@robelest/convex-auth 0.0.4-preview.25 → 0.0.4-preview.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +43 -36
- package/dist/bin.js +5765 -4880
- package/dist/browser/index.d.ts +30 -0
- package/dist/browser/index.js +93 -0
- package/dist/browser/locks.js +11 -0
- package/dist/browser/navigation.js +14 -0
- package/dist/{factors → browser}/passkey.js +23 -32
- package/dist/browser/runtime.js +92 -0
- package/dist/client/core/types.d.ts +452 -5
- package/dist/client/core/types.js +17 -0
- package/dist/client/errors.js +19 -0
- package/dist/client/factors/device.js +94 -0
- package/dist/{factors → client/factors}/totp.js +12 -4
- package/dist/client/index.d.ts +47 -1
- package/dist/client/index.js +269 -232
- package/dist/client/runtime/mutex.js +24 -0
- package/dist/client/runtime/proxy.js +30 -0
- package/dist/client/runtime/storage.js +45 -0
- package/dist/client/services/adapters.js +7 -0
- package/dist/client/services/http.js +6 -0
- package/dist/client/services/resolve.js +13 -0
- package/dist/client/services/runtime.js +6 -0
- package/dist/component/_generated/component.d.ts +1355 -1399
- package/dist/component/convex.config.d.ts +2 -2
- package/dist/component/index.d.ts +4 -26
- package/dist/component/index.js +1 -1
- package/dist/component/model.d.ts +26 -112
- package/dist/component/model.js +76 -54
- package/dist/component/modules.js +38 -0
- package/dist/component/public/factors/devices.js +1 -1
- package/dist/component/public/factors/passkeys.js +1 -1
- package/dist/component/public/factors/totp.js +1 -1
- package/dist/component/public/groups/core.js +2 -2
- package/dist/component/public/groups/invites.js +1 -1
- package/dist/component/public/groups/members.js +1 -1
- package/dist/component/public/identity/accounts.js +1 -1
- package/dist/component/public/identity/codes.js +1 -1
- package/dist/component/public/identity/sessions.js +39 -2
- package/dist/component/public/identity/tokens.js +82 -4
- package/dist/component/public/identity/users.js +1 -1
- package/dist/component/public/identity/verifiers.js +10 -4
- package/dist/component/public/security/keys.js +1 -1
- package/dist/component/public/security/limits.js +1 -1
- package/dist/component/public/{enterprise → sso}/audit.js +26 -26
- package/dist/component/public/sso/core.js +263 -0
- package/dist/component/public/sso/domains.js +280 -0
- package/dist/component/public/{enterprise → sso}/scim.js +87 -87
- package/dist/component/public/sso/secrets.js +125 -0
- package/dist/component/public/{enterprise → sso}/webhooks.js +59 -59
- package/dist/component/public.js +9 -9
- package/dist/component/schema.d.ts +472 -393
- package/dist/component/schema.js +36 -35
- package/dist/core/index.d.ts +380 -0
- package/dist/core/index.js +83 -0
- package/dist/otel.d.ts +69 -0
- package/dist/otel.js +82 -0
- package/dist/providers/anonymous.d.ts +15 -34
- package/dist/providers/anonymous.js +27 -35
- package/dist/providers/apple.d.ts +59 -0
- package/dist/providers/apple.js +58 -0
- package/dist/providers/credentials.d.ts +18 -34
- package/dist/providers/credentials.js +16 -27
- package/dist/providers/custom.d.ts +94 -0
- package/dist/providers/custom.js +119 -0
- package/dist/providers/device.d.ts +15 -49
- package/dist/providers/device.js +17 -34
- package/dist/providers/email.d.ts +21 -38
- package/dist/providers/email.js +36 -55
- package/dist/providers/github.d.ts +54 -0
- package/dist/providers/github.js +75 -0
- package/dist/providers/google.d.ts +54 -0
- package/dist/providers/google.js +61 -0
- package/dist/providers/index.d.ts +16 -12
- package/dist/providers/index.js +15 -11
- package/dist/providers/microsoft.d.ts +57 -0
- package/dist/providers/microsoft.js +101 -0
- package/dist/providers/passkey.d.ts +19 -35
- package/dist/providers/passkey.js +20 -30
- package/dist/providers/password.d.ts +17 -18
- package/dist/providers/password.js +121 -143
- package/dist/providers/phone.d.ts +13 -28
- package/dist/providers/phone.js +21 -46
- package/dist/providers/sso.d.ts +16 -36
- package/dist/providers/sso.js +21 -22
- package/dist/providers/totp.d.ts +13 -29
- package/dist/providers/totp.js +17 -27
- package/dist/server/auth-context.d.ts +204 -0
- package/dist/server/auth-context.js +76 -0
- package/dist/server/auth.d.ts +99 -244
- package/dist/server/auth.js +56 -152
- package/dist/server/componentContext.d.ts +12 -0
- package/dist/server/componentContext.js +1 -0
- package/dist/server/config.js +6 -67
- package/dist/server/constants.js +6 -0
- package/dist/server/contract.d.ts +105 -0
- package/dist/server/contract.js +43 -0
- package/dist/server/cookies.js +3 -2
- package/dist/server/core.js +31 -36
- package/dist/server/crypto.js +34 -44
- package/dist/server/db.js +6 -1
- package/dist/server/device.js +96 -130
- package/dist/server/env.js +48 -0
- package/dist/server/errors.js +20 -0
- package/dist/server/http.d.ts +15 -59
- package/dist/server/http.js +136 -120
- package/dist/server/identity.js +2 -2
- package/dist/server/index.d.ts +5 -4
- package/dist/server/index.js +3 -3
- package/dist/server/keys.js +10 -1
- package/dist/server/limits.js +26 -26
- package/dist/server/log.js +28 -0
- package/dist/server/mounts.d.ts +1107 -296
- package/dist/server/mounts.js +315 -196
- package/dist/server/mutations/account.js +11 -14
- package/dist/server/mutations/code.js +6 -5
- package/dist/server/mutations/invalidate.js +9 -11
- package/dist/server/mutations/oauth.js +112 -73
- package/dist/server/mutations/refresh.js +47 -97
- package/dist/server/mutations/register.js +37 -35
- package/dist/server/mutations/retrieve.js +16 -16
- package/dist/server/mutations/signature.js +15 -18
- package/dist/server/mutations/signin.js +10 -5
- package/dist/server/mutations/signout.js +11 -14
- package/dist/server/mutations/store.js +25 -18
- package/dist/server/mutations/verifier.js +11 -8
- package/dist/server/mutations/verify.js +53 -41
- package/dist/server/oauth/factory.js +44 -0
- package/dist/server/oauth/index.js +12 -0
- package/dist/server/oauth/runtime.js +248 -0
- package/dist/server/passkey.js +331 -365
- package/dist/server/payloads.d.ts +16 -0
- package/dist/server/payloads.js +30 -0
- package/dist/server/{ssr.d.ts → prefetch.d.ts} +2 -2
- package/dist/server/prefetch.js +635 -0
- package/dist/server/random.js +19 -0
- package/dist/server/redirects.js +10 -5
- package/dist/server/refresh.js +14 -86
- package/dist/server/runtime.d.ts +531 -31
- package/dist/server/runtime.js +106 -267
- package/dist/server/secret.js +44 -0
- package/dist/server/services/config.js +10 -0
- package/dist/server/services/group.js +211 -0
- package/dist/server/services/logger.js +8 -0
- package/dist/server/services/providers.js +22 -0
- package/dist/server/services/refresh.js +8 -0
- package/dist/server/services/resolve.js +27 -0
- package/dist/server/services/signin.js +8 -0
- package/dist/server/sessions.js +35 -34
- package/dist/server/signin.js +229 -140
- package/dist/server/{enterprise → sso}/config.js +10 -3
- package/dist/server/sso/domain.d.ts +614 -0
- package/dist/server/sso/domain.js +1175 -0
- package/dist/server/sso/http.js +1060 -0
- package/dist/server/sso/oidc.js +324 -0
- package/dist/server/sso/policies.js +59 -0
- package/dist/server/sso/policy.js +139 -0
- package/dist/server/sso/profile.js +22 -0
- package/dist/server/sso/provision.js +179 -0
- package/dist/{component/server/enterprise → server/sso}/saml.js +142 -56
- package/dist/{component/server/enterprise → server/sso}/scim.js +13 -7
- package/dist/server/sso/shared.js +74 -0
- package/dist/server/sso/validators.js +88 -0
- package/dist/server/sso/webhook.js +94 -0
- package/dist/server/tokens.js +16 -4
- package/dist/server/totp.js +155 -164
- package/dist/server/types.d.ts +306 -296
- package/dist/server/types.js +1 -30
- package/dist/server/url.js +32 -0
- package/dist/server/users.js +74 -40
- package/dist/server/utils/cache.js +51 -0
- package/dist/server/utils/dispatch.js +36 -0
- package/dist/server/utils/retry.js +24 -0
- package/dist/server/utils/span.js +32 -0
- package/dist/shared/errors.js +19 -0
- package/dist/shared/log.js +45 -0
- package/{src/test.ts → dist/test.d.ts} +21 -22
- package/dist/test.js +51 -0
- package/package.json +70 -42
- package/dist/authorization/index.d.ts.map +0 -1
- package/dist/authorization/index.js.map +0 -1
- package/dist/client/core/types.d.ts.map +0 -1
- package/dist/client/index.d.ts.map +0 -1
- package/dist/client/index.js.map +0 -1
- package/dist/component/_generated/api.d.ts +0 -75
- package/dist/component/_generated/api.d.ts.map +0 -1
- package/dist/component/_generated/api.js.map +0 -1
- package/dist/component/_generated/component.d.ts.map +0 -1
- package/dist/component/_generated/dataModel.d.ts +0 -42
- package/dist/component/_generated/dataModel.d.ts.map +0 -1
- package/dist/component/_generated/server.d.ts +0 -117
- package/dist/component/_generated/server.d.ts.map +0 -1
- package/dist/component/_generated/server.js.map +0 -1
- package/dist/component/_virtual/rolldown_runtime.js +0 -18
- package/dist/component/client/core/types.d.ts +0 -2
- package/dist/component/client/index.d.ts +0 -1
- package/dist/component/convex.config.d.ts.map +0 -1
- package/dist/component/convex.config.js.map +0 -1
- package/dist/component/functions.d.ts +0 -25
- package/dist/component/functions.d.ts.map +0 -1
- package/dist/component/functions.js.map +0 -1
- package/dist/component/index.d.ts.map +0 -1
- package/dist/component/model.d.ts.map +0 -1
- package/dist/component/model.js.map +0 -1
- package/dist/component/providers/anonymous.d.ts +0 -54
- package/dist/component/providers/anonymous.d.ts.map +0 -1
- package/dist/component/providers/credentials.d.ts +0 -38
- package/dist/component/providers/credentials.d.ts.map +0 -1
- package/dist/component/providers/device.d.ts +0 -67
- package/dist/component/providers/device.d.ts.map +0 -1
- package/dist/component/providers/email.d.ts +0 -62
- package/dist/component/providers/email.d.ts.map +0 -1
- package/dist/component/providers/oauth.d.ts +0 -25
- package/dist/component/providers/oauth.d.ts.map +0 -1
- package/dist/component/providers/oauth.js +0 -13
- package/dist/component/providers/oauth.js.map +0 -1
- package/dist/component/providers/passkey.d.ts +0 -57
- package/dist/component/providers/passkey.d.ts.map +0 -1
- package/dist/component/providers/password.d.ts +0 -88
- package/dist/component/providers/password.d.ts.map +0 -1
- package/dist/component/providers/phone.d.ts +0 -48
- package/dist/component/providers/phone.d.ts.map +0 -1
- package/dist/component/providers/sso.d.ts +0 -50
- package/dist/component/providers/sso.d.ts.map +0 -1
- package/dist/component/providers/totp.d.ts +0 -45
- package/dist/component/providers/totp.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.d.ts +0 -73
- package/dist/component/public/enterprise/audit.d.ts.map +0 -1
- package/dist/component/public/enterprise/audit.js.map +0 -1
- package/dist/component/public/enterprise/core.d.ts +0 -176
- package/dist/component/public/enterprise/core.d.ts.map +0 -1
- package/dist/component/public/enterprise/core.js +0 -292
- package/dist/component/public/enterprise/core.js.map +0 -1
- package/dist/component/public/enterprise/domains.d.ts +0 -174
- package/dist/component/public/enterprise/domains.d.ts.map +0 -1
- package/dist/component/public/enterprise/domains.js +0 -271
- package/dist/component/public/enterprise/domains.js.map +0 -1
- package/dist/component/public/enterprise/scim.d.ts +0 -245
- package/dist/component/public/enterprise/scim.d.ts.map +0 -1
- package/dist/component/public/enterprise/scim.js.map +0 -1
- package/dist/component/public/enterprise/secrets.d.ts +0 -78
- package/dist/component/public/enterprise/secrets.d.ts.map +0 -1
- package/dist/component/public/enterprise/secrets.js +0 -118
- package/dist/component/public/enterprise/secrets.js.map +0 -1
- package/dist/component/public/enterprise/webhooks.d.ts +0 -211
- package/dist/component/public/enterprise/webhooks.d.ts.map +0 -1
- package/dist/component/public/enterprise/webhooks.js.map +0 -1
- package/dist/component/public/factors/devices.d.ts +0 -157
- package/dist/component/public/factors/devices.d.ts.map +0 -1
