge", "doc-1")
+await ctx.vector.delete("knowledge", ["doc-1"])
+await ctx.vector.delete_index("knowledge")
+stats = await ctx.vector.stats("knowledge")
+```
+
+Blocked Redis control-plane commands include `FLUSHDB`, `FLUSHALL`, `CONFIG`,
+`KEYS`, `CLUSTER`, `SCRIPT`, `EVAL`, `FUNCTION`, and `SELECT`.
+
 ### `pltt login`
 
 Save a Palette sandbox or production environment URL plus token in `~/.palette/config.json` with file mode `0600`. Environment variables still override the stored token when present.

package/backend-sdk/palette_sdk/__init__.py

@@ -3,6 +3,7 @@
 from palette_sdk.plugin_router import PluginRouter
 from palette_sdk.plugin_context import MissingSecretError, PluginContext, get_plugin_context
 from palette_sdk.data_rooms import DataRoomsClient
+from palette_sdk.members import OrganizationMembersClient
 from palette_sdk.platform_services import (
     LocalRedisService,
     LocalVectorService,
@@ -42,6 +43,7 @@ __all__ = [
     "MissingSecretError",
     "get_plugin_context",
     "DataRoomsClient",
+    "OrganizationMembersClient",
     "LocalRedisService",
     "LocalVectorService",
     "PlatformServiceUnavailable",

package/backend-sdk/palette_sdk/members.py

@@ -0,0 +1,45 @@
+"""Backend organization member helpers for plugin Python code."""
+
+from __future__ import annotations
+
+from typing import Any
+
+
+class OrganizationMembersClient:
+    """Thin wrapper around the platform-injected organization member service."""
+
+    def __init__(self, service: Any = None, permissions: list[str] | None = None):
+        self._service = service
+        self._permissions = permissions or []
+
+    def _require_service(self) -> Any:
+        if self._service is None:
+            raise RuntimeError(
+                "Organization member service is not available in this runtime. "
+                "Run inside Palette OS/hosted sandbox or inject a fake service in tests."
+            )
+        return self._service
+
+    def _require_permission(self, permission: str) -> None:
+        if permission not in self._permissions:
+            raise PermissionError(f"App does not declare required permission: {permission}")
+
+    async def list(self) -> list[dict[str, Any]]:
+        self._require_permission("members:read")
+        return await self._require_service().list_members()
+
+    async def get(self, user_id: str) -> dict[str, Any] | None:
+        self._require_permission("members:read")
+        return await self._require_service().get_member(user_id)
+
+    async def get_by_email(self, email: str) -> dict[str, Any] | None:
+        self._require_permission("members:read")
+        return await self._require_service().get_member_by_email(email)
+
+    async def invite(self, email: str, role: str = "member") -> dict[str, Any]:
+        self._require_permission("members:write")
+        return await self._require_service().invite_member(email, role)
+
+    async def update_role(self, user_id: str, role: str) -> dict[str, Any]:
+        self._require_permission("members:write")
+        return await self._require_service().update_member_role(user_id, role)

package/backend-sdk/palette_sdk/permissions.py

@@ -25,6 +25,7 @@ KNOWN_PERMISSIONS: frozenset[str] = frozenset(
         "routines:read",
         "routines:write",
         "members:read",
+        "members:write",
         "resources:read",
         "resources:write",
     }

package/backend-sdk/palette_sdk/plugin_context.py

@@ -11,6 +11,7 @@ from fastapi import Depends, Request
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from palette_sdk.data_rooms import DataRoomsClient
+from palette_sdk.members import OrganizationMembersClient
 from palette_sdk.platform_services import UnavailablePlatformService
 
 
@@ -35,6 +36,7 @@ class PluginContext:
         plugin_id: The plugin's ID from its manifest
         permissions: List of permissions declared in the manifest
         storage: Storage service for file upload/download
+        members: Organization member helpers for the current org
     """
     db: AsyncSession
     user_id: str
@@ -44,6 +46,7 @@ class PluginContext:
     permissions: list[str] = field(default_factory=list)
     storage: Any = None  # Platform storage service injected at runtime
     data_rooms: DataRoomsClient = field(default_factory=DataRoomsClient)
+    members: OrganizationMembersClient = field(default_factory=OrganizationMembersClient)
     redis: Any = field(default_factory=lambda: UnavailablePlatformService("redis"))
     vector: Any = field(default_factory=lambda: UnavailablePlatformService("vector"))
     config: dict[str, Any] = field(default_factory=dict)
@@ -110,6 +113,10 @@ async def get_plugin_context(request: Request) -> PluginContext:
         permissions=getattr(state, "plugin_permissions", []),
         storage=getattr(state, "storage", None),
         data_rooms=DataRoomsClient(getattr(state, "data_rooms", None)),
+        members=OrganizationMembersClient(
+            getattr(state, "org_members", None),
+            getattr(state, "plugin_permissions", []),
+        ),
         redis=getattr(state, "redis", None) or UnavailablePlatformService("redis"),
         vector=getattr(state, "vector", None) or UnavailablePlatformService("vector"),
         config=getattr(state, "plugin_config", {}),

