@permitio/permit-strapi 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/README.md +139 -0
  2. package/dist/admin/App-BmwAac5t.js +1029 -0
  3. package/dist/admin/App-DGsvV3Vz.mjs +1027 -0
  4. package/dist/admin/en-B4KWt_jN.js +4 -0
  5. package/dist/admin/en-Byx4XI2L.mjs +4 -0
  6. package/dist/admin/index-C2zppPZ6.js +73 -0
  7. package/dist/admin/index-CUo5x9bE.mjs +72 -0
  8. package/dist/admin/index.js +4 -0
  9. package/dist/admin/index.mjs +4 -0
  10. package/dist/admin/src/index.d.ts +10 -0
  11. package/dist/server/index.js +1111 -0
  12. package/dist/server/index.mjs +1111 -0
  13. package/package.json +96 -0
package/dist/admin/App-DGsvV3Vz.mjs ADDED
@@ -0,0 +1,1027 @@
1
+ import { jsxs, jsx, Fragment } from "react/jsx-runtime";
2
+ import { useState, useEffect } from "react";
3
+ import { useFetchClient, useNotification, Page } from "@strapi/strapi/admin";
4
+ import { Routes, Route } from "react-router-dom";
5
+ import { Box, Flex, Typography, Status, Divider, Modal, Button, Field, TextInput, Checkbox, Accordion } from "@strapi/design-system";
6
+ import { ExternalLink, Pencil, Information, Cross, Check, Trash, Plus } from "@strapi/icons";
7
+ import styled from "styled-components";
8
+ import { l as logo } from "./index-CUo5x9bE.mjs";
9
+ const Logo$1 = styled.img`
10
+ width: 40px;
11
+ height: 40px;
12
+ border-radius: 6px;
13
+ `;
14
+ const SegButton = styled.button`
15
+ padding: 6px 16px;
16
+ font-size: 11px;
17
+ font-weight: 700;
18
+ letter-spacing: 0.05em;
19
+ text-transform: uppercase;
20
+ border: none;
21
+ cursor: pointer;
22
+ transition:
23
+ background 0.15s,
24
+ color 0.15s;
25
+ background: ${({ $active, $variant }) => $active ? $variant === "success" ? "#c6f0c2" : "#fce4e4" : "transparent"};
26
+ color: ${({ $active, $variant }) => $active ? $variant === "success" ? "#2f6846" : "#b72b1a" : "#8e8ea9"};
27
+ &:not(:last-child) {
28
+ border-right: 1px solid #dcdce4;
29
+ }
30
+ &:hover {
31
+ background: ${({ $active, $variant }) => $active ? $variant === "success" ? "#c6f0c2" : "#fce4e4" : "#f6f6f9"};
32
+ }
33
+ `;
34
+ const TextLink = styled.a`
35
+ color: inherit;
36
+ text-decoration: underline;
37
+ &:hover {
38
+ opacity: 0.8;
39
+ }
40
+ `;
41
+ const DEFAULT_PDP_URL$1 = "https://cloudpdp.api.permit.io";
42
+ const HomePage = ({ onDisconnect }) => {
43
+ const [config, setConfig] = useState(null);
44
+ const [contentTypes, setContentTypes] = useState([]);
45
+ const [protectedTypes, setProtectedTypes] = useState({});
46
+ const [savingResources, setSavingResources] = useState(false);
47
+ const [syncingUsers, setSyncingUsers] = useState(false);
48
+ const [syncResult, setSyncResult] = useState(null);
49
+ const [updateApiKey, setUpdateApiKey] = useState("");
50
+ const [updatePdpUrl, setUpdatePdpUrl] = useState("");
51
+ const [updateLoading, setUpdateLoading] = useState(false);
52
+ const [disconnectLoading, setDisconnectLoading] = useState(false);
53
+ const [disconnectConfirmed, setDisconnectConfirmed] = useState(false);
54
+ const [rebacConfig, setRebacConfig] = useState({});
55
+ const [instanceRoles, setInstanceRoles] = useState({});
56
+ const [savingRebac, setSavingRebac] = useState(false);
57
+ const [savingInstanceRoles, setSavingInstanceRoles] = useState({});
58
+ const [syncingInstances, setSyncingInstances] = useState({});
59
+ const [instanceSyncResults, setInstanceSyncResults] = useState({});
60
+ const [userFields, setUserFields] = useState([]);
61
+ const [userAttrMappings, setUserAttrMappings] = useState([]);
62
+ const [savingUserAttrs, setSavingUserAttrs] = useState(false);
63
+ const [resourceFieldsMap, setResourceFieldsMap] = useState({});
64
+ const [resourceAttrMappings, setResourceAttrMappings] = useState({});
65
+ const [savingResourceAttrs, setSavingResourceAttrs] = useState(false);
66
+ const { get, post, del } = useFetchClient();
67
+ const { toggleNotification } = useNotification();
68
+ useEffect(() => {
69
+ fetchConfig();
70
+ fetchContentTypes();
71
+ fetchAttributeMappings();
72
+ fetchRebacConfig();
73
+ }, []);
74
+ const fetchConfig = async () => {
75
+ try {
76
+ const { data } = await get("/permit-strapi/config");
77
+ setConfig(data);
78
+ setUpdatePdpUrl(data.pdpUrl);
79
+ } catch {
80
+ toggleNotification({ type: "danger", message: "Failed to load configuration" });
81
+ }
82
+ };
83
+ const fetchContentTypes = async () => {
84
+ try {
85
+ const [{ data: ctData }, { data: exData }] = await Promise.all([
86
+ get("/permit-strapi/content-types"),
87
+ get("/permit-strapi/excluded-resources")
88
+ ]);
89
+ setContentTypes(ctData.contentTypes);
90
+ console.log("[permit-strapi] content types fetched:", ctData.contentTypes);
91
+ const initial = {};
92
+ ctData.contentTypes.forEach((ct) => {
93