- package/dist/component/public/factors/devices.js.map +0 -1
- package/dist/component/public/factors/passkeys.d.ts +0 -175
- package/dist/component/public/factors/passkeys.d.ts.map +0 -1
- package/dist/component/public/factors/passkeys.js.map +0 -1
- package/dist/component/public/factors/totp.d.ts +0 -189
- package/dist/component/public/factors/totp.d.ts.map +0 -1
- package/dist/component/public/factors/totp.js.map +0 -1
- package/dist/component/public/groups/core.d.ts +0 -137
- package/dist/component/public/groups/core.d.ts.map +0 -1
- package/dist/component/public/groups/core.js.map +0 -1
- package/dist/component/public/groups/invites.d.ts +0 -217
- package/dist/component/public/groups/invites.d.ts.map +0 -1
- package/dist/component/public/groups/invites.js.map +0 -1
- package/dist/component/public/groups/members.d.ts +0 -204
- package/dist/component/public/groups/members.d.ts.map +0 -1
- package/dist/component/public/groups/members.js.map +0 -1
- package/dist/component/public/identity/accounts.d.ts +0 -147
- package/dist/component/public/identity/accounts.d.ts.map +0 -1
- package/dist/component/public/identity/accounts.js.map +0 -1
- package/dist/component/public/identity/codes.d.ts +0 -104
- package/dist/component/public/identity/codes.d.ts.map +0 -1
- package/dist/component/public/identity/codes.js.map +0 -1
- package/dist/component/public/identity/sessions.d.ts +0 -128
- package/dist/component/public/identity/sessions.d.ts.map +0 -1
- package/dist/component/public/identity/sessions.js.map +0 -1
- package/dist/component/public/identity/tokens.d.ts +0 -169
- package/dist/component/public/identity/tokens.d.ts.map +0 -1
- package/dist/component/public/identity/tokens.js.map +0 -1
- package/dist/component/public/identity/users.d.ts +0 -212
- package/dist/component/public/identity/users.d.ts.map +0 -1
- package/dist/component/public/identity/users.js.map +0 -1
- package/dist/component/public/identity/verifiers.d.ts +0 -116
- package/dist/component/public/identity/verifiers.d.ts.map +0 -1
- package/dist/component/public/identity/verifiers.js.map +0 -1
- package/dist/component/public/security/keys.d.ts +0 -209
- package/dist/component/public/security/keys.d.ts.map +0 -1
- package/dist/component/public/security/keys.js.map +0 -1
- package/dist/component/public/security/limits.d.ts +0 -114
- package/dist/component/public/security/limits.d.ts.map +0 -1
- package/dist/component/public/security/limits.js.map +0 -1
- package/dist/component/public.d.ts +0 -28
- package/dist/component/public.d.ts.map +0 -1
- package/dist/component/schema.d.ts.map +0 -1
- package/dist/component/schema.js.map +0 -1
- package/dist/component/server/auth.d.ts +0 -447
- package/dist/component/server/auth.d.ts.map +0 -1
- package/dist/component/server/auth.js +0 -254
- package/dist/component/server/auth.js.map +0 -1
- package/dist/component/server/config.js +0 -121
- package/dist/component/server/config.js.map +0 -1
- package/dist/component/server/context.js +0 -53
- package/dist/component/server/context.js.map +0 -1
- package/dist/component/server/cookies.js +0 -47
- package/dist/component/server/cookies.js.map +0 -1
- package/dist/component/server/core.js +0 -576
- package/dist/component/server/core.js.map +0 -1
- package/dist/component/server/crypto.js +0 -56
- package/dist/component/server/crypto.js.map +0 -1
- package/dist/component/server/db.js +0 -87
- package/dist/component/server/db.js.map +0 -1
- package/dist/component/server/device.js +0 -152
- package/dist/component/server/device.js.map +0 -1
- package/dist/component/server/enterprise/config.js +0 -46
- package/dist/component/server/enterprise/config.js.map +0 -1
- package/dist/component/server/enterprise/domain.js +0 -974
- package/dist/component/server/enterprise/domain.js.map +0 -1
- package/dist/component/server/enterprise/http.js +0 -787
- package/dist/component/server/enterprise/http.js.map +0 -1
- package/dist/component/server/enterprise/oidc.js +0 -248
- package/dist/component/server/enterprise/oidc.js.map +0 -1
- package/dist/component/server/enterprise/policy.js +0 -85
- package/dist/component/server/enterprise/policy.js.map +0 -1
- package/dist/component/server/enterprise/saml.js.map +0 -1
- package/dist/component/server/enterprise/scim.js.map +0 -1
- package/dist/component/server/enterprise/shared.js +0 -51
- package/dist/component/server/enterprise/shared.js.map +0 -1
- package/dist/component/server/http.d.ts +0 -85
- package/dist/component/server/http.d.ts.map +0 -1
- package/dist/component/server/http.js +0 -351
- package/dist/component/server/http.js.map +0 -1
- package/dist/component/server/identity.js +0 -16
- package/dist/component/server/identity.js.map +0 -1
- package/dist/component/server/keys.js +0 -96
- package/dist/component/server/keys.js.map +0 -1
- package/dist/component/server/limits.js +0 -52
- package/dist/component/server/limits.js.map +0 -1
- package/dist/component/server/mutations/account.js +0 -46
- package/dist/component/server/mutations/account.js.map +0 -1
- package/dist/component/server/mutations/code.js +0 -68
- package/dist/component/server/mutations/code.js.map +0 -1
- package/dist/component/server/mutations/invalidate.js +0 -32
- package/dist/component/server/mutations/invalidate.js.map +0 -1
- package/dist/component/server/mutations/oauth.js +0 -116
- package/dist/component/server/mutations/oauth.js.map +0 -1
- package/dist/component/server/mutations/refresh.js +0 -119
- package/dist/component/server/mutations/refresh.js.map +0 -1
- package/dist/component/server/mutations/register.js +0 -87
- package/dist/component/server/mutations/register.js.map +0 -1
- package/dist/component/server/mutations/retrieve.js +0 -61
- package/dist/component/server/mutations/retrieve.js.map +0 -1
- package/dist/component/server/mutations/signature.js +0 -38
- package/dist/component/server/mutations/signature.js.map +0 -1
- package/dist/component/server/mutations/signin.js +0 -27
- package/dist/component/server/mutations/signin.js.map +0 -1
- package/dist/component/server/mutations/signout.js +0 -27
- package/dist/component/server/mutations/signout.js.map +0 -1
- package/dist/component/server/mutations/store/refs.js +0 -15
- package/dist/component/server/mutations/store/refs.js.map +0 -1
- package/dist/component/server/mutations/store.js +0 -70
- package/dist/component/server/mutations/store.js.map +0 -1
- package/dist/component/server/mutations/verifier.js +0 -18
- package/dist/component/server/mutations/verifier.js.map +0 -1
- package/dist/component/server/mutations/verify.js +0 -98
- package/dist/component/server/mutations/verify.js.map +0 -1
- package/dist/component/server/oauth.js +0 -242
- package/dist/component/server/oauth.js.map +0 -1
- package/dist/component/server/passkey.js +0 -415
- package/dist/component/server/passkey.js.map +0 -1
- package/dist/component/server/redirects.js +0 -40
- package/dist/component/server/redirects.js.map +0 -1
- package/dist/component/server/refresh.js +0 -99
- package/dist/component/server/refresh.js.map +0 -1
- package/dist/component/server/runtime.d.ts +0 -136
- package/dist/component/server/runtime.d.ts.map +0 -1
- package/dist/component/server/runtime.js +0 -456
- package/dist/component/server/runtime.js.map +0 -1
- package/dist/component/server/sessions.js +0 -71
- package/dist/component/server/sessions.js.map +0 -1
- package/dist/component/server/signin.js +0 -225
- package/dist/component/server/signin.js.map +0 -1
- package/dist/component/server/tokens.js +0 -17
- package/dist/component/server/tokens.js.map +0 -1
- package/dist/component/server/totp.js +0 -208
- package/dist/component/server/totp.js.map +0 -1
- package/dist/component/server/types.d.ts +0 -949
- package/dist/component/server/types.d.ts.map +0 -1
- package/dist/component/server/types.js +0 -79
- package/dist/component/server/types.js.map +0 -1
- package/dist/component/server/users.js +0 -123
- package/dist/component/server/users.js.map +0 -1
- package/dist/component/server/utils.js +0 -140
- package/dist/component/server/utils.js.map +0 -1
- package/dist/core/types.d.ts +0 -361
- package/dist/core/types.d.ts.map +0 -1
- package/dist/factors/device.js +0 -104
- package/dist/factors/device.js.map +0 -1
- package/dist/factors/passkey.js.map +0 -1
- package/dist/factors/totp.js.map +0 -1
- package/dist/providers/anonymous.d.ts.map +0 -1
- package/dist/providers/anonymous.js.map +0 -1
- package/dist/providers/credentials.d.ts.map +0 -1
- package/dist/providers/credentials.js.map +0 -1
- package/dist/providers/device.d.ts.map +0 -1
- package/dist/providers/device.js.map +0 -1
- package/dist/providers/email.d.ts.map +0 -1
- package/dist/providers/email.js.map +0 -1
- package/dist/providers/oauth.d.ts +0 -69
- package/dist/providers/oauth.d.ts.map +0 -1
- package/dist/providers/oauth.js +0 -43
- package/dist/providers/oauth.js.map +0 -1
- package/dist/providers/passkey.d.ts.map +0 -1
- package/dist/providers/passkey.js.map +0 -1
- package/dist/providers/password.d.ts.map +0 -1
- package/dist/providers/password.js.map +0 -1
- package/dist/providers/phone.d.ts.map +0 -1
- package/dist/providers/phone.js.map +0 -1
- package/dist/providers/sso.d.ts.map +0 -1
- package/dist/providers/sso.js.map +0 -1
- package/dist/providers/totp.d.ts.map +0 -1
- package/dist/providers/totp.js.map +0 -1
- package/dist/runtime/browser.js +0 -68
- package/dist/runtime/browser.js.map +0 -1
- package/dist/runtime/invite.js.map +0 -1
- package/dist/runtime/proxy.js +0 -70
- package/dist/runtime/proxy.js.map +0 -1
- package/dist/runtime/storage.js +0 -37
- package/dist/runtime/storage.js.map +0 -1
- package/dist/server/auth.d.ts.map +0 -1
- package/dist/server/auth.js.map +0 -1
- package/dist/server/config.d.ts +0 -1
- package/dist/server/config.js.map +0 -1
- package/dist/server/context.d.ts +0 -1
- package/dist/server/context.js.map +0 -1
- package/dist/server/cookies.d.ts +0 -1
- package/dist/server/cookies.js.map +0 -1
- package/dist/server/core.d.ts +0 -1315
- package/dist/server/core.d.ts.map +0 -1
- package/dist/server/core.js.map +0 -1
- package/dist/server/crypto.d.ts +0 -8
- package/dist/server/crypto.d.ts.map +0 -1
- package/dist/server/crypto.js.map +0 -1
- package/dist/server/db.d.ts +0 -1
- package/dist/server/db.js.map +0 -1
- package/dist/server/device.d.ts +0 -1
- package/dist/server/device.js.map +0 -1
- package/dist/server/enterprise/config.d.ts +0 -1
- package/dist/server/enterprise/config.js.map +0 -1
- package/dist/server/enterprise/domain.d.ts +0 -401
- package/dist/server/enterprise/domain.d.ts.map +0 -1
- package/dist/server/enterprise/domain.js +0 -974
- package/dist/server/enterprise/domain.js.map +0 -1
- package/dist/server/enterprise/http.d.ts +0 -26
- package/dist/server/enterprise/http.d.ts.map +0 -1
- package/dist/server/enterprise/http.js +0 -787
- package/dist/server/enterprise/http.js.map +0 -1
- package/dist/server/enterprise/oidc.d.ts +0 -1
- package/dist/server/enterprise/oidc.js +0 -248
- package/dist/server/enterprise/oidc.js.map +0 -1
- package/dist/server/enterprise/policy.d.ts +0 -1
- package/dist/server/enterprise/policy.js +0 -85
- package/dist/server/enterprise/policy.js.map +0 -1
- package/dist/server/enterprise/saml.d.ts +0 -1
- package/dist/server/enterprise/saml.js +0 -338
- package/dist/server/enterprise/saml.js.map +0 -1
- package/dist/server/enterprise/scim.d.ts +0 -1
- package/dist/server/enterprise/scim.js +0 -97
- package/dist/server/enterprise/scim.js.map +0 -1
- package/dist/server/enterprise/shared.d.ts +0 -5
- package/dist/server/enterprise/shared.d.ts.map +0 -1
- package/dist/server/enterprise/shared.js +0 -51
- package/dist/server/enterprise/shared.js.map +0 -1
- package/dist/server/enterprise/validators.d.ts +0 -1
- package/dist/server/enterprise/validators.js +0 -60
- package/dist/server/enterprise/validators.js.map +0 -1
- package/dist/server/http.d.ts.map +0 -1
- package/dist/server/http.js.map +0 -1
- package/dist/server/identity.d.ts +0 -1
- package/dist/server/identity.js.map +0 -1
- package/dist/server/keys.d.ts +0 -1
- package/dist/server/keys.js.map +0 -1
- package/dist/server/limits.d.ts +0 -1
- package/dist/server/limits.js.map +0 -1
- package/dist/server/mounts.d.ts.map +0 -1