package/docs/python-backend-sdk.md

@@ -112,6 +112,7 @@ Available context values:
 | `ctx.permissions` | Permissions granted from `palette-plugin.json` |
 | `ctx.storage` | Runtime storage service, when available |
 | `ctx.data_rooms` | Backend Data Room client |
+| `ctx.members` | Current organisation member client |
 | `ctx.redis` | Plugin/org-scoped Redis-style service when `platform_services` includes `redis` |
 | `ctx.vector` | Plugin/org-scoped vector service when `platform_services` includes `vector` |
 | `ctx.config` | App install/config values |
@@ -167,10 +168,26 @@ data_rooms:read, data_rooms:write
 agents:read, agents:write
 chat:read, chat:write
 routines:read, routines:write
-members:read
+members:read, members:write
 resources:read, resources:write
 ```
 
+Organisation member helpers:
+
+```python
+@router.get("/members", dependencies=[require_permission("members:read")])
+async def members(ctx: PluginContext = Depends(get_plugin_context)):
+    return await ctx.members.list()
+
+@router.post("/members/invite", dependencies=[require_permission("members:write")])
+async def invite_member(email: str, ctx: PluginContext = Depends(get_plugin_context)):
+    return await ctx.members.invite(email, role="member")
+```
+
+`ctx.members` exposes `list()`, `get(user_id)`, `get_by_email(email)`,
+`invite(email, role="member")`, and `update_role(user_id, role)`. Member
+deletion/removal is intentionally not exposed through the app SDK.
+
 ## 6. App-Owned Data
 
 Apps can ship their own tables and migrations. Use `OrgScopedTable` for data
@@ -344,6 +361,52 @@ Alembic migrations. Route code intentionally has data permissions only; it
 cannot access Palette core tables, another app's schema, or another org's
 RLS-protected rows.
 
+Common `ctx.db` operations:
+
+```python
+from sqlalchemy import delete, func, insert, select, text, update
+
+rows = (await ctx.db.execute(select(Invoice))).scalars().all()
+invoice = await ctx.db.scalar(select(Invoice).where(Invoice.id == invoice_id))
+count = await ctx.db.scalar(select(func.count()).select_from(Invoice))
+
+ctx.db.add(Invoice(customer_name="A", amount=10, status="draft"))
+ctx.db.add_all([
+    Invoice(customer_name="B", amount=20, status="draft"),
+    Invoice(customer_name="C", amount=30, status="draft"),
+])
+await ctx.db.execute(insert(Invoice).values(customer_name="D", amount=40, status="draft"))
+await ctx.db.execute(update(Invoice).where(Invoice.id == invoice_id).values(status="paid"))
+await ctx.db.execute(delete(Invoice).where(Invoice.id == invoice_id))
+
+async with ctx.db.begin():
+    ctx.db.add(Invoice(customer_name="E", amount=50, status="queued"))
+
+await ctx.db.commit()
+await ctx.db.rollback()
+await ctx.db.refresh(invoice)
+
+result = await ctx.db.execute(
+    text("select id, customer_name from finance_tools__invoices where amount > :amount"),
+    {"amount": 100},
+)
+rows = result.mappings().all()
+```
+
+Common migration operations:
+
+```python
+op.create_table(...)
+op.add_column(...)
+op.alter_column(...)
+op.create_index(...)
+op.create_unique_constraint(...)
+op.create_foreign_key(...)
+op.drop_index(...)
+op.drop_column(...)
+ensure_org_rls(op, "finance_tools__invoices")
+```
+
 ## 8. Data Rooms From Python
 
 Use `ctx.data_rooms` when backend code needs to create folders, find files, or
@@ -569,6 +632,93 @@ while blocking server/admin commands. `ctx.vector.client()` returns the Qdrant
 client for custom calls; combine it with `collection_name()`, `scoped_filter()`,