+ initial[ct.uid] = !exData.excludedResources.includes(ct.uid);
94
+ });
95
+ setProtectedTypes(initial);
96
+ for (const ct of ctData.contentTypes) {
97
+ fetchContentTypeFields(ct.uid);
98
+ }
99
+ } catch {
100
+ toggleNotification({ type: "danger", message: "Failed to load content types" });
101
+ }
102
+ };
103
+ const fetchContentTypeFields = async (uid) => {
104
+ try {
105
+ const encodedUid = encodeURIComponent(uid);
106
+ const { data } = await get(`/permit-strapi/content-type-fields/${encodedUid}`);
107
+ setResourceFieldsMap((prev) => ({ ...prev, [uid]: data.fields }));
108
+ } catch {
109
+ }
110
+ };
111
+ const fetchAttributeMappings = async () => {
112
+ try {
113
+ const [{ data: userFieldsData }, { data: userMappingsData }, { data: resourceMappingsData }] = await Promise.all([
114
+ get("/permit-strapi/user-fields"),
115
+ get("/permit-strapi/user-attribute-mappings"),
116
+ get("/permit-strapi/resource-attribute-mappings")
117
+ ]);
118
+ setUserFields(userFieldsData.fields);
119
+ setUserAttrMappings(userMappingsData.mappings);
120
+ setResourceAttrMappings(resourceMappingsData.mappings);
121
+ } catch {
122
+ }
123
+ };
124
+ const handleUpdateConfig = async () => {
125
+ if (!updateApiKey.trim()) return;
126
+ setUpdateLoading(true);
127
+ try {
128
+ await post("/permit-strapi/config", {
129
+ apiKey: updateApiKey.trim(),
130
+ pdpUrl: updatePdpUrl.trim() || DEFAULT_PDP_URL$1
131
+ });
132
+ toggleNotification({ type: "success", message: "Configuration updated successfully" });
133
+ fetchConfig();
134
+ setUpdateApiKey("");
135
+ } catch (error) {
136
+ const message = error?.response?.data?.error?.message || "Failed to update configuration";
137
+ toggleNotification({ type: "danger", message });
138
+ } finally {
139
+ setUpdateLoading(false);
140
+ }
141
+ };
142
+ const handleDisconnect = async () => {
143
+ setDisconnectLoading(true);
144
+ try {
145
+ await del("/permit-strapi/config");
146
+ toggleNotification({ type: "success", message: "Disconnected from Permit.io" });
147
+ setDisconnectConfirmed(false);
148
+ onDisconnect();
149
+ } catch {
150
+ toggleNotification({ type: "danger", message: "Failed to disconnect" });
151
+ } finally {
152
+ setDisconnectLoading(false);
153
+ }
154
+ };
155
+ const handleSyncAllUsers = async () => {
156
+ setSyncingUsers(true);
157
+ setSyncResult(null);
158
+ try {
159
+ const { data } = await post("/permit-strapi/sync-users", {});
160
+ setSyncResult(data);
161
+ toggleNotification({
162
+ type: "success",
163
+ message: `Synced ${data.synced} of ${data.total} users`
164
+ });
165
+ } catch {
166
+ toggleNotification({ type: "danger", message: "Failed to sync users" });
167
+ } finally {
168
+ setSyncingUsers(false);
169
+ }
170
+ };
171
+ const toggleProtection = (uid) => {
172
+ setProtectedTypes((prev) => ({ ...prev, [uid]: !prev[uid] }));
173
+ };
174
+ const handleSaveResources = async () => {
175
+ setSavingResources(true);
176
+ try {
177
+ const excludedResources = Object.entries(protectedTypes).filter(([, isProtected]) => !isProtected).map(([uid]) => uid);
178
+ await post("/permit-strapi/excluded-resources", { excludedResources });
179
+ toggleNotification({ type: "success", message: "Protected resources saved successfully" });
180
+ } catch {
181
+ toggleNotification({ type: "danger", message: "Failed to save protected resources" });
182
+ } finally {
183
+ setSavingResources(false);
184
+ }
185
+ };
186
+ const toggleUserAttribute = (fieldName) => {
187
+ setUserAttrMappings(
188
+ (prev) => prev.includes(fieldName) ? prev.filter((f) => f !== fieldName) : [...prev, fieldName]
189
+ );
190
+ };
191
+ const handleSaveUserAttributes = async () => {
192
+ setSavingUserAttrs(true);
193
+ try {
194
+ await post("/permit-strapi/user-attribute-mappings", { mappings: userAttrMappings });
195
+ toggleNotification({
196
+ type: "success",
197
+ message: "User attribute mappings saved. Resources re-synced."
198
+ });
199
+ } catch {
200
+ toggleNotification({ type: "danger", message: "Failed to save user attribute mappings" });
201
+ } finally {
202
+ setSavingUserAttrs(false);
203
+ }
204
+ };
205
+ const toggleResourceAttribute = (uid, fieldName) => {
206
+ setResourceAttrMappings((prev) => {
207
+ const current = prev[uid] || [];
208
+ const updated = current.includes(fieldName) ? current.filter((f) => f !== fieldName) : [...current, fieldName];
209
+ return { ...prev, [uid]: updated };
210
+ });
211
+ };
212
+ const handleSaveResourceAttributes = async () => {
213
+ setSavingResourceAttrs(true);
214
+ try {
215
+ await post("/permit-strapi/resource-attribute-mappings", { mappings: resourceAttrMappings });
216
+ toggleNotification({
217
+ type: "success",
218
+ message: "Resource attribute mappings saved. Resources re-synced."