- package/dist/server/mounts.js.map +0 -1
- package/dist/server/mutations/account.d.ts +0 -29
- package/dist/server/mutations/account.d.ts.map +0 -1
- package/dist/server/mutations/account.js.map +0 -1
- package/dist/server/mutations/code.d.ts +0 -30
- package/dist/server/mutations/code.d.ts.map +0 -1
- package/dist/server/mutations/code.js.map +0 -1
- package/dist/server/mutations/index.d.ts +0 -14
- package/dist/server/mutations/invalidate.d.ts +0 -20
- package/dist/server/mutations/invalidate.d.ts.map +0 -1
- package/dist/server/mutations/invalidate.js.map +0 -1
- package/dist/server/mutations/oauth.d.ts +0 -30
- package/dist/server/mutations/oauth.d.ts.map +0 -1
- package/dist/server/mutations/oauth.js.map +0 -1
- package/dist/server/mutations/refresh.d.ts +0 -21
- package/dist/server/mutations/refresh.d.ts.map +0 -1
- package/dist/server/mutations/refresh.js.map +0 -1
- package/dist/server/mutations/register.d.ts +0 -38
- package/dist/server/mutations/register.d.ts.map +0 -1
- package/dist/server/mutations/register.js.map +0 -1
- package/dist/server/mutations/retrieve.d.ts +0 -33
- package/dist/server/mutations/retrieve.d.ts.map +0 -1
- package/dist/server/mutations/retrieve.js.map +0 -1
- package/dist/server/mutations/signature.d.ts +0 -21
- package/dist/server/mutations/signature.d.ts.map +0 -1
- package/dist/server/mutations/signature.js.map +0 -1
- package/dist/server/mutations/signin.d.ts +0 -22
- package/dist/server/mutations/signin.d.ts.map +0 -1
- package/dist/server/mutations/signin.js.map +0 -1
- package/dist/server/mutations/signout.d.ts +0 -16
- package/dist/server/mutations/signout.d.ts.map +0 -1
- package/dist/server/mutations/signout.js.map +0 -1
- package/dist/server/mutations/store/refs.d.ts +0 -12
- package/dist/server/mutations/store/refs.d.ts.map +0 -1
- package/dist/server/mutations/store/refs.js.map +0 -1
- package/dist/server/mutations/store.d.ts +0 -306
- package/dist/server/mutations/store.d.ts.map +0 -1
- package/dist/server/mutations/store.js.map +0 -1
- package/dist/server/mutations/verifier.d.ts +0 -13
- package/dist/server/mutations/verifier.d.ts.map +0 -1
- package/dist/server/mutations/verifier.js.map +0 -1
- package/dist/server/mutations/verify.d.ts +0 -26
- package/dist/server/mutations/verify.d.ts.map +0 -1
- package/dist/server/mutations/verify.js.map +0 -1
- package/dist/server/oauth.d.ts +0 -1
- package/dist/server/oauth.js +0 -242
- package/dist/server/oauth.js.map +0 -1
- package/dist/server/passkey.d.ts +0 -27
- package/dist/server/passkey.d.ts.map +0 -1
- package/dist/server/passkey.js.map +0 -1
- package/dist/server/redirects.d.ts +0 -1
- package/dist/server/redirects.js.map +0 -1
- package/dist/server/refresh.d.ts +0 -1
- package/dist/server/refresh.js.map +0 -1
- package/dist/server/runtime.d.ts.map +0 -1
- package/dist/server/runtime.js.map +0 -1
- package/dist/server/sessions.d.ts +0 -1
- package/dist/server/sessions.js.map +0 -1
- package/dist/server/signin.d.ts +0 -1
- package/dist/server/signin.js.map +0 -1
- package/dist/server/ssr.d.ts.map +0 -1
- package/dist/server/ssr.js +0 -777
- package/dist/server/ssr.js.map +0 -1
- package/dist/server/templates.d.ts +0 -1
- package/dist/server/templates.js.map +0 -1
- package/dist/server/tokens.d.ts +0 -1
- package/dist/server/tokens.js.map +0 -1
- package/dist/server/totp.d.ts +0 -1
- package/dist/server/totp.js.map +0 -1
- package/dist/server/types.d.ts.map +0 -1
- package/dist/server/types.js.map +0 -1
- package/dist/server/users.d.ts +0 -1
- package/dist/server/users.js.map +0 -1
- package/dist/server/utils.d.ts +0 -1
- package/dist/server/utils.js +0 -140
- package/dist/server/utils.js.map +0 -1
- package/src/authorization/index.ts +0 -83
- package/src/cli/bin.ts +0 -5
- package/src/cli/command.ts +0 -70
- package/src/cli/index.ts +0 -1112
- package/src/cli/keys.ts +0 -23
- package/src/client/core/types.ts +0 -437
- package/src/client/factors/device.ts +0 -158
- package/src/client/factors/passkey.ts +0 -279
- package/src/client/factors/totp.ts +0 -150
- package/src/client/index.ts +0 -1124
- package/src/client/runtime/browser.ts +0 -112
- package/src/client/runtime/invite.ts +0 -63
- package/src/client/runtime/proxy.ts +0 -111
- package/src/client/runtime/storage.ts +0 -79
- package/src/component/_generated/api.ts +0 -96
- package/src/component/_generated/component.ts +0 -3774
- package/src/component/_generated/dataModel.ts +0 -60
- package/src/component/_generated/server.ts +0 -156
- package/src/component/convex.config.ts +0 -5
- package/src/component/functions.ts +0 -104
- package/src/component/index.ts +0 -42
- package/src/component/model.ts +0 -449
- package/src/component/public/enterprise/audit.ts +0 -125
- package/src/component/public/enterprise/core.ts +0 -355
- package/src/component/public/enterprise/domains.ts +0 -327
- package/src/component/public/enterprise/scim.ts +0 -397
- package/src/component/public/enterprise/secrets.ts +0 -133
- package/src/component/public/enterprise/webhooks.ts +0 -307
- package/src/component/public/factors/devices.ts +0 -224
- package/src/component/public/factors/passkeys.ts +0 -243
- package/src/component/public/factors/totp.ts +0 -259
- package/src/component/public/groups/core.ts +0 -481
- package/src/component/public/groups/invites.ts +0 -608
- package/src/component/public/groups/members.ts +0 -410
- package/src/component/public/identity/accounts.ts +0 -207
- package/src/component/public/identity/codes.ts +0 -149
- package/src/component/public/identity/sessions.ts +0 -210
- package/src/component/public/identity/tokens.ts +0 -251
- package/src/component/public/identity/users.ts +0 -355
- package/src/component/public/identity/verifiers.ts +0 -158
- package/src/component/public/security/keys.ts +0 -366
- package/src/component/public/security/limits.ts +0 -174
- package/src/component/public.ts +0 -27
- package/src/component/schema.ts +0 -505
- package/src/providers/anonymous.ts +0 -99
- package/src/providers/credentials.ts +0 -102
- package/src/providers/device.ts +0 -87
- package/src/providers/email.ts +0 -99
- package/src/providers/index.ts +0 -31
- package/src/providers/oauth.ts +0 -117
- package/src/providers/passkey.ts +0 -77
- package/src/providers/password.ts +0 -441
- package/src/providers/phone.ts +0 -93
- package/src/providers/sso.ts +0 -54
- package/src/providers/totp.ts +0 -62
- package/src/samlify.d.ts +0 -53
- package/src/server/auth.ts +0 -949
- package/src/server/config.ts +0 -200
- package/src/server/context.ts +0 -90
- package/src/server/cookies.ts +0 -49
- package/src/server/core.ts +0 -2004
- package/src/server/crypto.ts +0 -90
- package/src/server/db.ts +0 -203
- package/src/server/device.ts +0 -254
- package/src/server/enterprise/config.ts +0 -51
- package/src/server/enterprise/domain.ts +0 -1739
- package/src/server/enterprise/http.ts +0 -1331
- package/src/server/enterprise/oidc.ts +0 -500
- package/src/server/enterprise/policy.ts +0 -128
- package/src/server/enterprise/saml.ts +0 -578
- package/src/server/enterprise/scim.ts +0 -135
- package/src/server/enterprise/shared.ts +0 -134
- package/src/server/enterprise/validators.ts +0 -93
- package/src/server/http.ts +0 -790
- package/src/server/identity.ts +0 -18
- package/src/server/index.ts +0 -40
- package/src/server/keys.ts +0 -158
- package/src/server/limits.ts +0 -107
- package/src/server/mounts.ts +0 -924
- package/src/server/mutations/account.ts +0 -62
- package/src/server/mutations/code.ts +0 -119
- package/src/server/mutations/index.ts +0 -13
- package/src/server/mutations/invalidate.ts +0 -50
- package/src/server/mutations/oauth.ts +0 -243
- package/src/server/mutations/refresh.ts +0 -299
- package/src/server/mutations/register.ts +0 -155
- package/src/server/mutations/retrieve.ts +0 -109
- package/src/server/mutations/signature.ts +0 -57
- package/src/server/mutations/signin.ts +0 -54
- package/src/server/mutations/signout.ts +0 -43
- package/src/server/mutations/store/refs.ts +0 -10
- package/src/server/mutations/store.ts +0 -123
- package/src/server/mutations/verifier.ts +0 -34
- package/src/server/mutations/verify.ts +0 -200
- package/src/server/oauth.ts +0 -418
- package/src/server/passkey.ts +0 -838
- package/src/server/redirects.ts +0 -59
- package/src/server/refresh.ts +0 -218
- package/src/server/runtime.ts +0 -918
- package/src/server/sessions.ts +0 -132
- package/src/server/signin.ts +0 -445
- package/src/server/ssr.ts +0 -1747
- package/src/server/templates.ts +0 -82
- package/src/server/tokens.ts +0 -35
- package/src/server/totp.ts +0 -399
- package/src/server/types.ts +0 -1942
- package/src/server/users.ts +0 -291
- package/src/server/utils.ts +0 -220
- /package/dist/{runtime → client/runtime}/invite.js +0 -0
|
@@ -1,217 +0,0 @@
|
|
|
1
|
-
declare namespace invites_d_exports {
|
|
2
|
-
export { inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke };
|
|
3
|
-
}
|
|
4
|
-
/**
|
|
5
|
-
* Create a new platform-level invitation. Optionally set `groupId` to tie
|
|
6
|
-
* the invite to a specific group. The invitation is sent to an email address
|
|
7
|
-
* and includes a hashed token for secure acceptance.
|
|
8
|
-
*
|
|
9
|
-
* Throws `ConvexError` with code `DUPLICATE_INVITE` when a pending invite
|
|
10
|
-
* already exists for the same email and scope:
|
|
11
|
-
* - group invite: same `email` + same `groupId`
|
|
12
|
-
* - platform invite: same `email` with no `groupId`
|
|
13
|
-
*
|
|
14
|
-
* When a duplicate check finds an existing invite that has passed its
|
|
15
|
-
* `expiresTime`, that invite is automatically marked as `"expired"` and the
|
|
16
|
-
* new invite is allowed through. CLI-generated invites (no email) skip
|
|
17
|
-
* duplicate detection entirely.
|
|
18
|
-
*
|
|
19
|
-
* @param args.groupId - Optional `Id<"Group">` to scope this invite to a specific group. Omit for a platform-wide invite.
|
|
20
|
-
* @param args.invitedByUserId - Optional `Id<"User">` of the user who issued the invitation.
|
|
21
|
-
* @param args.email - Optional email address of the invitee. When provided, duplicate detection is enforced.
|
|
22
|
-
* @param args.tokenHash - A pre-hashed token string used for secure, URL-safe invite acceptance.
|
|
23
|
-
* @param args.roleIds - Optional array of application-defined role identifiers to assign upon acceptance.
|
|
24
|
-
* @param args.status - The initial status of the invite (typically `"pending"`).
|
|
25
|
-
* @param args.expiresTime - Optional Unix timestamp (ms) after which the invite is considered expired.
|
|
26
|
-
* @param args.extend - Optional arbitrary payload for application-specific metadata.
|
|
27
|
-
* @returns The `Id<"GroupInvite">` of the newly created invite document.
|
|
28
|
-
*
|
|
29
|
-
* @example
|
|
30
|
-
* ```ts
|
|
31
|
-
* const inviteId = await ctx.runMutation(
|
|
32
|
-
* components.auth.groups.inviteCreate,
|
|
33
|
-
* {
|
|
34
|
-
* groupId: teamGroupId,
|
|
35
|
-
* invitedByUserId: currentUserId,
|
|
36
|
-
* email: "alice@example.com",
|
|
37
|
-
* tokenHash: hashedToken,
|
|
38
|
-
* roleIds: ["editor"],
|
|
39
|
-
* status: "pending",
|
|
40
|
-
* expiresTime: Date.now() + 7 * 24 * 60 * 60 * 1000, // 7 days
|
|
41
|
-
* },
|
|
42
|
-
* );
|
|
43
|
-
* ```
|
|
44
|
-
*/
|
|
45
|
-
declare const inviteCreate: any;
|
|
46
|
-
/**
|
|
47
|
-
* Retrieve an invite by its document ID.
|
|
48
|
-
*
|
|
49
|
-
* Performs a direct lookup in the `GroupInvite` table and returns the full
|
|
50
|
-
* invite document, or `null` if no invite exists with the given ID.
|
|
51
|
-
*
|
|
52
|
-
* @param args.inviteId - The `Id<"GroupInvite">` of the invite to retrieve.
|
|
53
|
-
* @returns The invite document (including `email`, `status`, `groupId`, `tokenHash`, etc.) or `null` if not found.
|
|
54
|
-
*
|
|
55
|
-
* @example
|
|
56
|
-
* ```ts
|
|
57
|
-
* const invite = await ctx.runQuery(components.auth.groups.inviteGet, {
|
|
58
|
-
* inviteId: existingInviteId,
|
|
59
|
-
* });
|
|
60
|
-
* if (invite !== null) {
|
|
61
|
-
* console.log(invite.email, invite.status);
|
|
62
|
-
* }
|
|
63
|
-
* ```
|
|
64
|
-
*/
|
|
65
|
-
declare const inviteGet: any;
|
|
66
|
-
/**
|
|
67
|
-
* Retrieve an invite by its hashed token.