 `merge_filter()`, `scoped_payload()`, and `scoped_point()` to preserve isolation.
 
+Common `ctx.redis` commands:
+
+```python
+await ctx.redis.get("key", default=None)
+await ctx.redis.set("key", {"json": True}, ttl=600, nx=False, xx=False)
+await ctx.redis.delete("key1", "key2")
+await ctx.redis.exists("key")
+await ctx.redis.expire("key", 300)
+await ctx.redis.ttl("key")
+await ctx.redis.incr("counter", 1)
+await ctx.redis.decr("counter", 1)
+await ctx.redis.scan(prefix="cache:", limit=100)
+
+await ctx.redis.hset("hash", "field", {"value": 1})
+await ctx.redis.hget("hash", "field")
+await ctx.redis.hgetall("hash")
+await ctx.redis.hdel("hash", "field")
+
+await ctx.redis.lpush("queue", {"job": 1})
+await ctx.redis.rpush("queue", {"job": 2})
+await ctx.redis.lpop("queue")
+await ctx.redis.rpop("queue")
+await ctx.redis.lrange("queue", 0, -1)
+
+await ctx.redis.sadd("tags", "red", "blue")
+await ctx.redis.smembers("tags")
+await ctx.redis.srem("tags", "red")
+
+await ctx.redis.zadd("scores", {"alice": 10, "bob": 8})
+await ctx.redis.zrange("scores", 0, -1, with_scores=True)
+await ctx.redis.zrem("scores", "bob")
+
+await ctx.redis.enqueue("jobs", {"task": "sync"})
+await ctx.redis.dequeue("jobs")
+await ctx.redis.xadd("events", {"type": "created"})
+await ctx.redis.xread({"events": "0-0"}, count=10)
+await ctx.redis.lock("invoice:1", token, ttl=30)
+await ctx.redis.unlock("invoice:1", token)
+```
+
+Provider-style Redis commands:
+
+```python
+await ctx.redis.execute("MSET", "a", "1", "b", "2")
+values = await ctx.redis.execute("MGET", "a", "b")
+await ctx.redis.execute("ZUNIONSTORE", "dest", 2, "scores:1", "scores:2")
+```
+
+Server/admin Redis commands are blocked because they would affect the shared
+central Redis instance: `FLUSHDB`, `FLUSHALL`, `CONFIG`, `KEYS`, `CLUSTER`,
+`SCRIPT`, `EVAL`, `FUNCTION`, `SELECT`, and similar control-plane commands.
+
+Common `ctx.vector` commands:
+
+```python
+await ctx.vector.upsert_texts(
+    "knowledge",
+    [{"id": "doc-1", "text": "Text to embed", "metadata": {"type": "note"}}],
+)
+await ctx.vector.upsert_vectors(
+    "knowledge",
+    [{"id": "vec-1", "vector": [0.1, 0.2], "metadata": {"type": "manual"}}],
+)
+hits = await ctx.vector.search("knowledge", query="invoice policy", top_k=10)
+hits = await ctx.vector.search("knowledge", vector=[0.1, 0.2], filter={"type": "note"})
+record = await ctx.vector.get("knowledge", "doc-1")
+await ctx.vector.delete("knowledge", ["doc-1"])
+await ctx.vector.delete_index("knowledge")
+stats = await ctx.vector.stats("knowledge")
+```
+
+Advanced Qdrant calls should use scoped helpers:
+
+```python
+client = await ctx.vector.client()
+collection = ctx.vector.collection_name()
+query_filter = ctx.vector.scoped_filter("knowledge", {"type": "note"})
+point = ctx.vector.scoped_point(
+    "knowledge",
+    id="doc-2",
+    vector=[0.1, 0.2],
+    text="Indexed text",
+    metadata={"type": "note"},
+)
+await client.upsert(collection_name=collection, points=[point])
+```
+
 ## 10. Lifecycle Hooks
 
 Lifecycle hooks let an app seed defaults or clean up app-owned data when the

package/lib/manifest.js

@@ -18,6 +18,7 @@ const KNOWN_PERMISSIONS = new Set([
   "routines:read",
   "routines:write",
   "members:read",
+  "members:write",
   "resources:read",
   "resources:write",
 ])

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@palettelab/cli",
-  "version": "0.3.33",
+  "version": "0.3.35",
   "description": "Developer CLI for building Palette platform plugins — no platform source access required.",
   "bin": {
     "pltt": "bin/pltt.js"