219
+ });
220
+ } catch {
221
+ toggleNotification({ type: "danger", message: "Failed to save resource attribute mappings" });
222
+ } finally {
223
+ setSavingResourceAttrs(false);
224
+ }
225
+ };
226
+ const fetchRebacConfig = async () => {
227
+ try {
228
+ const { data } = await get("/permit-strapi/rebac-config");
229
+ setRebacConfig(data.config || {});
230
+ } catch {
231
+ }
232
+ };
233
+ const fetchInstanceRoles = async (uid) => {
234
+ try {
235
+ const encodedUid = encodeURIComponent(uid);
236
+ const { data } = await get(`/permit-strapi/instance-roles/${encodedUid}`);
237
+ setInstanceRoles((prev) => ({ ...prev, [uid]: data.roles || [] }));
238
+ } catch {
239
+ }
240
+ };
241
+ const toggleRebacEnabled = (uid) => {
242
+ setRebacConfig((prev) => {
243
+ const current = prev[uid] || { enabled: false, creatorRole: "owner" };
244
+ const updated = { ...current, enabled: !current.enabled };
245
+ if (updated.enabled && !instanceRoles[uid]) {
246
+ fetchInstanceRoles(uid);
247
+ }
248
+ return { ...prev, [uid]: updated };
249
+ });
250
+ };
251
+ const updateCreatorRole = (uid, value) => {
252
+ setRebacConfig((prev) => ({
253
+ ...prev,
254
+ [uid]: { ...prev[uid] || { enabled: false, creatorRole: "owner" }, creatorRole: value }
255
+ }));
256
+ };
257
+ const handleSaveRebacConfig = async () => {
258
+ setSavingRebac(true);
259
+ try {
260
+ await post("/permit-strapi/rebac-config", { config: rebacConfig });
261
+ toggleNotification({ type: "success", message: "ReBAC configuration saved" });
262
+ } catch {
263
+ toggleNotification({ type: "danger", message: "Failed to save ReBAC configuration" });
264
+ } finally {
265
+ setSavingRebac(false);
266
+ }
267
+ };
268
+ const addInstanceRole = (uid) => {
269
+ setInstanceRoles((prev) => ({
270
+ ...prev,
271
+ [uid]: [...prev[uid] || [], { key: "", name: "" }]
272
+ }));
273
+ };
274
+ const updateInstanceRole = (uid, index, field, value) => {
275
+ setInstanceRoles((prev) => {
276
+ const roles = [...prev[uid] || []];
277
+ roles[index] = { ...roles[index], [field]: value };
278
+ return { ...prev, [uid]: roles };
279
+ });
280
+ };
281
+ const removeInstanceRole = (uid, index) => {
282
+ setInstanceRoles((prev) => {
283
+ const roles = [...prev[uid] || []];
284
+ roles.splice(index, 1);
285
+ return { ...prev, [uid]: roles };
286
+ });
287
+ };
288
+ const handleSaveInstanceRoles = async (uid) => {
289
+ setSavingInstanceRoles((prev) => ({ ...prev, [uid]: true }));
290
+ try {
291
+ const encodedUid = encodeURIComponent(uid);
292
+ const roles = instanceRoles[uid] || [];
293
+ await post(`/permit-strapi/instance-roles/${encodedUid}`, { roles });
294
+ toggleNotification({
295
+ type: "success",
296
+ message: "Instance roles saved and synced to Permit.io"
297
+ });
298
+ } catch {
299
+ toggleNotification({ type: "danger", message: "Failed to save instance roles" });
300
+ } finally {
301
+ setSavingInstanceRoles((prev) => ({ ...prev, [uid]: false }));
302
+ }
303
+ };
304
+ const handleSyncInstances = async (uid) => {
305
+ setSyncingInstances((prev) => ({ ...prev, [uid]: true }));
306
+ try {
307
+ const encodedUid = encodeURIComponent(uid);
308
+ const { data } = await post(`/permit-strapi/sync-instances/${encodedUid}`, {});
309
+ setInstanceSyncResults((prev) => ({ ...prev, [uid]: data }));
310
+ toggleNotification({
311
+ type: "success",
312
+ message: `Synced ${data.synced} of ${data.total} instances`
313
+ });
314
+ } catch {
315
+ toggleNotification({ type: "danger", message: "Failed to sync instances" });
316
+ } finally {
317
+ setSyncingInstances((prev) => ({ ...prev, [uid]: false }));
318
+ }
319
+ };
320
+ const protectedContentTypes = contentTypes.filter((ct) => protectedTypes[ct.uid] !== false);
321
+ return /* @__PURE__ */ jsxs(Box, { padding: 10, children: [
322
+ /* @__PURE__ */ jsxs(Box, { background: "neutral0", shadow: "tableShadow", hasRadius: true, padding: 6, marginBottom: 6, children: [
323
+ /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", paddingBottom: 4, children: [
324
+ /* @__PURE__ */ jsxs(Flex, { gap: 3, alignItems: "center", children: [
325
+ /* @__PURE__ */ jsx(Logo$1, { src: logo, alt: "Permit.io" }),
326
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", children: "Permit.io" })
327
+ ] }),
328
+ /* @__PURE__ */ jsx(Status, { variant: "success", size: "S", children: /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "success700", children: "Connected" }) })
329
+ ] }),
330
+ /* @__PURE__ */ jsx(Divider, {}),
331
+ /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", paddingTop: 4, children: [
332
+ /* @__PURE__ */ jsxs(Flex, { gap: 8, children: [
333
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, children: [
334
+ /* @__PURE__ */ jsx(
335
+ Typography,
336
+ {
337
+ variant: "sigma",
338
+ textColor: "neutral500",
339
+ style: { textTransform: "uppercase", letterSpacing: "0.08em", fontSize: "10px" },
340
+ children: "API KEY"
341
+ }
342
+ ),
343
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", children: config?.apiKey })
344
+ ] }),
345
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, children: [
346
+ /* @__PURE__ */ jsx(
347
+ Typography,
348
+ {
349
+ variant: "sigma",
350
+ textColor: "neutral500",
351
+ style: { textTransform: "uppercase", letterSpacing: "0.08em", fontSize: "10px" },
352
+ children: "PDP URL"
353
+ }
354
+ ),
355
+ /* @__PURE__ */ jsxs(Flex, { gap: 1, alignItems: "center", style: { lineHeight: 1 }, children: [
356