|
|
68
|
-
*
|
|
69
|
-
* Looks up the `GroupInvite` table using the `token_hash` index. This is
|
|
70
|
-
* the primary mechanism for resolving an invite from a URL-embedded token.
|
|
71
|
-
* Returns `null` if no invite matches the given hash.
|
|
72
|
-
*
|
|
73
|
-
* @param args.tokenHash - The hashed token string to look up (must match the value stored at creation time).
|
|
74
|
-
* @returns The invite document or `null` if no invite exists with the given token hash.
|
|
75
|
-
*
|
|
76
|
-
* @example
|
|
77
|
-
* ```ts
|
|
78
|
-
* const invite = await ctx.runQuery(
|
|
79
|
-
* components.auth.groups.inviteGetByTokenHash,
|
|
80
|
-
* { tokenHash: "sha256_abc123..." },
|
|
81
|
-
* );
|
|
82
|
-
* if (invite !== null && invite.status === "pending") {
|
|
83
|
-
* // proceed with acceptance flow
|
|
84
|
-
* }
|
|
85
|
-
* ```
|
|
86
|
-
*/
|
|
87
|
-
declare const inviteGetByTokenHash: any;
|
|
88
|
-
/**
|
|
89
|
-
* List invites with optional filtering, sorting, and pagination.
|
|
90
|
-
*
|
|
91
|
-
* Returns `{ items, nextCursor }`. Supports filtering by `groupId`,
|
|
92
|
-
* `status`, `email`, `invitedByUserId`, `roleId`, `acceptedByUserId`, and
|
|
93
|
-
* `tokenHash`. The query engine automatically selects the best compound
|
|
94
|
-
* index based on the combination of filter fields provided. The `roleId`
|
|
95
|
-
* filter is applied in-memory after the index scan because role IDs are
|
|
96
|
-
* stored as an array.
|
|
97
|
-
*
|
|
98
|
-
* @param args.where - Optional filter criteria for narrowing results.
|
|
99
|
-
* @param args.where.tokenHash - Match invites with this exact hashed token.
|
|
100
|
-
* @param args.where.groupId - Match invites scoped to this group.
|
|
101
|
-
* @param args.where.status - Match invites with this status (e.g. `"pending"`, `"accepted"`, `"revoked"`).
|
|
102
|
-
* @param args.where.email - Match invites sent to this email address.
|
|
103
|
-
* @param args.where.invitedByUserId - Match invites created by this user.
|
|
104
|
-
* @param args.where.roleId - Match invites that include this role identifier in their `roleIds` array.
|
|
105
|
-
* @param args.where.acceptedByUserId - Match invites accepted by this specific user.
|
|
106
|
-
* @param args.limit - Maximum number of items per page (clamped to 1..100, defaults to 50).
|
|
107
|
-
* @param args.cursor - An opaque cursor string from a previous response's `nextCursor` to fetch the next page, or `null` to start from the beginning.
|
|
108
|
-
* @param args.orderBy - The field to sort by: `"_creationTime"`, `"status"`, `"email"`, `"expiresTime"`, or `"acceptedTime"`.
|
|
109
|
-
* @param args.order - Sort direction: `"asc"` or `"desc"` (defaults to `"desc"`).
|
|
110
|
-
* @returns An object `{ items, nextCursor }` where `items` is an array of invite documents and `nextCursor` is `null` when there are no more pages.
|
|
111
|
-
*
|
|
112
|
-
* @example
|
|
113
|
-
* ```ts
|
|
114
|
-
* const { items, nextCursor } = await ctx.runQuery(
|
|
115
|
-
* components.auth.groups.inviteList,
|
|
116
|
-
* {
|
|
117
|
-
* where: { groupId: teamGroupId, status: "pending" },
|
|
118
|
-
* limit: 25,
|
|
119
|
-
* order: "desc",
|
|
120
|
-
* },
|
|
121
|
-
* );
|
|
122
|
-
* ```
|
|
123
|
-
*/
|
|
124
|
-
declare const inviteList: any;
|
|
125
|
-
/**
|
|
126
|
-
* Accept a pending invitation.
|
|
127
|
-
*
|
|
128
|
-
* Marks the invite as `"accepted"` and records the acceptance timestamp.
|
|
129
|
-
* Throws a structured `ConvexError` when the invite doesn't exist or is not
|
|
130
|
-
* currently pending. If the invite has passed its `expiresTime`, it is
|
|
131
|
-
* automatically transitioned to `"expired"` and the acceptance is rejected.
|
|
132
|
-
*
|
|
133
|
-
* The caller is responsible for creating the corresponding member record
|
|
134
|
-
* (see {@link inviteAcceptByToken} for an all-in-one alternative that also
|
|
135
|
-
* handles membership).
|
|
136
|
-
*
|
|
137
|
-
* @param args.inviteId - The `Id<"GroupInvite">` of the invite to accept.
|
|
138
|
-
* @param args.acceptedByUserId - Optional `Id<"User">` of the user accepting the invite. Stored on the invite for audit purposes.
|
|
139
|
-
* @returns `null` on success.
|
|
140
|
-
* @throws `ConvexError` with code `INVITE_NOT_FOUND` if the invite does not exist.
|
|
141
|
-
* @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has already been accepted, revoked, or otherwise finalized.
|
|
142
|
-
* @throws `ConvexError` with code `INVITE_EXPIRED` if the invite's `expiresTime` has passed.
|
|
143
|
-
*
|
|
144
|
-
* @example
|
|
145
|
-
* ```ts
|
|
146
|
-
* await ctx.runMutation(components.auth.groups.inviteAccept, {
|
|
147
|
-
* inviteId: pendingInviteId,
|
|
148
|
-
* acceptedByUserId: currentUserId,
|
|
149
|
-
* });
|
|
150
|
-
* ```
|
|
151
|
-
*/
|
|
152
|
-
declare const inviteAccept: any;
|
|
153
|
-
/**
|
|
154
|
-
* Accept an invitation by raw token hash and atomically join group membership.
|
|
155
|
-
*
|
|
156
|
-
* This is the primary token-based acceptance flow. It looks up the invite by
|
|
157
|
-
* `tokenHash`, validates status and expiry, verifies the accepting user's
|
|
158
|
-
* email matches the invite email (when set), and — if the invite is scoped
|
|
159
|
-
* to a group — creates a `GroupMember` record in the same transaction.
|
|
160
|
-
*
|
|
161
|
-
* The operation is idempotent: if the invite was already accepted by the
|
|
162
|
-
* same user, it returns a result with `inviteStatus: "already_accepted"`
|
|
163
|
-
* and the existing membership information.
|
|
164
|
-
*
|
|
165
|
-
* @param args.tokenHash - The hashed token string that identifies the invite (typically extracted from an invite URL).
|
|
166
|
-
* @param args.acceptedByUserId - The `Id<"User">` of the user accepting the invitation. Their email must match the invite's email when one was specified.
|
|
167
|
-
* @returns An object describing the outcome:
|
|
168
|
-
* - `inviteId` — the ID of the accepted invite.
|
|
169
|
-
* - `groupId` — the group the invite targets, or `null` for platform invites.
|
|
170
|
-
* - `memberId` — the ID of the created (or existing) member record, or `undefined` for platform invites.
|
|
171
|
-
* - `inviteStatus` — `"accepted"` for a fresh acceptance, `"already_accepted"` for idempotent replays.
|
|
172
|
-
* - `membershipStatus` — `"joined"`, `"already_joined"`, or `"not_applicable"`.
|
|
173
|
-
* @throws `ConvexError` with code `INVITE_NOT_FOUND` if no invite matches the token hash.
|
|
174
|
-
* @throws `ConvexError` with code `INVITE_EXPIRED` if the invite's `expiresTime` has passed.
|
|
175
|
-
* @throws `ConvexError` with code `INVITE_ALREADY_ACCEPTED` if the invite was accepted by a different user.
|
|
176
|
-
* @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has been revoked or is in another non-pending state.
|
|
177
|
-
* @throws `ConvexError` with code `INVITE_EMAIL_MISMATCH` if the accepting user's email does not match the invite's email.
|
|
178
|
-
*
|
|
179
|
-
* @example
|
|
180
|
-
* ```ts
|
|
181
|
-
* const result = await ctx.runMutation(
|
|
182
|
-
* components.auth.groups.inviteAcceptByToken,
|
|
183
|
-
* {
|
|
184
|
-
* tokenHash: "sha256_abc123...",
|
|
185
|
-
* acceptedByUserId: currentUserId,
|
|
186
|
-
* },
|
|
187
|
-
* );
|
|
188
|
-
* if (result.membershipStatus === "joined") {
|
|
189
|
-
* console.log("Joined group", result.groupId, "as member", result.memberId);
|
|
190
|
-
* }
|
|
191
|
-
* ```
|
|
192
|
-
*/
|
|
193
|
-
declare const inviteAcceptByToken: any;
|
|
194
|
-
/**
|
|
195
|
-
* Revoke a pending invitation.
|
|
196
|
-
*
|
|
197
|
-
* Marks the invite as `"revoked"`. Only invites with status `"pending"` can
|
|
198
|
-
* be revoked. Throws a structured `ConvexError` when the invite doesn't
|
|
199
|
-
* exist or is not currently pending. Once revoked, the invite's token can
|
|
200
|
-
* no longer be used for acceptance.
|
|
201
|
-
*
|
|
202
|
-
* @param args.inviteId - The `Id<"GroupInvite">` of the invite to revoke.
|
|
203
|
-
* @returns `null` on success.
|
|
204
|
-
* @throws `ConvexError` with code `INVITE_NOT_FOUND` if the invite does not exist.
|
|
205
|
-
* @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has already been accepted, revoked, or expired.
