@pylonsync/webhooks 0.3.118 → 0.3.121
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +3 -3
- package/src/dispatch.ts +20 -0
- package/src/types.ts +13 -1
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
"publishConfig": {
|
|
4
4
|
"access": "public"
|
|
5
5
|
},
|
|
6
|
-
"version": "0.3.
|
|
6
|
+
"version": "0.3.121",
|
|
7
7
|
"type": "module",
|
|
8
8
|
"main": "src/index.ts",
|
|
9
9
|
"types": "src/index.ts",
|
|
@@ -12,8 +12,8 @@
|
|
|
12
12
|
"check": "tsc -p tsconfig.json --noEmit"
|
|
13
13
|
},
|
|
14
14
|
"dependencies": {
|
|
15
|
-
"@pylonsync/sdk": "0.3.
|
|
16
|
-
"@pylonsync/functions": "0.3.
|
|
15
|
+
"@pylonsync/sdk": "0.3.121",
|
|
16
|
+
"@pylonsync/functions": "0.3.121"
|
|
17
17
|
},
|
|
18
18
|
"peerDependencies": {
|
|
19
19
|
"bun-types": "*"
|
package/src/dispatch.ts
CHANGED
|
@@ -48,6 +48,26 @@ export async function dispatch(
|
|
|
48
48
|
}>
|
|
49
49
|
>("_pylonWebhookListEndpoints", { applicationId });
|
|
50
50
|
|
|
51
|
+
// `_pylonWebhookDeliver` is internal:true. Pylon framework's
|
|
52
|
+
// scheduler refuses public-action → internal-target enqueues to
|
|
53
|
+
// stop public actions becoming a router-bypass into internal
|
|
54
|
+
// helpers. Dispatch is by design called from public app actions
|
|
55
|
+
// (when an HTTP-triggered mutation wants to emit an event), so
|
|
56
|
+
// we need to grant the call admin authority before scheduling.
|
|
57
|
+
//
|
|
58
|
+
// On framework v0.3.118+ ctx.auth.elevate() exists; on older
|
|
59
|
+
// runtimes it doesn't. Guard the call so apps pinned to old
|
|
60
|
+
// pylon versions still type-check + run (they'd just get the
|
|
61
|
+
// SCHEDULE_FAILED error at the runAfter call, which is what they
|
|
62
|
+
// got before this fix landed — net no regression).
|
|
63
|
+
if (typeof ctx.auth.elevate === "function") {
|
|
64
|
+
await ctx.auth.elevate({
|
|
65
|
+
admin: true,
|
|
66
|
+
reason:
|
|
67
|
+
"webhooks plugin: scheduling _pylonWebhookDeliver (internal:true) — caller authority is the app's own dispatch trust boundary, the worker validates endpoint+tenant",
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
|
|
51
71
|
let scheduled = 0;
|
|
52
72
|
for (const ep of endpoints) {
|
|
53
73
|
if (ep.disabled) continue;
|
package/src/types.ts
CHANGED
|
@@ -74,7 +74,19 @@ export interface WebhookConfig {
|
|
|
74
74
|
|
|
75
75
|
export interface WebhookCtx {
|
|
76
76
|
env: Record<string, string | undefined>;
|
|
77
|
-
auth: {
|
|
77
|
+
auth: {
|
|
78
|
+
userId?: string | null;
|
|
79
|
+
tenantId?: string | null;
|
|
80
|
+
/**
|
|
81
|
+
* Optional — only present on Pylon framework v0.3.118+. The
|
|
82
|
+
* dispatch path uses it (when available) to elevate the
|
|
83
|
+
* caller to admin before scheduling the internal:true
|
|
84
|
+
* `_pylonWebhookDeliver` worker. Without elevation the
|
|
85
|
+
* scheduler's public-to-internal gate refuses the enqueue
|
|
86
|
+
* and no webhooks deliver — see dispatch.ts comment.
|
|
87
|
+
*/
|
|
88
|
+
elevate?: (options: { admin: boolean; reason: string }) => Promise<void>;
|
|
89
|
+
};
|
|
78
90
|
runQuery: <T>(name: string, args: Record<string, unknown>) => Promise<T>;
|
|
79
91
|
runMutation: <T = unknown>(
|
|
80
92
|
name: string,
|