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", style: { lineHeight: 1 }, children: config?.pdpUrl }),
357
+ /* @__PURE__ */ jsx(
358
+ "a",
359
+ {
360
+ href: "https://docs.permit.io",
361
+ target: "_blank",
362
+ rel: "noreferrer",
363
+ style: { display: "flex", alignItems: "center" },
364
+ children: /* @__PURE__ */ jsx(ExternalLink, { width: "11px", height: "11px", fill: "neutral400" })
365
+ }
366
+ )
367
+ ] })
368
+ ] })
369
+ ] }),
370
+ /* @__PURE__ */ jsxs(Flex, { gap: 2, children: [
371
+ /* @__PURE__ */ jsxs(Modal.Root, { children: [
372
+ /* @__PURE__ */ jsx(Modal.Trigger, { children: /* @__PURE__ */ jsx(Button, { variant: "secondary", startIcon: /* @__PURE__ */ jsx(Pencil, {}), size: "S", children: "Update Config" }) }),
373
+ /* @__PURE__ */ jsxs(Modal.Content, { children: [
374
+ /* @__PURE__ */ jsx(Modal.Header, { children: /* @__PURE__ */ jsx(Modal.Title, { children: "Update Configuration" }) }),
375
+ /* @__PURE__ */ jsx(Modal.Body, { children: /* @__PURE__ */ jsx(Box, { padding: 2, children: /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 4, children: [
376
+ /* @__PURE__ */ jsxs(
377
+ Field.Root,
378
+ {
379
+ name: "updateApiKey",
380
+ width: "100%",
381
+ hint: "Enter a new Permit.io API key to replace the current one",
382
+ children: [
383
+ /* @__PURE__ */ jsx(Field.Label, { children: "New API Key" }),
384
+ /* @__PURE__ */ jsx(Field.Hint, {}),
385
+ /* @__PURE__ */ jsx(
386
+ TextInput,
387
+ {
388
+ placeholder: "permit_key_...",
389
+ value: updateApiKey,
390
+ onChange: (e) => setUpdateApiKey(e.target.value),
391
+ type: "password"
392
+ }
393
+ )
394
+ ]
395
+ }
396
+ ),
397
+ /* @__PURE__ */ jsxs(Field.Root, { name: "updatePdpUrl", width: "100%", children: [
398
+ /* @__PURE__ */ jsx(Field.Label, { children: "PDP UR" }),
399
+ /* @__PURE__ */ jsx(
400
+ TextInput,
401
+ {
402
+ value: updatePdpUrl,
403
+ onChange: (e) => setUpdatePdpUrl(e.target.value)
404
+ }
405
+ )
406
+ ] }),
407
+ /* @__PURE__ */ jsxs(
408
+ Flex,
409
+ {
410
+ gap: 2,
411
+ alignItems: "flex-start",
412
+ padding: 3,
413
+ style: { background: "#f0f4ff", borderRadius: "4px" },
414
+ children: [
415
+ /* @__PURE__ */ jsx(
416
+ Information,
417
+ {
418
+ width: "14px",
419
+ height: "14px",
420
+ fill: "primary600",
421
+ style: { flexShrink: 0, marginTop: "2px" }
422
+ }
423
+ ),
424
+ /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "primary600", children: [
425
+ "The Cloud PDP supports ",
426
+ /* @__PURE__ */ jsx("strong", { children: "RBAC only" }),
427
+ ". For ABAC or ReBAC policies, use a",
428
+ " ",
429
+ /* @__PURE__ */ jsx(
430
+ TextLink,
431
+ {
432
+ href: "https://docs.permit.io/how-to/deploy/deploy-to-production",
433
+ target: "_blank",
434
+ rel: "noreferrer",
435
+ children: "self-hosted PDP"
436
+ }
437
+ ),
438
+ "."
439
+ ] })
440
+ ]
441
+ }
442
+ )
443
+ ] }) }) }),
444
+ /* @__PURE__ */ jsxs(Modal.Footer, { children: [
445
+ /* @__PURE__ */ jsx(Modal.Close, { children: /* @__PURE__ */ jsx(Button, { variant: "tertiary", startIcon: /* @__PURE__ */ jsx(Cross, {}), children: "Cancel" }) }),
446
+ /* @__PURE__ */ jsx(
447
+ Button,
448
+ {
449
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
450
+ onClick: handleUpdateConfig,
451
+ loading: updateLoading,
452
+ disabled: !updateApiKey.trim() || updateLoading,
453
+ children: "Save Changes"
454
+ }
455
+ )
456
+ ] })
457
+ ] })
458
+ ] }),
459
+ /* @__PURE__ */ jsxs(Modal.Root, { children: [
460
+ /* @__PURE__ */ jsx(Modal.Trigger, { children: /* @__PURE__ */ jsx(Button, { variant: "danger-light", startIcon: /* @__PURE__ */ jsx(Trash, {}), size: "S", children: "Disconnect" }) }),
461
+ /* @__PURE__ */ jsxs(Modal.Content, { children: [
462
+ /* @__PURE__ */ jsx(Modal.Header, { children: /* @__PURE__ */ jsx(Modal.Title, { children: "Disconnect from Permit.io" }) }),
463
+ /* @__PURE__ */ jsx(Modal.Body, { children: /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 4, children: [
464
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", children: "Are you sure you want to disconnect from Permit.io?" }),
465
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "danger600", children: "All API requests will immediately stop being checked for authorization. Your content types will be unprotected until you reconnect." }),
466
+ /* @__PURE__ */ jsx(
467
+ Checkbox,
468
+ {
469
+ checked: disconnectConfirmed,
470
+ onCheckedChange: (val) => setDisconnectConfirmed(val),
471
+ children: "I understand the consequences of disconnecting"
472
+ }
473
+ )
474
+ ] }) }),
475
+ /* @__PURE__ */ jsxs(Modal.Footer, { children: [
476
+ /* @__PURE__ */ jsx(Modal.Close, { children: /* @__PURE__ */ jsx(Button, { variant: "tertiary", startIcon: /* @__PURE__ */ jsx(Cross, {}), children: "Cancel" }) }),
477
+ /* @__PURE__ */ jsx(
478
+ Button,
479
+ {
480
+ variant: "danger",
481
+ startIcon: /* @__PURE__ */ jsx(Trash, {}),
482
+ onClick: handleDisconnect,
483
+ loading: disconnectLoading,
484
+ disabled: !disconnectConfirmed || disconnectLoading,
485
+ children: "Yes, Disconnect"
486
+ }
487
+ )
488
+ ] })
489
+ ] })
490
+ ] })
491
+ ] })
492
+ ] })
493
+ ] }),
494
+ /* @__PURE__ */ jsx(Box, { background: "neutral0", shadow: "tableShadow", hasRadius: true, padding: 6, marginBottom: 6, children: /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", width: "100%", children: [
495
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, alignItems: "flex-start", children: [
496
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", children: "User Sync" }),
497