|
|
206
|
-
*
|
|
207
|
-
* @example
|
|
208
|
-
* ```ts
|
|
209
|
-
* await ctx.runMutation(components.auth.groups.inviteRevoke, {
|
|
210
|
-
* inviteId: pendingInviteId,
|
|
211
|
-
* });
|
|
212
|
-
* ```
|
|
213
|
-
*/
|
|
214
|
-
declare const inviteRevoke: any;
|
|
215
|
-
//#endregion
|
|
216
|
-
export { inviteAccept, inviteAcceptByToken, inviteCreate, inviteGet, inviteGetByTokenHash, inviteList, inviteRevoke, invites_d_exports };
|
|
217
|
-
//# sourceMappingURL=invites.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"invites.d.ts","names":[],"sources":["../../../../src/component/public/groups/invites.ts"],"mappings":";;;;;;;;;;;;;;;AAoDA;;;;;AAiGA;;;;;AA6BA;;;;;AA+CA;;;;;AAmJA;;;;;AAkFA;;;;cAlZa,YAAA;AAohBb;;;;;;;;;;;;;;;;;;;AAAA,cAnba,SAAA;;;;;;;;;;;;;;;;;;;;;;cA6BA,oBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA+CA,UAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAmJA,YAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAkFA,mBAAA;;;;;;;;;;;;;;;;;;;;;cAkIA,YAAA"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"invites.js","names":[],"sources":["../../../../src/component/public/groups/invites.ts"],"sourcesContent":["import { ConvexError, v } from \"convex/values\";\n\nimport type { Id } from \"../../_generated/dataModel\";\nimport { mutation, query } from \"../../functions\";\nimport {\n vGroupInviteDoc,\n vInviteAcceptByTokenResult,\n vInviteStatus,\n vPaginated,\n} from \"../../model\";\n\n/**\n * Create a new platform-level invitation. Optionally set `groupId` to tie\n * the invite to a specific group. The invitation is sent to an email address\n * and includes a hashed token for secure acceptance.\n *\n * Throws `ConvexError` with code `DUPLICATE_INVITE` when a pending invite\n * already exists for the same email and scope:\n * - group invite: same `email` + same `groupId`\n * - platform invite: same `email` with no `groupId`\n *\n * When a duplicate check finds an existing invite that has passed its\n * `expiresTime`, that invite is automatically marked as `\"expired\"` and the\n * new invite is allowed through. CLI-generated invites (no email) skip\n * duplicate detection entirely.\n *\n * @param args.groupId - Optional `Id<\"Group\">` to scope this invite to a specific group. Omit for a platform-wide invite.\n * @param args.invitedByUserId - Optional `Id<\"User\">` of the user who issued the invitation.\n * @param args.email - Optional email address of the invitee. When provided, duplicate detection is enforced.\n * @param args.tokenHash - A pre-hashed token string used for secure, URL-safe invite acceptance.\n * @param args.roleIds - Optional array of application-defined role identifiers to assign upon acceptance.\n * @param args.status - The initial status of the invite (typically `\"pending\"`).\n * @param args.expiresTime - Optional Unix timestamp (ms) after which the invite is considered expired.\n * @param args.extend - Optional arbitrary payload for application-specific metadata.\n * @returns The `Id<\"GroupInvite\">` of the newly created invite document.\n *\n * @example\n * ```ts\n * const inviteId = await ctx.runMutation(\n * components.auth.groups.inviteCreate,\n * {\n * groupId: teamGroupId,\n * invitedByUserId: currentUserId,\n * email: \"alice@example.com\",\n * tokenHash: hashedToken,\n * roleIds: [\"editor\"],\n * status: \"pending\",\n * expiresTime: Date.now() + 7 * 24 * 60 * 60 * 1000, // 7 days\n * },\n * );\n * ```\n */\nexport const inviteCreate = mutation({\n args: {\n groupId: v.optional(v.id(\"Group\")),\n invitedByUserId: v.optional(v.id(\"User\")),\n email: v.optional(v.string()),\n tokenHash: v.string(),\n roleIds: v.optional(v.array(v.string())),\n status: vInviteStatus,\n expiresTime: v.optional(v.number()),\n extend: v.optional(v.any()),\n },\n returns: v.id(\"GroupInvite\"),\n handler: async (ctx, args) => {\n const now = Date.now();\n\n // Only check for duplicates when an email is provided.\n // CLI-generated invites (no email) are always allowed.\n if (args.email !== undefined) {\n if (args.groupId !== undefined) {\n const existingGroupInvites = await ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"group_id_status\", (q) =>\n q.eq(\"groupId\", args.groupId).eq(\"status\", \"pending\"),\n )\n .filter((q) => q.eq(q.field(\"email\"), args.email))\n .collect();\n\n for (const existingGroupInvite of existingGroupInvites) {\n const isExpired =\n existingGroupInvite.expiresTime !== undefined &&\n existingGroupInvite.expiresTime <= now;\n if (isExpired) {\n await ctx.db.patch(\"GroupInvite\", existingGroupInvite._id, {\n status: \"expired\",\n });\n continue;\n }\n throw new ConvexError({\n code: \"DUPLICATE_INVITE\",\n message:\n \"A pending invite already exists for this email in this group\",\n email: args.email,\n groupId: args.groupId,\n existingInviteId: existingGroupInvite._id,\n });\n }\n } else {\n const existingPlatformInvites = await ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"email_status\", (q) =>\n q.eq(\"email\", args.email).eq(\"status\", \"pending\"),\n )\n .filter((q) => q.eq(q.field(\"groupId\"), undefined))\n .collect();\n\n for (const existingPlatformInvite of existingPlatformInvites) {\n const isExpired =\n existingPlatformInvite.expiresTime !== undefined &&\n existingPlatformInvite.expiresTime <= now;\n if (isExpired) {\n await ctx.db.patch(\"GroupInvite\", existingPlatformInvite._id, {\n status: \"expired\",\n });\n continue;\n }\n throw new ConvexError({\n code: \"DUPLICATE_INVITE\",\n message: \"A pending platform invite already exists for this email\",\n email: args.email,\n existingInviteId: existingPlatformInvite._id,\n });\n }\n }\n }\n return await ctx.db.insert(\"GroupInvite\", args);\n },\n});\n\n/**\n * Retrieve an invite by its document ID.\n *\n * Performs a direct lookup in the `GroupInvite` table and returns the full\n * invite document, or `null` if no invite exists with the given ID.\n *\n * @param args.inviteId - The `Id<\"GroupInvite\">` of the invite to retrieve.\n * @returns The invite document (including `email`, `status`, `groupId`, `tokenHash`, etc.) or `null` if not found.\n *\n * @example\n * ```ts\n * const invite = await ctx.runQuery(components.auth.groups.inviteGet, {\n * inviteId: existingInviteId,\n * });\n * if (invite !== null) {\n * console.log(invite.email, invite.status);\n * }\n * ```\n */\nexport const inviteGet = query({\n args: { inviteId: v.id(\"GroupInvite\") },\n returns: v.union(vGroupInviteDoc, v.null()),\n handler: async (ctx, { inviteId }) => {\n return await ctx.db.get(\"GroupInvite\", inviteId);\n },\n});\n\n/**\n * Retrieve an invite by its hashed token.\n *\n * Looks up the `GroupInvite` table using the `token_hash` index. This is\n * the primary mechanism for resolving an invite from a URL-embedded token.\n * Returns `null` if no invite matches the given hash.\n *\n * @param args.tokenHash - The hashed token string to look up (must match the value stored at creation time).\n * @returns The invite document or `null` if no invite exists with the given token hash.\n *\n * @example\n * ```ts\n * const invite = await ctx.runQuery(\n * components.auth.groups.inviteGetByTokenHash,\n * { tokenHash: \"sha256_abc123...\" },\n * );\n * if (invite !== null && invite.status === \"pending\") {\n * // proceed with acceptance flow\n * }\n * ```\n */\nexport const inviteGetByTokenHash = query({\n args: { tokenHash: v.string() },\n returns: v.union(vGroupInviteDoc, v.null()),\n handler: async (ctx, { tokenHash }) => {\n return await ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"token_hash\", (q) => q.eq(\"tokenHash\", tokenHash))\n .first();\n },\n});\n\n/**\n * List invites with optional filtering, sorting, and pagination.\n *\n * Returns `{ items, nextCursor }`. Supports filtering by `groupId`,\n * `status`, `email`, `invitedByUserId`, `roleId`, `acceptedByUserId`, and\n * `tokenHash`. The query engine automatically selects the best compound\n * index based on the combination of filter fields provided. The `roleId`\n * filter is applied in-memory after the index scan because role IDs are\n * stored as an array.\n *\n * @param args.where - Optional filter criteria for narrowing results.\n * @param args.where.tokenHash - Match invites with this exact hashed token.\n * @param args.where.groupId - Match invites scoped to this group.\n * @param args.where.status - Match invites with this status (e.g. `\"pending\"`, `\"accepted\"`, `\"revoked\"`).\n * @param args.where.email - Match invites sent to this email address.\n * @param args.where.invitedByUserId - Match invites created by this user.\n * @param args.where.roleId - Match invites that include this role identifier in their `roleIds` array.\n * @param args.where.acceptedByUserId - Match invites accepted by this specific user.\n * @param args.limit - Maximum number of items per page (clamped to 1..100, defaults to 50).\n * @param args.cursor - An opaque cursor string from a previous response's `nextCursor` to fetch the next page, or `null` to start from the beginning.\n * @param args.orderBy - The field to sort by: `\"_creationTime\"`, `\"status\"`, `\"email\"`, `\"expiresTime\"`, or `\"acceptedTime\"`.\n * @param args.order - Sort direction: `\"asc\"` or `\"desc\"` (defaults to `\"desc\"`).\n * @returns An object `{ items, nextCursor }` where `items` is an array of invite documents and `nextCursor` is `null` when there are no more pages.\n *\n * @example\n * ```ts\n * const { items, nextCursor } = await ctx.runQuery(\n * components.auth.groups.inviteList,\n * {\n * where: { groupId: teamGroupId, status: \"pending\" },\n * limit: 25,\n * order: \"desc\",\n * },\n * );\n * ```\n */\nexport const inviteList = query({\n args: {\n where: v.optional(\n v.object({\n tokenHash: v.optional(v.string()),\n groupId: v.optional(v.id(\"Group\")),\n status: v.optional(vInviteStatus),\n email: v.optional(v.string()),\n invitedByUserId: v.optional(v.id(\"User\")),\n roleId: v.optional(v.string()),\n acceptedByUserId: v.optional(v.id(\"User\")),\n }),\n ),\n limit: v.optional(v.number()),\n cursor: v.optional(v.union(v.string(), v.null())),\n orderBy: v.optional(\n v.union(\n v.literal(\"_creationTime\"),\n v.literal(\"status\"),\n v.literal(\"email\"),\n v.literal(\"expiresTime\"),\n v.literal(\"acceptedTime\"),\n ),\n ),\n order: v.optional(v.union(v.literal(\"asc\"), v.literal(\"desc\"))),\n },\n returns: vPaginated(vGroupInviteDoc),\n handler: async (ctx, args) => {\n const where = args.where ?? {};\n const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);\n const order = args.order ?? \"desc\";\n\n // Pick best index\n let q;\n if (where.tokenHash !== undefined) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"token_hash\", (idx) =>\n idx.eq(\"tokenHash\", where.tokenHash!),\n );\n } else if (where.groupId !== undefined && where.status !== undefined) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"group_id_status\", (idx) =>\n idx.eq(\"groupId\", where.groupId!).eq(\"status\", where.status!),\n );\n } else if (where.email !== undefined && where.status !== undefined) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"email_status\", (idx) =>\n idx.eq(\"email\", where.email!).eq(\"status\", where.status!),\n );\n } else if (\n where.invitedByUserId !== undefined &&\n where.status !== undefined\n ) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"invited_by_user_id_status\", (idx) =>\n idx\n .eq(\"invitedByUserId\", where.invitedByUserId!)\n .eq(\"status\", where.status!),\n );\n } else if (where.groupId !== undefined) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"group_id\", (idx) => idx.eq(\"groupId\", where.groupId!));\n } else if (where.status !== undefined) {\n q = ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"status\", (idx) => idx.eq(\"status\", where.status!));\n } else {\n q = ctx.db.query(\"GroupInvite\");\n }\n\n // Apply remaining filters\n if (where.groupId !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"groupId\"), where.groupId!));\n }\n if (where.status !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"status\"), where.status!));\n }\n if (where.email !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"email\"), where.email!));\n }\n if (where.invitedByUserId !== undefined) {\n q = q.filter((f) =>\n f.eq(f.field(\"invitedByUserId\"), where.invitedByUserId!),\n );\n }\n if (where.acceptedByUserId !== undefined) {\n q = q.filter((f) =>\n f.eq(f.field(\"acceptedByUserId\"), where.acceptedByUserId!),\n );\n }\n if (where.tokenHash !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"tokenHash\"), where.tokenHash!));\n }\n\n q = q.order(order);\n\n let all = await q.collect();\n if (where.roleId !== undefined) {\n all = all.filter((doc) => (doc.roleIds ?? []).includes(where.roleId!));\n }\n let startIdx = 0;\n if (args.cursor) {\n const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);\n if (cursorIdx !== -1) {\n startIdx = cursorIdx + 1;\n }\n }\n const page = all.slice(startIdx, startIdx + limit + 1);\n const hasMore = page.length > limit;\n const items = hasMore ? page.slice(0, limit) : page;\n const nextCursor = hasMore ? items[items.length - 1]._id : null;\n return { items, nextCursor };\n },\n});\n\n/**\n * Accept a pending invitation.\n *\n * Marks the invite as `\"accepted\"` and records the acceptance timestamp.\n * Throws a structured `ConvexError` when the invite doesn't exist or is not\n * currently pending. If the invite has passed its `expiresTime`, it is\n * automatically transitioned to `\"expired\"` and the acceptance is rejected.\n *\n * The caller is responsible for creating the corresponding member record\n * (see {@link inviteAcceptByToken} for an all-in-one alternative that also\n * handles membership).\n *\n * @param args.inviteId - The `Id<\"GroupInvite\">` of the invite to accept.\n * @param args.acceptedByUserId - Optional `Id<\"User\">` of the user accepting the invite. Stored on the invite for audit purposes.\n * @returns `null` on success.\n * @throws `ConvexError` with code `INVITE_NOT_FOUND` if the invite does not exist.\n * @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has already been accepted, revoked, or otherwise finalized.\n * @throws `ConvexError` with code `INVITE_EXPIRED` if the invite's `expiresTime` has passed.\n *\n * @example\n * ```ts\n * await ctx.runMutation(components.auth.groups.inviteAccept, {\n * inviteId: pendingInviteId,\n * acceptedByUserId: currentUserId,\n * });\n * ```\n */\nexport const inviteAccept = mutation({\n args: {\n inviteId: v.id(\"GroupInvite\"),\n acceptedByUserId: v.optional(v.id(\"User\")),\n },\n returns: v.null(),\n handler: async (ctx, { inviteId, acceptedByUserId }) => {\n const invite = await ctx.db.get(\"GroupInvite\", inviteId);\n if (invite === null) {\n throw new ConvexError({\n code: \"INVITE_NOT_FOUND\",\n message: \"Invite not found\",\n inviteId,\n });\n }\n if (invite.status !== \"pending\") {\n throw new ConvexError({\n code: \"INVITE_NOT_PENDING\",\n message: `Cannot accept invite with status \"${invite.status}\"`,\n inviteId,\n currentStatus: invite.status,\n });\n }\n if (invite.expiresTime !== undefined && invite.expiresTime <= Date.now()) {\n await ctx.db.patch(\"GroupInvite\", inviteId, {\n status: \"expired\",\n });\n throw new ConvexError({\n code: \"INVITE_EXPIRED\",\n message: \"Invite has expired\",\n inviteId,\n });\n }\n await ctx.db.patch(\"GroupInvite\", inviteId, {\n status: \"accepted\",\n acceptedTime: Date.now(),\n ...(acceptedByUserId ? { acceptedByUserId } : {}),\n });\n return null;\n },\n});\n\n/**\n * Accept an invitation by raw token hash and atomically join group membership.\n *\n * This is the primary token-based acceptance flow. It looks up the invite by\n * `tokenHash`, validates status and expiry, verifies the accepting user's\n * email matches the invite email (when set), and — if the invite is scoped\n * to a group — creates a `GroupMember` record in the same transaction.\n *\n * The operation is idempotent: if the invite was already accepted by the\n * same user, it returns a result with `inviteStatus: \"already_accepted\"`\n * and the existing membership information.\n *\n * @param args.tokenHash - The hashed token string that identifies the invite (typically extracted from an invite URL).\n * @param args.acceptedByUserId - The `Id<\"User\">` of the user accepting the invitation. Their email must match the invite's email when one was specified.\n * @returns An object describing the outcome:\n * - `inviteId` — the ID of the accepted invite.\n * - `groupId` — the group the invite targets, or `null` for platform invites.\n * - `memberId` — the ID of the created (or existing) member record, or `undefined` for platform invites.\n * - `inviteStatus` — `\"accepted\"` for a fresh acceptance, `\"already_accepted\"` for idempotent replays.\n * - `membershipStatus` — `\"joined\"`, `\"already_joined\"`, or `\"not_applicable\"`.\n * @throws `ConvexError` with code `INVITE_NOT_FOUND` if no invite matches the token hash.\n * @throws `ConvexError` with code `INVITE_EXPIRED` if the invite's `expiresTime` has passed.\n * @throws `ConvexError` with code `INVITE_ALREADY_ACCEPTED` if the invite was accepted by a different user.\n * @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has been revoked or is in another non-pending state.\n * @throws `ConvexError` with code `INVITE_EMAIL_MISMATCH` if the accepting user's email does not match the invite's email.\n *\n * @example\n * ```ts\n * const result = await ctx.runMutation(\n * components.auth.groups.inviteAcceptByToken,\n * {\n * tokenHash: \"sha256_abc123...\",\n * acceptedByUserId: currentUserId,\n * },\n * );\n * if (result.membershipStatus === \"joined\") {\n * console.log(\"Joined group\", result.groupId, \"as member\", result.memberId);\n * }\n * ```\n */\nexport const inviteAcceptByToken = mutation({\n args: {\n tokenHash: v.string(),\n acceptedByUserId: v.id(\"User\"),\n },\n returns: vInviteAcceptByTokenResult,\n handler: async (ctx, { tokenHash, acceptedByUserId }) => {\n const invite = await ctx.db\n .query(\"GroupInvite\")\n .withIndex(\"token_hash\", (q) => q.eq(\"tokenHash\", tokenHash))\n .first();\n\n if (invite === null) {\n throw new ConvexError({\n code: \"INVITE_NOT_FOUND\",\n message: \"Invite not found\",\n });\n }\n\n const now = Date.now();\n if (invite.status === \"pending\") {\n if (invite.expiresTime !== undefined && invite.expiresTime <= now) {\n await ctx.db.patch(\"GroupInvite\", invite._id, { status: \"expired\" });\n throw new ConvexError({\n code: \"INVITE_EXPIRED\",\n message: \"Invite has expired\",\n inviteId: invite._id,\n });\n }\n } else if (invite.status === \"accepted\") {\n if (invite.acceptedByUserId !== acceptedByUserId) {\n throw new ConvexError({\n code: \"INVITE_ALREADY_ACCEPTED\",\n message: \"Invite already accepted by another user\",\n inviteId: invite._id,\n });\n }\n } else {\n throw new ConvexError({\n code: \"INVITE_NOT_PENDING\",\n message: `Cannot accept invite with status \"${invite.status}\"`,\n inviteId: invite._id,\n currentStatus: invite.status,\n });\n }\n\n if (invite.email !== undefined) {\n const user = await ctx.db.get(\"User\", acceptedByUserId);\n const normalizedInviteEmail = invite.email.trim().toLowerCase();\n const normalizedUserEmail = user?.email?.trim().toLowerCase();\n\n if (\n normalizedUserEmail === undefined ||\n normalizedUserEmail !== normalizedInviteEmail\n ) {\n throw new ConvexError({\n code: \"INVITE_EMAIL_MISMATCH\",\n message: \"Invite email does not match accepting user's email\",\n inviteId: invite._id,\n });\n }\n }\n\n let membershipStatus: \"joined\" | \"already_joined\" | \"not_applicable\" =\n \"not_applicable\";\n let memberId: Id<\"GroupMember\"> | undefined;\n\n if (invite.groupId !== undefined) {\n const existingMembership = await ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_user_id\", (q) =>\n q.eq(\"groupId\", invite.groupId!).eq(\"userId\", acceptedByUserId),\n )\n .unique();\n\n if (existingMembership !== null) {\n membershipStatus = \"already_joined\";\n memberId = existingMembership._id;\n } else {\n memberId = await ctx.db.insert(\"GroupMember\", {\n groupId: invite.groupId,\n userId: acceptedByUserId,\n roleIds: invite.roleIds,\n status: \"active\",\n });\n membershipStatus = \"joined\";\n }\n }\n\n if (invite.status === \"pending\") {\n await ctx.db.patch(\"GroupInvite\", invite._id, {\n status: \"accepted\",\n acceptedByUserId,\n acceptedTime: now,\n });\n }\n\n const inviteStatus: \"accepted\" | \"already_accepted\" =\n invite.status === \"accepted\" ? \"already_accepted\" : \"accepted\";\n\n return {\n inviteId: invite._id,\n groupId: invite.groupId ?? null,\n memberId,\n inviteStatus,\n membershipStatus,\n };\n },\n});\n\n/**\n * Revoke a pending invitation.\n *\n * Marks the invite as `\"revoked\"`. Only invites with status `\"pending\"` can\n * be revoked. Throws a structured `ConvexError` when the invite doesn't\n * exist or is not currently pending. Once revoked, the invite's token can\n * no longer be used for acceptance.\n *\n * @param args.inviteId - The `Id<\"GroupInvite\">` of the invite to revoke.\n * @returns `null` on success.\n * @throws `ConvexError` with code `INVITE_NOT_FOUND` if the invite does not exist.\n * @throws `ConvexError` with code `INVITE_NOT_PENDING` if the invite has already been accepted, revoked, or expired.\n *\n * @example\n * ```ts\n * await ctx.runMutation(components.auth.groups.inviteRevoke, {\n * inviteId: pendingInviteId,\n * });\n * ```\n */\nexport const inviteRevoke = mutation({\n args: { inviteId: v.id(\"GroupInvite\") },\n returns: v.null(),\n handler: async (ctx, { inviteId }) => {\n const invite = await ctx.db.get(\"GroupInvite\", inviteId);\n if (invite === null) {\n throw new ConvexError({\n code: \"INVITE_NOT_FOUND\",\n message: \"Invite not found\",\n inviteId,\n });\n }\n if (invite.status !== \"pending\") {\n throw new ConvexError({\n code: \"INVITE_NOT_PENDING\",\n message: `Cannot revoke invite with status \"${invite.status}\"`,\n inviteId,\n currentStatus: invite.status,\n });\n }\n await ctx.db.patch(\"GroupInvite\", inviteId, { status: \"revoked\" });\n return null;\n },\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoDA,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,SAAS,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;EAClC,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;EACzC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC7B,WAAW,EAAE,QAAQ;EACrB,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EACxC,QAAQ;EACR,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC;EACnC,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;EAC5B;CACD,SAAS,EAAE,GAAG,cAAc;CAC5B,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,MAAM,KAAK,KAAK;AAItB,MAAI,KAAK,UAAU,OACjB,KAAI,KAAK,YAAY,QAAW;GAC9B,MAAM,uBAAuB,MAAM,IAAI,GACpC,MAAM,cAAc,CACpB,UAAU,oBAAoB,MAC7B,EAAE,GAAG,WAAW,KAAK,QAAQ,CAAC,GAAG,UAAU,UAAU,CACtD,CACA,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,QAAQ,EAAE,KAAK,MAAM,CAAC,CACjD,SAAS;AAEZ,QAAK,MAAM,uBAAuB,sBAAsB;AAItD,QAFE,oBAAoB,gBAAgB,UACpC,oBAAoB,eAAe,KACtB;AACb,WAAM,IAAI,GAAG,MAAM,eAAe,oBAAoB,KAAK,EACzD,QAAQ,WACT,CAAC;AACF;;AAEF,UAAM,IAAI,YAAY;KACpB,MAAM;KACN,SACE;KACF,OAAO,KAAK;KACZ,SAAS,KAAK;KACd,kBAAkB,oBAAoB;KACvC,CAAC;;SAEC;GACL,MAAM,0BAA0B,MAAM,IAAI,GACvC,MAAM,cAAc,CACpB,UAAU,iBAAiB,MAC1B,EAAE,GAAG,SAAS,KAAK,MAAM,CAAC,GAAG,UAAU,UAAU,CAClD,CACA,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,UAAU,EAAE,OAAU,CAAC,CAClD,SAAS;AAEZ,QAAK,MAAM,0BAA0B,yBAAyB;AAI5D,QAFE,uBAAuB,gBAAgB,UACvC,uBAAuB,eAAe,KACzB;AACb,WAAM,IAAI,GAAG,MAAM,eAAe,uBAAuB,KAAK,EAC5D,QAAQ,WACT,CAAC;AACF;;AAEF,UAAM,IAAI,YAAY;KACpB,MAAM;KACN,SAAS;KACT,OAAO,KAAK;KACZ,kBAAkB,uBAAuB;KAC1C,CAAC;;;AAIR,SAAO,MAAM,IAAI,GAAG,OAAO,eAAe,KAAK;;CAElD,CAAC;;;;;;;;;;;;;;;;;;;;AAqBF,MAAa,YAAY,MAAM;CAC7B,MAAM,EAAE,UAAU,EAAE,GAAG,cAAc,EAAE;CACvC,SAAS,EAAE,MAAM,iBAAiB,EAAE,MAAM,CAAC;CAC3C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GAAG,IAAI,eAAe,SAAS;;CAEnD,CAAC;;;;;;;;;;;;;;;;;;;;;;AAuBF,MAAa,uBAAuB,MAAM;CACxC,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE;CAC/B,SAAS,EAAE,MAAM,iBAAiB,EAAE,MAAM,CAAC;CAC3C,SAAS,OAAO,KAAK,EAAE,gBAAgB;AACrC,SAAO,MAAM,IAAI,GACd,MAAM,cAAc,CACpB,UAAU,eAAe,MAAM,EAAE,GAAG,aAAa,UAAU,CAAC,CAC5D,OAAO;;CAEb,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCF,MAAa,aAAa,MAAM;CAC9B,MAAM;EACJ,OAAO,EAAE,SACP,EAAE,OAAO;GACP,WAAW,EAAE,SAAS,EAAE,QAAQ,CAAC;GACjC,SAAS,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;GAClC,QAAQ,EAAE,SAAS,cAAc;GACjC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;GAC7B,iBAAiB,