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral600", children: "Sync all existing Strapi users to Permit.io. New users are synced automatically on registration." }),
498
+ syncResult && /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "neutral500", children: [
499
+ "Last sync: ",
500
+ syncResult.synced,
501
+ " synced, ",
502
+ syncResult.failed,
503
+ " failed (total:",
504
+ " ",
505
+ syncResult.total,
506
+ ")"
507
+ ] })
508
+ ] }),
509
+ /* @__PURE__ */ jsx(Button, { variant: "secondary", size: "S", onClick: handleSyncAllUsers, loading: syncingUsers, children: "Sync All Users" })
510
+ ] }) }),
511
+ /* @__PURE__ */ jsxs(Box, { background: "neutral0", shadow: "tableShadow", hasRadius: true, padding: 6, marginBottom: 6, children: [
512
+ /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", paddingBottom: 4, width: "100%", children: [
513
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, alignItems: "flex-start", children: [
514
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", children: "Protected Resources" }),
515
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral600", children: "Toggle which content types are protected by Permit.io authorization" })
516
+ ] }),
517
+ /* @__PURE__ */ jsx(
518
+ Button,
519
+ {
520
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
521
+ size: "S",
522
+ onClick: handleSaveResources,
523
+ loading: savingResources,
524
+ children: "Save"
525
+ }
526
+ )
527
+ ] }),
528
+ /* @__PURE__ */ jsx(Divider, {}),
529
+ contentTypes.length === 0 ? /* @__PURE__ */ jsx(Box, { paddingTop: 6, children: /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral500", children: "No content types found. Create a collection type in the Content-Type Builder first." }) }) : /* @__PURE__ */ jsx(Flex, { direction: "column", gap: 0, paddingTop: 2, width: "100%", children: contentTypes.map((ct, index) => {
530
+ const isProtected = protectedTypes[ct.uid] ?? true;
531
+ return /* @__PURE__ */ jsxs(Box, { width: "100%", children: [
532
+ /* @__PURE__ */ jsxs(Flex, { alignItems: "center", padding: 4, style: { width: "100%" }, children: [
533
+ /* @__PURE__ */ jsx(Box, { flex: 1, children: /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: ct.displayName }) }),
534
+ /* @__PURE__ */ jsxs(
535
+ Flex,
536
+ {
537
+ style: {
538
+ border: "1px solid #dcdce4",
539
+ borderRadius: "4px",
540
+ overflow: "hidden"
541
+ },
542
+ children: [
543
+ /* @__PURE__ */ jsx(
544
+ SegButton,
545
+ {
546
+ $active: !isProtected,
547
+ $variant: "danger",
548
+ onClick: () => isProtected && toggleProtection(ct.uid),
549
+ children: "Unprotected"
550
+ }
551
+ ),
552
+ /* @__PURE__ */ jsx(
553
+ SegButton,
554
+ {
555
+ $active: isProtected,
556
+ $variant: "success",
557
+ onClick: () => !isProtected && toggleProtection(ct.uid),
558
+ children: "Protected"
559
+ }
560
+ )
561
+ ]
562
+ }
563
+ )
564
+ ] }),
565
+ index < contentTypes.length - 1 && /* @__PURE__ */ jsx(Divider, {})
566
+ ] }, ct.uid);
567
+ }) })
568
+ ] }),
569
+ /* @__PURE__ */ jsxs(Box, { background: "neutral0", shadow: "tableShadow", hasRadius: true, padding: 6, children: [
570
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, paddingBottom: 4, alignItems: "flex-start", children: [
571
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", children: "ABAC Attribute Mapping" }),
572
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral600", children: "Select which fields to pass as attributes for Attribute-Based Access Control. Requires a self-hosted PDP." })
573
+ ] }),
574
+ /* @__PURE__ */ jsxs(Accordion.Root, { children: [
575
+ /* @__PURE__ */ jsxs(Accordion.Item, { value: "user-attributes", children: [
576
+ /* @__PURE__ */ jsx(Accordion.Header, { children: /* @__PURE__ */ jsx(Accordion.Trigger, { children: /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: "User Attributes" }) }) }),
577
+ /* @__PURE__ */ jsx(Accordion.Content, { children: /* @__PURE__ */ jsx(Box, { padding: 4, children: userFields.length === 0 ? /* @__PURE__ */ jsx(Typography, { variant: "pi", textColor: "neutral500", children: "No custom user fields found. Add fields to the User content type to use as ABAC attributes." }) : /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 3, alignItems: "flex-start", children: [
578
+ /* @__PURE__ */ jsx(Flex, { gap: 4, wrap: "wrap", children: userFields.map((field) => /* @__PURE__ */ jsx(
579
+ Checkbox,
580
+ {
581
+ checked: userAttrMappings.includes(field.name),
582
+ onCheckedChange: () => toggleUserAttribute(field.name),
583
+ children: /* @__PURE__ */ jsxs(Flex, { gap: 1, alignItems: "center", children: [
584
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", children: field.name }),
585
+ /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "neutral400", children: [
586
+ "(",
587
+ field.type,
588
+ ")"
589
+ ] })
590
+ ] })
591
+ },
592
+ field.name
593
+ )) }),
594
+ /* @__PURE__ */ jsx(
595
+ Button,
596
+ {
597
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
598
+ size: "S",
599
+ onClick: handleSaveUserAttributes,
600
+ loading: savingUserAttrs,
601
+ variant: "secondary",
602
+ children: "Save User Attributes"
603
+ }
604
+ )
605
+ ] }) }) })
606
+ ] }),
607
+ /* @__PURE__ */ jsxs(Accordion.Item, { value: "resource-attributes", children: [
608
+ /* @__PURE__ */ jsx(Accordion.Header, { children: /* @__PURE__ */ jsx(Accordion.Trigger, { children: /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: "Resource Attributes" }) }) }),
609