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;GACzC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;GAC9B,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;GAC3C,CAAC,CACH;EACD,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC7B,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,CAAC;EACjD,SAAS,EAAE,SACT,EAAE,MACA,EAAE,QAAQ,gBAAgB,EAC1B,EAAE,QAAQ,SAAS,EACnB,EAAE,QAAQ,QAAQ,EAClB,EAAE,QAAQ,cAAc,EACxB,EAAE,QAAQ,eAAe,CAC1B,CACF;EACD,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,MAAM,EAAE,EAAE,QAAQ,OAAO,CAAC,CAAC;EAChE;CACD,SAAS,WAAW,gBAAgB;CACpC,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,QAAQ,KAAK,SAAS,EAAE;EAC9B,MAAM,QAAQ,KAAK,IAAI,KAAK,IAAI,KAAK,SAAS,IAAI,EAAE,EAAE,IAAI;EAC1D,MAAM,QAAQ,KAAK,SAAS;EAG5B,IAAI;AACJ,MAAI,MAAM,cAAc,OACtB,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,eAAe,QACxB,IAAI,GAAG,aAAa,MAAM,UAAW,CACtC;WACM,MAAM,YAAY,UAAa,MAAM,WAAW,OACzD,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,oBAAoB,QAC7B,IAAI,GAAG,WAAW,MAAM,QAAS,CAAC,GAAG,UAAU,MAAM,OAAQ,CAC9D;WACM,MAAM,UAAU,UAAa,MAAM,WAAW,OACvD,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,iBAAiB,QAC1B,IAAI,GAAG,SAAS,MAAM,MAAO,CAAC,GAAG,UAAU,MAAM,OAAQ,CAC1D;WAEH,MAAM,oBAAoB,UAC1B,MAAM,WAAW,OAEjB,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,8BAA8B,QACvC,IACG,GAAG,mBAAmB,MAAM,gBAAiB,CAC7C,GAAG,UAAU,MAAM,OAAQ,CAC/B;WACM,MAAM,YAAY,OAC3B,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,aAAa,QAAQ,IAAI,GAAG,WAAW,MAAM,QAAS,CAAC;WAC3D,MAAM,WAAW,OAC1B,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,WAAW,QAAQ,IAAI,GAAG,UAAU,MAAM,OAAQ,CAAC;MAEhE,KAAI,IAAI,GAAG,MAAM,cAAc;AAIjC,MAAI,MAAM,YAAY,OACpB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,UAAU,EAAE,MAAM,QAAS,CAAC;AAE/D,MAAI,MAAM,WAAW,OACnB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,SAAS,EAAE,MAAM,OAAQ,CAAC;AAE7D,MAAI,MAAM,UAAU,OAClB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,QAAQ,EAAE,MAAM,MAAO,CAAC;AAE3D,MAAI,MAAM,oBAAoB,OAC5B,KAAI,EAAE,QAAQ,MACZ,EAAE,GAAG,EAAE,MAAM,kBAAkB,EAAE,MAAM,gBAAiB,CACzD;AAEH,MAAI,MAAM,qBAAqB,OAC7B,KAAI,EAAE,QAAQ,MACZ,EAAE,GAAG,EAAE,MAAM,mBAAmB,EAAE,MAAM,iBAAkB,CAC3D;AAEH,MAAI,MAAM,cAAc,OACtB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,YAAY,EAAE,MAAM,UAAW,CAAC;AAGnE,MAAI,EAAE,MAAM,MAAM;EAElB,IAAI,MAAM,MAAM,EAAE,SAAS;AAC3B,MAAI,MAAM,WAAW,OACnB,OAAM,IAAI,QAAQ,SAAS,IAAI,WAAW,EAAE,EAAE,SAAS,MAAM,OAAQ,CAAC;EAExE,IAAI,WAAW;AACf,MAAI,KAAK,QAAQ;GACf,MAAM,YAAY,IAAI,WAAW,QAAQ,IAAI,QAAQ,KAAK,OAAO;AACjE,OAAI,cAAc,GAChB,YAAW,YAAY;;EAG3B,MAAM,OAAO,IAAI,MAAM,UAAU,WAAW,QAAQ,EAAE;EACtD,MAAM,UAAU,KAAK,SAAS;EAC9B,MAAM,QAAQ,UAAU,KAAK,MAAM,GAAG,MAAM,GAAG;AAE/C,SAAO;GAAE;GAAO,YADG,UAAU,MAAM,MAAM,SAAS,GAAG,MAAM;GAC/B;;CAE/B,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA6BF,MAAa,eAAe,SAAS;CACnC,MAAM;EACJ,UAAU,EAAE,GAAG,cAAc;EAC7B,kBAAkB,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;EAC3C;CACD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,uBAAuB;EACtD,MAAM,SAAS,MAAM,IAAI,GAAG,IAAI,eAAe,SAAS;AACxD,MAAI,WAAW,KACb,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACT;GACD,CAAC;AAEJ,MAAI,OAAO,WAAW,UACpB,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS,qCAAqC,OAAO,OAAO;GAC5D;GACA,eAAe,OAAO;GACvB,CAAC;AAEJ,MAAI,OAAO,gBAAgB,UAAa,OAAO,eAAe,KAAK,KAAK,EAAE;AACxE,SAAM,IAAI,GAAG,MAAM,eAAe,UAAU,EAC1C,QAAQ,WACT,CAAC;AACF,SAAM,IAAI,YAAY;IACpB,MAAM;IACN,SAAS;IACT;IACD,CAAC;;AAEJ,QAAM,IAAI,GAAG,MAAM,eAAe,UAAU;GAC1C,QAAQ;GACR,cAAc,KAAK,KAAK;GACxB,GAAI,mBAAmB,EAAE,kBAAkB,GAAG,EAAE;GACjD,CAAC;AACF,SAAO;;CAEV,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0CF,MAAa,sBAAsB,SAAS;CAC1C,MAAM;EACJ,WAAW,EAAE,QAAQ;EACrB,kBAAkB,EAAE,GAAG,OAAO;EAC/B;CACD,SAAS;CACT,SAAS,OAAO,KAAK,EAAE,WAAW,uBAAuB;EACvD,MAAM,SAAS,MAAM,IAAI,GACtB,MAAM,cAAc,CACpB,UAAU,eAAe,MAAM,EAAE,GAAG,aAAa,UAAU,CAAC,CAC5D,OAAO;AAEV,MAAI,WAAW,KACb,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACV,CAAC;EAGJ,MAAM,MAAM,KAAK,KAAK;AACtB,MAAI,OAAO,WAAW,WACpB;OAAI,OAAO,gBAAgB,UAAa,OAAO,eAAe,KAAK;AACjE,UAAM,IAAI,GAAG,MAAM,eAAe,OAAO,KAAK,EAAE,QAAQ,WAAW,CAAC;AACpE,UAAM,IAAI,YAAY;KACpB,MAAM;KACN,SAAS;KACT,UAAU,OAAO;KAClB,CAAC;;aAEK,OAAO,WAAW,YAC3B;OAAI,OAAO,qBAAqB,iBAC9B,OAAM,IAAI,YAAY;IACpB,MAAM;IACN,SAAS;IACT,UAAU,OAAO;IAClB,CAAC;QAGJ,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS,qCAAqC,OAAO,OAAO;GAC5D,UAAU,OAAO;GACjB,eAAe,OAAO;GACvB,CAAC;AAGJ,MAAI,OAAO,UAAU,QAAW;GAC9B,MAAM,OAAO,MAAM,IAAI,GAAG,IAAI,QAAQ,iBAAiB;GACvD,MAAM,wBAAwB,OAAO,MAAM,MAAM,CAAC,aAAa;GAC/D,MAAM,sBAAsB,MAAM,OAAO,MAAM,CAAC,aAAa;AAE7D,OACE,wBAAwB,UACxB,wBAAwB,sBAExB,OAAM,IAAI,YAAY;IACpB,MAAM;IACN,SAAS;IACT,UAAU,OAAO;IAClB,CAAC;;EAIN,IAAI,mBACF;EACF,IAAI;AAEJ,MAAI,OAAO,YAAY,QAAW;GAChC,MAAM,qBAAqB,MAAM,IAAI,GAClC,MAAM,cAAc,CACpB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,WAAW,OAAO,QAAS,CAAC,GAAG,UAAU,iBAAiB,CAChE,CACA,QAAQ;AAEX,OAAI,uBAAuB,MAAM;AAC/B,uBAAmB;AACnB,eAAW,mBAAmB;UACzB;AACL,eAAW,MAAM,IAAI,GAAG,OAAO,eAAe;KAC5C,SAAS,OAAO;KAChB,QAAQ;KACR,SAAS,OAAO;KAChB,QAAQ;KACT,CAAC;AACF,uBAAmB;;;AAIvB,MAAI,OAAO,WAAW,UACpB,OAAM,IAAI,GAAG,MAAM,eAAe,OAAO,KAAK;GAC5C,QAAQ;GACR;GACA,cAAc;GACf,CAAC;EAGJ,MAAM,eACJ,OAAO,WAAW,aAAa,qBAAqB;AAEtD,SAAO;GACL,UAAU,OAAO;GACjB,SAAS,OAAO,WAAW;GAC3B;GACA;GACA;GACD;;CAEJ,CAAC;;;;;;;;;;;;;;;;;;;;;AAsBF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,cAAc,EAAE;CACvC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;EACpC,MAAM,SAAS,MAAM,IAAI,GAAG,IAAI,eAAe,SAAS;AACxD,MAAI,WAAW,KACb,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACT;GACD,CAAC;AAEJ,MAAI,OAAO,WAAW,UACpB,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS,qCAAqC,OAAO,OAAO;GAC5D;GACA,eAAe,OAAO;GACvB,CAAC;AAEJ,QAAM,IAAI,GAAG,MAAM,eAAe,UAAU,EAAE,QAAQ,WAAW,CAAC;AAClE,SAAO;;CAEV,CAAC"}
|
|
@@ -1,204 +0,0 @@
|
|
|
1
|
-
declare namespace members_d_exports {
|
|
2
|
-
export { memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberRemove, memberResolve, memberUpdate };
|
|
3
|
-
}
|
|
4
|
-
/**
|
|
5
|
-
* Add a user as a member of a group.
|
|
6
|
-
*
|
|
7
|
-
* The `roleIds` field stores application-defined role identifiers. The auth
|
|
8
|
-
* component stores assignments but does not enforce access control — your
|
|
9
|
-
* application defines what each role means.
|
|
10
|
-
*
|
|
11
|
-
* Throws `ConvexError` with code `DUPLICATE_MEMBERSHIP` when the user is
|
|
12
|
-
* already a member of the target group. The duplicate check uses the
|
|
13
|
-
* `group_id_user_id` compound index for an exact match.
|
|
14
|
-
*
|
|
15
|
-
* @param args.groupId - The `Id<"Group">` of the group to add the user to.
|
|
16
|
-
* @param args.userId - The `Id<"User">` of the user to add as a member.
|
|
17
|
-
* @param args.roleIds - Optional array of application-defined role identifiers (e.g. `["admin", "editor"]`).
|
|
18
|
-
* @param args.status - Optional membership status string (e.g. `"active"`, `"suspended"`). Defaults to whatever your application convention is.
|
|
19
|
-
* @param args.extend - Optional arbitrary payload for application-specific metadata on the membership.
|
|
20
|
-
* @returns The `Id<"GroupMember">` of the newly created member document.
|
|
21
|
-
* @throws `ConvexError` with code `DUPLICATE_MEMBERSHIP` if the user is already a member of this group.
|
|
22
|
-
*
|
|
23
|
-
* @example
|
|
24
|
-
* ```ts
|
|
25
|
-
* const memberId = await ctx.runMutation(
|
|
26
|
-
* components.auth.groups.memberAdd,
|
|
27
|
-
* {
|
|
28
|
-
* groupId: teamGroupId,
|
|
29
|
-
* userId: newUserId,
|
|
30
|
-
* roleIds: ["viewer"],
|
|
31
|
-
* status: "active",
|
|
32
|
-
* },
|
|
33
|
-
* );
|
|
34
|
-
* ```
|
|
35
|
-
*/
|
|
36
|
-
declare const memberAdd: any;
|
|
37
|
-
/**
|
|
38
|
-
* Retrieve a member record by its document ID.
|
|
39
|
-
*
|
|
40
|
-
* Performs a direct lookup in the `GroupMember` table and returns the full
|
|
41
|
-
* member document, or `null` if no member exists with the given ID.
|
|
42
|
-
*
|
|
43
|
-
* @param args.memberId - The `Id<"GroupMember">` of the member record to retrieve.
|
|
44
|
-
* @returns The member document (including `groupId`, `userId`, `roleIds`, `status`, etc.) or `null` if not found.
|
|
45
|
-
*
|
|
46
|
-
* @example
|
|
47
|
-
* ```ts
|
|
48
|
-
* const member = await ctx.runQuery(components.auth.groups.memberGet, {
|
|
49
|
-
* memberId: existingMemberId,
|
|
50
|
-
* });
|
|
51
|
-
* if (member !== null) {
|
|
52
|
-
* console.log(member.userId, member.roleIds);
|
|
53
|
-
* }
|
|
54
|
-
* ```
|
|
55
|
-
*/
|
|
56
|
-
declare const memberGet: any;
|
|
57
|
-
/**
|
|
58
|
-
* List members with optional filtering, sorting, and pagination.
|
|
59
|
-
*
|
|
60
|
-
* Returns `{ items, nextCursor }`. Supports filtering by `groupId`,
|
|
61
|
-
* `userId`, `roleId`, and `status`. The query engine automatically selects
|
|
62
|
-
* the best compound index based on the combination of filter fields
|
|
63
|
-
* provided. The `roleId` filter is applied in-memory after the index scan
|
|
64
|
-
* because role IDs are stored as an array.
|
|
65
|
-
*
|
|
66
|
-
* @param args.where - Optional filter criteria for narrowing results.
|
|
67
|
-
* @param args.where.groupId - Match members belonging to this group.
|
|
68
|
-
* @param args.where.userId - Match members for this specific user.
|
|
69
|
-
* @param args.where.roleId - Match members whose `roleIds` array includes this role identifier.
|
|
70
|
-
* @param args.where.status - Match members with this exact status string (e.g. `"active"`).
|
|
71
|
-
* @param args.limit - Maximum number of items per page (clamped to 1..100, defaults to 50).
|
|
72
|
-
* @param args.cursor - An opaque cursor string from a previous response's `nextCursor` to fetch the next page, or `null` to start from the beginning.
|
|
73
|
-
* @param args.orderBy - The field to sort by: `"_creationTime"` or `"status"`.
|
|
74
|
-
* @param args.order - Sort direction: `"asc"` or `"desc"` (defaults to `"desc"`).
|
|
75
|
-
* @returns An object `{ items, nextCursor }` where `items` is an array of member documents and `nextCursor` is `null` when there are no more pages.
|
|
76
|
-
*
|
|
77
|
-
* @example
|
|
78
|
-
* ```ts
|
|
79
|
-
* const { items, nextCursor } = await ctx.runQuery(
|
|
80
|
-
* components.auth.groups.memberList,
|
|
81
|
-
* {
|
|
82
|
-
* where: { groupId: teamGroupId, status: "active" },
|
|
83
|
-
* limit: 30,
|
|
84
|
-
* order: "asc",
|
|
85
|
-
* },
|
|
86
|
-
* );
|
|
87
|
-
* ```
|
|
88
|
-
*/
|
|
89
|
-
declare const memberList: any;
|
|
90
|
-
/**
|
|
91
|
-
* Look up a specific user's membership in a specific group.
|
|
92
|
-
*
|
|
93
|
-
* Uses the `group_id_user_id` compound index for an efficient exact-match
|
|
94
|
-
* lookup. Returns `null` if the user is not a member of the group. Unlike
|
|
95
|
-
* {@link memberResolve}, this does **not** walk the group hierarchy — it
|
|
96
|
-
* checks only the specified group.
|
|
97
|
-
*
|
|
98
|
-
* @param args.groupId - The `Id<"Group">` of the group to check.
|
|
99
|
-
* @param args.userId - The `Id<"User">` of the user whose membership to look up.
|
|
100
|
-
* @returns The member document or `null` if the user is not a direct member of the group.
|
|
101
|
-
*
|
|
102
|
-
* @example
|
|
103
|
-
* ```ts
|
|
104
|
-
* const member = await ctx.runQuery(
|
|
105
|
-
* components.auth.groups.memberGetByGroupAndUser,
|
|
106
|
-
* { groupId: teamGroupId, userId: currentUserId },
|
|
107
|
-
* );
|
|
108
|
-
* if (member !== null) {
|
|
109
|
-
* console.log("User has roles:", member.roleIds);
|
|
110
|
-
* }
|
|
111
|
-
* ```
|
|
112
|
-
*/
|
|
113
|
-
declare const memberGetByGroupAndUser: any;
|
|
114
|
-
/**
|
|
115
|
-
* Resolve a user's membership by walking the group hierarchy from the
|
|
116
|
-
* requested group up to the root. Returns the first matching membership
|
|
117
|
-
* found, enabling inherited (ancestor-level) access checks.
|
|
118
|
-
*
|
|
119
|
-
* The traversal walks from `groupId` to its `parentGroupId`, then to the
|
|
120
|
-
* parent's parent, and so on, up to `maxDepth` levels (default 32). It
|
|
121
|
-
* stops at the first group where the user has a membership record. Cycle
|
|
122
|
-
* detection prevents infinite loops if the hierarchy is malformed.
|
|
123
|
-
*
|
|
124
|
-
* When `ancestry` is `true`, the response includes a `traversedGroupIds`
|
|
125
|
-
* array showing the full path that was walked (useful for debugging or
|
|
126
|
-
* audit trails).