+ /* @__PURE__ */ jsx(Accordion.Content, { children: /* @__PURE__ */ jsx(Box, { padding: 4, children: protectedContentTypes.length === 0 ? /* @__PURE__ */ jsx(Typography, { variant: "pi", textColor: "neutral500", children: "No protected content types. Enable protection for a content type above to configure resource attributes." }) : /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 4, alignItems: "flex-start", children: [
610
+ protectedContentTypes.map((ct) => {
611
+ const fields = resourceFieldsMap[ct.uid] || [];
612
+ const selected = resourceAttrMappings[ct.uid] || [];
613
+ return /* @__PURE__ */ jsxs(Box, { children: [
614
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: ct.displayName }),
615
+ /* @__PURE__ */ jsx(Box, { paddingTop: 2 }),
616
+ fields.length === 0 ? /* @__PURE__ */ jsx(Typography, { variant: "pi", textColor: "neutral400", children: "No mappable fields" }) : /* @__PURE__ */ jsx(Flex, { gap: 4, wrap: "wrap", paddingLeft: 2, children: fields.map((field) => /* @__PURE__ */ jsx(
617
+ Checkbox,
618
+ {
619
+ checked: selected.includes(field.name),
620
+ onCheckedChange: () => toggleResourceAttribute(ct.uid, field.name),
621
+ children: /* @__PURE__ */ jsxs(Flex, { gap: 1, alignItems: "center", children: [
622
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", children: field.name }),
623
+ /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "neutral400", children: [
624
+ "(",
625
+ field.type,
626
+ ")"
627
+ ] })
628
+ ] })
629
+ },
630
+ field.name
631
+ )) })
632
+ ] }, ct.uid);
633
+ }),
634
+ /* @__PURE__ */ jsx(
635
+ Button,
636
+ {
637
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
638
+ size: "S",
639
+ onClick: handleSaveResourceAttributes,
640
+ loading: savingResourceAttrs,
641
+ variant: "secondary",
642
+ children: "Save Resource Attributes"
643
+ }
644
+ )
645
+ ] }) }) })
646
+ ] })
647
+ ] })
648
+ ] }),
649
+ /* @__PURE__ */ jsxs(Box, { background: "neutral0", shadow: "tableShadow", hasRadius: true, padding: 6, marginTop: 6, children: [
650
+ /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", paddingBottom: 4, width: "100%", children: [
651
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, alignItems: "flex-start", children: [
652
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", children: "ReBAC Configuration" }),
653
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral600", children: "Enable Relationship-Based Access Control per content type. Requires a self-hosted PDP." })
654
+ ] }),
655
+ /* @__PURE__ */ jsx(
656
+ Button,
657
+ {
658
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
659
+ size: "S",
660
+ onClick: handleSaveRebacConfig,
661
+ loading: savingRebac,
662
+ children: "Save"
663
+ }
664
+ )
665
+ ] }),
666
+ /* @__PURE__ */ jsx(Divider, {}),
667
+ protectedContentTypes.length === 0 ? /* @__PURE__ */ jsx(Box, { paddingTop: 6, children: /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral500", children: "No protected content types. Enable protection above first." }) }) : /* @__PURE__ */ jsx(Accordion.Root, { children: protectedContentTypes.map((ct) => {
668
+ const ctRebac = rebacConfig[ct.uid] || { enabled: false, creatorRole: "owner" };
669
+ const roles = instanceRoles[ct.uid] || [];
670
+ const syncResult2 = instanceSyncResults[ct.uid];
671
+ return /* @__PURE__ */ jsxs(Accordion.Item, { value: ct.uid, children: [
672
+ /* @__PURE__ */ jsx(Accordion.Header, { children: /* @__PURE__ */ jsx(Accordion.Trigger, { children: /* @__PURE__ */ jsxs(Flex, { gap: 3, alignItems: "center", children: [
673
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: ct.displayName }),
674
+ ctRebac.enabled && /* @__PURE__ */ jsx(Typography, { variant: "pi", textColor: "success600", children: "(ReBAC enabled)" })
675
+ ] }) }) }),
676
+ /* @__PURE__ */ jsx(Accordion.Content, { children: /* @__PURE__ */ jsx(Box, { padding: 4, children: /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 5, alignItems: "flex-start", children: [
677
+ /* @__PURE__ */ jsxs(Flex, { alignItems: "center", gap: 3, children: [
678
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: "ReBAC Mode" }),
679
+ /* @__PURE__ */ jsxs(
680
+ Flex,
681
+ {
682
+ style: {
683
+ border: "1px solid #dcdce4",
684
+ borderRadius: "4px",
685
+ overflow: "hidden"
686
+ },
687
+ children: [
688
+ /* @__PURE__ */ jsx(
689
+ SegButton,
690
+ {
691
+ $active: !ctRebac.enabled,
692
+ $variant: "danger",
693
+ onClick: () => ctRebac.enabled && toggleRebacEnabled(ct.uid),
694
+ children: "Disabled"
695
+ }
696
+ ),
697
+ /* @__PURE__ */ jsx(
698
+ SegButton,
699
+ {
700
+ $active: ctRebac.enabled,
701
+ $variant: "success",
702
+ onClick: () => !ctRebac.enabled && toggleRebacEnabled(ct.uid),
703
+ children: "Enabled"
704
+ }
705
+ )
706
+ ]
707
+ }
708
+ )
709
+ ] }),
710
+ ctRebac.enabled && /* @__PURE__ */ jsxs(Fragment, { children: [
711
+ /* @__PURE__ */ jsxs(
712
+ Field.Root,
713
+ {
714
+ name: `creator-role-${ct.uid}`,
715
+ width: "300px",
716
+ hint: "Role assigned to the user who creates a record",
717
+ children: [
718
+ /* @__PURE__ */ jsx(Field.Label, { children: "Creator Role" }),
719
+ /* @__PURE__ */ jsx(Field.Hint, {}),
720
+ /* @__PURE__ */ jsx(
721
+ TextInput,
722
+ {
723
+ placeholder: "owner",
724
+ value: ctRebac.creatorRole,
725
+ onChange: (e) => updateCreatorRole(ct.uid, e.target.value)
726
+ }
727
+ )
728
+ ]
729
+ }
730
+ ),
731
+ /* @__PURE__ */ jsx(Divider, {}),
732
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 3, alignItems: "flex-start", width: "100%", children: [
733
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: "Instance Roles" }),
734
+ /* @__PURE__ */ jsx(Typography, { variant: "pi", textColor: "neutral500", children: "Define roles that can be assigned to users on specific records (e.g. owner, editor, viewer)" }),
735
+ roles.length > 0 && /* @__PURE__ */ jsx(Flex, { direction: "column", gap: 2, width: "100%", children: roles.map((role, index) => /* @__PURE__ */ jsxs(Flex, { gap: 2, alignItems: "center", width: "100%", children: [
736
+ /* @__PURE__ */ jsx(Box, { flex: 1, children: /* @__PURE__ */ jsx(
737
+ TextInput,
738
+ {
739
+ placeholder: "key (e.g. owner)",
740
+ value: role.key,
741
+ onChange: (e) => updateInstanceRole(ct.uid, index, "key", e.target.value),
742
+ "aria-label": "Role key"
743
+ }
744
+ ) }),
745
+ /* @__PURE__ */ jsx(Box, { flex: 1, children: /* @__PURE__ */ jsx(
746
+ TextInput,
747
+ {
748
+ placeholder: "name (e.g. Owner)",
749
+ value: role.name,
750
+ onChange: (e) => updateInstanceRole(
751
+ ct.uid,
752
+ index,
753
+ "name",
754
+ e.target.value
755
+ ),
756
+ "aria-label": "Role name"
757
+ }
758
+ ) }),
759
+ /* @__PURE__ */ jsx(
760
+ Button,
761
+ {
762
+ variant: "danger-light",
763
+ size: "S",
764
+ onClick: () => removeInstanceRole(ct.uid, index),
765
+ startIcon: /* @__PURE__ */ jsx(Trash, {}),
766
+ children: "Remove"
767
+ }
768
+ )
769
+ ] }, index)) }),
770
+ /* @__PURE__ */ jsxs(Flex, { gap: 2, children: [
771
+ /* @__PURE__ */ jsx(
772
+ Button,
773
+ {
774
+ variant: "secondary",
775
+ size: "S",
776
+ startIcon: /* @__PURE__ */ jsx(Plus, {}),
777
+ onClick: () => addInstanceRole(ct.uid),
778
+ children: "Add Role"
779
+ }
780
+ ),
781
+ /* @__PURE__ */ jsx(
782
+ Button,
783
+ {
784
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
785
+ size: "S",
786
+ onClick: () => handleSaveInstanceRoles(ct.uid),
787
+ loading: savingInstanceRoles[ct.uid],
788
+ disabled: roles.length === 0,
789
+ children: "Save Roles"
790
+ }
791
+ )
792
+ ] })
793
+ ] }),
794
+ /* @__PURE__ */ jsx(Divider, {}),
795
+ /* @__PURE__ */ jsxs(Flex, { justifyContent: "space-between", alignItems: "center", width: "100%", children: [
796
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, alignItems: "flex-start", children: [
797
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: "Sync Instances" }),
798
+ /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "neutral500", children: [
799
+ "Bulk sync all existing ",
800
+ ct.displayName,
801
+ " records to Permit.io as resource instances"
802
+ ] }),
803
+ syncResult2 && /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "neutral400", children: [
804
+ "Last sync: ",
805
+ syncResult2.synced,
806
+ " synced, ",
807
+ syncResult2.failed,
808
+ " ",
809
+ "failed (total: ",
810
+ syncResult2.total,
811
+ ")"
812
+ ] })
813
+ ] }),
814
+ /* @__PURE__ */ jsx(
815
+ Button,
816
+ {
817
+ variant: "secondary",
818
+ size: "S",
819
+ onClick: () => handleSyncInstances(ct.uid),
820
+ loading: syncingInstances[ct.uid],
821
+ children: "Sync Instances"
822
+ }
823
+ )
824
+ ] })
825
+ ] })
826
+ ] }) }) })
827
+ ] }, ct.uid);
828
+ }) })
829
+ ] })
830
+ ] });
831
+ };
832
+ const Logo = styled.img`
833
+ width: 48px;
834
+ height: 48px;
835
+ border-radius: 8px;
836
+ `;
837
+ const StepLink = styled.a`
838
+ color: ${({ theme }) => theme.colors.primary600};
839
+ font-size: ${({ theme }) => theme.fontSizes[2]};
840
+ text-decoration: none;
841
+ &:hover { text-decoration: underline; }
842
+ `;
843
+ const StepNumber = styled(Flex)`
844
+ width: 28px;
845
+ height: 28px;
846
+ border-radius: 50%;
847
+ background-color: ${({ theme }) => theme.colors.primary100};
848
+ flex-shrink: 0;
849
+ `;
850
+ const steps = [
851
+ {
852
+ number: 1,
853
+ title: "Create a Permit.io account",
854
+ description: "Sign up at permit.io and create a new workspace for your project.",
855
+ link: "https://app.permit.io",
856
+ linkText: "Go to Permit.io"
857
+ },
858
+ {
859
+ number: 2,
860
+ title: "Assign policies in Permit.io",
861
+ description: "Once connected, your Strapi content types and roles sync automatically. Head to the Permit.io dashboard to assign permissions per role.",
862
+ link: "https://docs.permit.io",
863
+ linkText: "Read the docs"
864
+ },
865
+ {
866
+ number: 3,
867
+ title: "Enter your API key below",
868
+ description: "Copy your API key from the Permit.io dashboard and paste it below to connect."
869
+ }
870
+ ];
871
+ const DEFAULT_PDP_URL = "https://cloudpdp.api.permit.io";
872
+ const GettingStarted = ({ onConnect }) => {
873
+ const [apiKey, setApiKey] = useState("");
874
+ const [pdpUrl, setPdpUrl] = useState(DEFAULT_PDP_URL);
875
+ const [errors, setErrors] = useState({});
876
+ const [loading, setLoading] = useState(false);
877
+ const { post } = useFetchClient();
878
+ const { toggleNotification } = useNotification();
879
+ const handleConnect = async () => {
880
+ if (!apiKey.trim()) {
881
+ setErrors({ apiKey: "API key is required" });
882
+ return;
883
+ }
884
+ setErrors({});
885
+ setLoading(true);
886
+ try {
887
+ await post("/permit-strapi/config", {
888
+ apiKey: apiKey.trim(),
889
+ pdpUrl: pdpUrl.trim() || DEFAULT_PDP_URL
890
+ });
891
+ toggleNotification({
892
+ type: "success",
893
+ message: "Successfully connected to Permit.io"
894
+ });
895
+ onConnect();
896
+ } catch (error) {
897
+ const message = error?.response?.data?.error?.message || "Failed to connect. Please check your API key.";
898
+ toggleNotification({
899
+ type: "danger",
900
+ message
901
+ });
902
+ } finally {
903
+ setLoading(false);
904
+ }
905
+ };
906
+ return /* @__PURE__ */ jsxs(Box, { padding: 10, children: [
907
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 4, paddingBottom: 10, children: [
908
+ /* @__PURE__ */ jsx(Logo, { src: logo, alt: "Permit.io" }),
909
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", alignItems: "center", gap: 2, children: [
910
+ /* @__PURE__ */ jsx(Typography, { variant: "alpha", children: "Welcome to Permit Strapi" }),
911
+ /* @__PURE__ */ jsx(Typography, { variant: "epsilon", textColor: "neutral600", children: "Fine-grained authorization for your Strapi content types, powered by Permit.io" })
912
+ ] })
913
+ ] }),
914
+ /* @__PURE__ */ jsxs(
915
+ Box,
916
+ {
917
+ background: "neutral0",
918
+ shadow: "tableShadow",
919
+ hasRadius: true,
920
+ padding: 8,
921
+ marginBottom: 6,
922
+ style: { maxWidth: 640, margin: "0 auto 24px auto" },
923
+ children: [
924
+ /* @__PURE__ */ jsx(Typography, { variant: "delta", paddingBottom: 6, children: "Get started in 3 steps" }),
925
+ /* @__PURE__ */ jsx(Flex, { direction: "column", gap: 6, paddingTop: 4, children: steps.map((step) => /* @__PURE__ */ jsxs(Flex, { gap: 4, alignItems: "flex-start", children: [
926
+ /* @__PURE__ */ jsx(StepNumber, { justifyContent: "center", alignItems: "center", style: { marginTop: "2px", flexShrink: 0 }, children: /* @__PURE__ */ jsx(Typography, { variant: "sigma", textColor: "primary600", children: step.number }) }),
927
+ /* @__PURE__ */ jsxs(Flex, { direction: "column", gap: 1, alignItems: "flex-start", style: { flex: 1 }, children: [
928
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", fontWeight: "bold", children: step.title }),
929
+ /* @__PURE__ */ jsx(Typography, { variant: "omega", textColor: "neutral600", children: step.description }),
930
+ step.link && /* @__PURE__ */ jsxs(Flex, { gap: 1, alignItems: "center", paddingTop: 1, children: [
931
+ /* @__PURE__ */ jsx(StepLink, { href: step.link, target: "_blank", rel: "noreferrer", children: step.linkText }),
932
+ /* @__PURE__ */ jsx(ExternalLink, { width: "12px", height: "12px", fill: "primary600" })
933
+ ] })
934
+ ] })
935
+ ] }, step.number)) }),
936
+ /* @__PURE__ */ jsx(Box, { paddingTop: 8, children: /* @__PURE__ */ jsxs(Field.Root, { name: "apiKey", error: errors.apiKey, children: [
937
+ /* @__PURE__ */ jsx(Field.Label, { children: "Permit.io API Key" }),
938
+ /* @__PURE__ */ jsx(
939
+ TextInput,
940
+ {
941
+ placeholder: "permit_key_...",
942
+ value: apiKey,
943
+ onChange: (e) => setApiKey(e.target.value),
944
+ type: "password"
945
+ }
946
+ ),
947
+ /* @__PURE__ */ jsx(Field.Error, {})
948
+ ] }) }),
949
+ /* @__PURE__ */ jsxs(Box, { paddingTop: 4, children: [
950
+ /* @__PURE__ */ jsxs(Field.Root, { name: "pdpUrl", hint: "Leave as default to use Permit.io Cloud PDP. Change to your local PDP URL if self-hosting.", children: [
951
+ /* @__PURE__ */ jsx(Field.Label, { children: "PDP URL" }),
952
+ /* @__PURE__ */ jsx(Field.Hint, {}),
953
+ /* @__PURE__ */ jsx(
954
+ TextInput,
955
+ {
956
+ placeholder: DEFAULT_PDP_URL,
957
+ value: pdpUrl,
958
+ onChange: (e) => setPdpUrl(e.target.value)
959
+ }
960
+ )
961
+ ] }),
962
+ /* @__PURE__ */ jsx(Box, { paddingTop: 3, children: /* @__PURE__ */ jsxs(
963
+ Flex,
964
+ {
965
+ gap: 2,
966
+ alignItems: "flex-start",
967
+ padding: 3,
968
+ style: { background: "#f0f4ff", borderRadius: "4px" },
969
+ children: [
970
+ /* @__PURE__ */ jsx(Information, { width: "14px", height: "14px", fill: "primary600", style: { flexShrink: 0, marginTop: "2px" } }),
971
+ /* @__PURE__ */ jsxs(Typography, { variant: "pi", textColor: "primary600", children: [
972
+ "The Cloud PDP supports ",
973
+ /* @__PURE__ */ jsx("strong", { children: "RBAC only" }),
974
+ ". If you plan to use ABAC or ReBAC policies, you must deploy a",
975
+ " ",
976
+ /* @__PURE__ */ jsx(
977
+ "a",
978
+ {
979
+ href: "https://docs.permit.io/how-to/deploy/deploy-to-production",
980
+ target: "_blank",
981
+ rel: "noreferrer",
982
+ style: { color: "inherit", textDecoration: "underline" },
983
+ children: "self-hosted PDP"
984
+ }
985
+ ),
986
+ "."
987
+ ] })
988
+ ]
989
+ }
990
+ ) })
991
+ ] }),
992
+ /* @__PURE__ */ jsx(Flex, { paddingTop: 6, justifyContent: "flex-end", children: /* @__PURE__ */ jsx(
993
+ Button,
994
+ {
995
+ startIcon: /* @__PURE__ */ jsx(Check, {}),
996
+ onClick: handleConnect,
997
+ disabled: !apiKey.trim() || loading,
998
+ loading,
999
+ size: "L",
1000
+ children: "Connect to Permit.io"
1001
+ }
1002
+ ) })
1003
+ ]
1004
+ }
1005
+ )
1006
+ ] });
1007
+ };
1008
+ const App = () => {
1009
+ const [isConfigured, setIsConfigured] = useState(null);
1010
+ const { get } = useFetchClient();
1011
+ useEffect(() => {
1012
+ get("/permit-strapi/config").then(({ data }) => setIsConfigured(data.configured)).catch(() => setIsConfigured(false));
1013
+ }, []);
1014
+ if (isConfigured === null) {
1015
+ return /* @__PURE__ */ jsx(Page.Loading, {});
1016
+ }
1017
+ if (!isConfigured) {
1018
+ return /* @__PURE__ */ jsx(GettingStarted, { onConnect: () => setIsConfigured(true) });
1019
+ }
1020
+ return /* @__PURE__ */ jsxs(Routes, { children: [
1021
+ /* @__PURE__ */ jsx(Route, { index: true, element: /* @__PURE__ */ jsx(HomePage, { onDisconnect: () => setIsConfigured(false) }) }),
1022
+ /* @__PURE__ */ jsx(Route, { path: "*", element: /* @__PURE__ */ jsx(Page.Error, {}) })
1023
+ ] });
1024
+ };
1025
+ export {
1026
+ App
1027
+ };