|
|
127
|
-
*
|
|
128
|
-
* This runs entirely inside the component (no cross-component RPCs per level).
|
|
129
|
-
*
|
|
130
|
-
* @param args.userId - The `Id<"User">` of the user whose membership to resolve.
|
|
131
|
-
* @param args.groupId - The `Id<"Group">` to start the upward traversal from.
|
|
132
|
-
* @param args.maxDepth - Optional maximum number of parent levels to traverse (defaults to 32). Set to `0` to check only the exact group.
|
|
133
|
-
* @param args.ancestry - When `true`, the response includes the `traversedGroupIds` array showing all group IDs visited during the walk.
|
|
134
|
-
* @returns An object with:
|
|
135
|
-
* - `membership` — the member document at the matched group, or `null` if none was found.
|
|
136
|
-
* - `matchedGroupId` — the ID of the group where membership was found, or `null`.
|
|
137
|
-
* - `depth` — how many levels above `groupId` the match was found (0 = direct), or `null` if not found.
|
|
138
|
-
* - `isDirect` — `true` when `depth === 0`.
|
|
139
|
-
* - `isInherited` — `true` when `depth > 0`.
|
|
140
|
-
* - `traversedGroupIds` — (only when `ancestry` is `true`) array of group IDs visited.
|
|
141
|
-
*
|
|
142
|
-
* @example
|
|
143
|
-
* ```ts
|
|
144
|
-
* const result = await ctx.runQuery(
|
|
145
|
-
* components.auth.groups.memberResolve,
|
|
146
|
-
* {
|
|
147
|
-
* userId: currentUserId,
|
|
148
|
-
* groupId: subTeamGroupId,
|
|
149
|
-
* maxDepth: 5,
|
|
150
|
-
* ancestry: true,
|
|
151
|
-
* },
|
|
152
|
-
* );
|
|
153
|
-
* if (result.membership !== null) {
|
|
154
|
-
* console.log(
|
|
155
|
-
* result.isDirect ? "Direct member" : `Inherited from depth ${result.depth}`,
|
|
156
|
-
* );
|
|
157
|
-
* }
|
|
158
|
-
* ```
|
|
159
|
-
*/
|
|
160
|
-
declare const memberResolve: any;
|
|
161
|
-
/**
|
|
162
|
-
* Remove a member from a group by permanently deleting the member record.
|
|
163
|
-
*
|
|
164
|
-
* This is a hard delete — the `GroupMember` document is removed from the
|
|
165
|
-
* database entirely. If you need soft-delete semantics, use
|
|
166
|
-
* {@link memberUpdate} to set the `status` field instead.
|
|
167
|
-
*
|
|
168
|
-
* @param args.memberId - The `Id<"GroupMember">` of the member record to delete.
|
|
169
|
-
* @returns `null` on success.
|
|
170
|
-
*
|
|
171
|
-
* @example
|
|
172
|
-
* ```ts
|
|
173
|
-
* await ctx.runMutation(components.auth.groups.memberRemove, {
|
|
174
|
-
* memberId: memberToRemoveId,
|
|
175
|
-
* });
|
|
176
|
-
* ```
|
|
177
|
-
*/
|
|
178
|
-
declare const memberRemove: any;
|
|
179
|
-
/**
|
|
180
|
-
* Update a member record's mutable fields such as `roleIds`, `status`, and
|
|
181
|
-
* `extend`.
|
|
182
|
-
*
|
|
183
|
-
* Uses `db.patch` under the hood, so only the fields present in `data` are
|
|
184
|
-
* modified — all other fields on the member document are left unchanged.
|
|
185
|
-
*
|
|
186
|
-
* @param args.memberId - The `Id<"GroupMember">` of the member record to update.
|
|
187
|
-
* @param args.data - A partial object of fields to patch. Supported keys include `roleIds`, `status`, and `extend`.
|
|
188
|
-
* @returns `null` on success.
|
|
189
|
-
*
|
|
190
|
-
* @example
|
|
191
|
-
* ```ts
|
|
192
|
-
* await ctx.runMutation(components.auth.groups.memberUpdate, {
|
|
193
|
-
* memberId: existingMemberId,
|
|
194
|
-
* data: {
|
|
195
|
-
* roleIds: ["admin", "editor"],
|
|
196
|
-
* status: "active",
|
|
197
|
-
* },
|
|
198
|
-
* });
|
|
199
|
-
* ```
|
|
200
|
-
*/
|
|
201
|
-
declare const memberUpdate: any;
|
|
202
|
-
//#endregion
|
|
203
|
-
export { memberAdd, memberGet, memberGetByGroupAndUser, memberList, memberRemove, memberResolve, memberUpdate, members_d_exports };
|
|
204
|
-
//# sourceMappingURL=members.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"members.d.ts","names":[],"sources":["../../../../src/component/public/groups/members.ts"],"mappings":";;;;;;;;;;;;;;;AAsCA;;;;;AAgDA;;;;;AAwCA;;;;;AAqGA;;;;;cA7La,SAAA;;;;;AAyUb;;;;;AA+BA;;;;;;;;;;cAxTa,SAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cAwCA,UAAA;;;;;;;;;;;;;;;;;;;;;;;;cAqGA,uBAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA2DA,aAAA;;;;;;;;;;;;;;;;;;cAiFA,YAAA;;;;;;;;;;;;;;;;;;;;;;;cA+BA,YAAA"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"members.js","names":[],"sources":["../../../../src/component/public/groups/members.ts"],"sourcesContent":["import { ConvexError, v } from \"convex/values\";\n\nimport type { Id } from \"../../_generated/dataModel\";\nimport { mutation, query } from \"../../functions\";\nimport { vGroupMemberDoc, vPaginated } from \"../../model\";\n\n/**\n * Add a user as a member of a group.\n *\n * The `roleIds` field stores application-defined role identifiers. The auth\n * component stores assignments but does not enforce access control — your\n * application defines what each role means.\n *\n * Throws `ConvexError` with code `DUPLICATE_MEMBERSHIP` when the user is\n * already a member of the target group. The duplicate check uses the\n * `group_id_user_id` compound index for an exact match.\n *\n * @param args.groupId - The `Id<\"Group\">` of the group to add the user to.\n * @param args.userId - The `Id<\"User\">` of the user to add as a member.\n * @param args.roleIds - Optional array of application-defined role identifiers (e.g. `[\"admin\", \"editor\"]`).\n * @param args.status - Optional membership status string (e.g. `\"active\"`, `\"suspended\"`). Defaults to whatever your application convention is.\n * @param args.extend - Optional arbitrary payload for application-specific metadata on the membership.\n * @returns The `Id<\"GroupMember\">` of the newly created member document.\n * @throws `ConvexError` with code `DUPLICATE_MEMBERSHIP` if the user is already a member of this group.\n *\n * @example\n * ```ts\n * const memberId = await ctx.runMutation(\n * components.auth.groups.memberAdd,\n * {\n * groupId: teamGroupId,\n * userId: newUserId,\n * roleIds: [\"viewer\"],\n * status: \"active\",\n * },\n * );\n * ```\n */\nexport const memberAdd = mutation({\n args: {\n groupId: v.id(\"Group\"),\n userId: v.id(\"User\"),\n roleIds: v.optional(v.array(v.string())),\n status: v.optional(v.string()),\n extend: v.optional(v.any()),\n },\n returns: v.id(\"GroupMember\"),\n handler: async (ctx, args) => {\n const existingMembership = await ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_user_id\", (q) =>\n q.eq(\"groupId\", args.groupId).eq(\"userId\", args.userId),\n )\n .unique();\n if (existingMembership !== null) {\n throw new ConvexError({\n code: \"DUPLICATE_MEMBERSHIP\",\n message: \"User is already a member of this group\",\n groupId: args.groupId,\n userId: args.userId,\n existingMemberId: existingMembership._id,\n });\n }\n return await ctx.db.insert(\"GroupMember\", args);\n },\n});\n\n/**\n * Retrieve a member record by its document ID.\n *\n * Performs a direct lookup in the `GroupMember` table and returns the full\n * member document, or `null` if no member exists with the given ID.\n *\n * @param args.memberId - The `Id<\"GroupMember\">` of the member record to retrieve.\n * @returns The member document (including `groupId`, `userId`, `roleIds`, `status`, etc.) or `null` if not found.\n *\n * @example\n * ```ts\n * const member = await ctx.runQuery(components.auth.groups.memberGet, {\n * memberId: existingMemberId,\n * });\n * if (member !== null) {\n * console.log(member.userId, member.roleIds);\n * }\n * ```\n */\nexport const memberGet = query({\n args: { memberId: v.id(\"GroupMember\") },\n returns: v.union(vGroupMemberDoc, v.null()),\n handler: async (ctx, { memberId }) => {\n return await ctx.db.get(\"GroupMember\", memberId);\n },\n});\n\n/**\n * List members with optional filtering, sorting, and pagination.\n *\n * Returns `{ items, nextCursor }`. Supports filtering by `groupId`,\n * `userId`, `roleId`, and `status`. The query engine automatically selects\n * the best compound index based on the combination of filter fields\n * provided. The `roleId` filter is applied in-memory after the index scan\n * because role IDs are stored as an array.\n *\n * @param args.where - Optional filter criteria for narrowing results.\n * @param args.where.groupId - Match members belonging to this group.\n * @param args.where.userId - Match members for this specific user.\n * @param args.where.roleId - Match members whose `roleIds` array includes this role identifier.\n * @param args.where.status - Match members with this exact status string (e.g. `\"active\"`).\n * @param args.limit - Maximum number of items per page (clamped to 1..100, defaults to 50).\n * @param args.cursor - An opaque cursor string from a previous response's `nextCursor` to fetch the next page, or `null` to start from the beginning.\n * @param args.orderBy - The field to sort by: `\"_creationTime\"` or `\"status\"`.\n * @param args.order - Sort direction: `\"asc\"` or `\"desc\"` (defaults to `\"desc\"`).\n * @returns An object `{ items, nextCursor }` where `items` is an array of member documents and `nextCursor` is `null` when there are no more pages.\n *\n * @example\n * ```ts\n * const { items, nextCursor } = await ctx.runQuery(\n * components.auth.groups.memberList,\n * {\n * where: { groupId: teamGroupId, status: \"active\" },\n * limit: 30,\n * order: \"asc\",\n * },\n * );\n * ```\n */\nexport const memberList = query({\n args: {\n where: v.optional(\n v.object({\n groupId: v.optional(v.id(\"Group\")),\n userId: v.optional(v.id(\"User\")),\n roleId: v.optional(v.string()),\n status: v.optional(v.string()),\n }),\n ),\n limit: v.optional(v.number()),\n cursor: v.optional(v.union(v.string(), v.null())),\n orderBy: v.optional(\n v.union(v.literal(\"_creationTime\"), v.literal(\"status\")),\n ),\n order: v.optional(v.union(v.literal(\"asc\"), v.literal(\"desc\"))),\n },\n returns: vPaginated(vGroupMemberDoc),\n handler: async (ctx, args) => {\n const where = args.where ?? {};\n const limit = Math.min(Math.max(args.limit ?? 50, 1), 100);\n const order = args.order ?? \"desc\";\n\n let q;\n if (where.groupId !== undefined && where.userId !== undefined) {\n q = ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_user_id\", (idx) =>\n idx.eq(\"groupId\", where.groupId!).eq(\"userId\", where.userId!),\n );\n if (where.status !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"status\"), where.status!));\n }\n } else if (where.groupId !== undefined && where.status !== undefined) {\n q = ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_status\", (idx) =>\n idx.eq(\"groupId\", where.groupId!).eq(\"status\", where.status!),\n );\n } else if (where.groupId !== undefined) {\n q = ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id\", (idx) => idx.eq(\"groupId\", where.groupId!));\n } else if (where.userId !== undefined) {\n q = ctx.db\n .query(\"GroupMember\")\n .withIndex(\"user_id\", (idx) => idx.eq(\"userId\", where.userId!));\n if (where.status !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"status\"), where.status!));\n }\n } else {\n q = ctx.db.query(\"GroupMember\");\n if (where.status !== undefined) {\n q = q.filter((f) => f.eq(f.field(\"status\"), where.status!));\n }\n }\n\n q = q.order(order);\n\n let all = await q.collect();\n if (where.roleId !== undefined) {\n all = all.filter((doc) => (doc.roleIds ?? []).includes(where.roleId!));\n }\n let startIdx = 0;\n if (args.cursor) {\n const cursorIdx = all.findIndex((doc) => doc._id === args.cursor);\n if (cursorIdx !== -1) {\n startIdx = cursorIdx + 1;\n }\n }\n const page = all.slice(startIdx, startIdx + limit + 1);\n const hasMore = page.length > limit;\n const items = hasMore ? page.slice(0, limit) : page;\n const nextCursor = hasMore ? items[items.length - 1]._id : null;\n return { items, nextCursor };\n },\n});\n\n/**\n * Look up a specific user's membership in a specific group.\n *\n * Uses the `group_id_user_id` compound index for an efficient exact-match\n * lookup. Returns `null` if the user is not a member of the group. Unlike\n * {@link memberResolve}, this does **not** walk the group hierarchy — it\n * checks only the specified group.\n *\n * @param args.groupId - The `Id<\"Group\">` of the group to check.\n * @param args.userId - The `Id<\"User\">` of the user whose membership to look up.\n * @returns The member document or `null` if the user is not a direct member of the group.\n *\n * @example\n * ```ts\n * const member = await ctx.runQuery(\n * components.auth.groups.memberGetByGroupAndUser,\n * { groupId: teamGroupId, userId: currentUserId },\n * );\n * if (member !== null) {\n * console.log(\"User has roles:\", member.roleIds);\n * }\n * ```\n */\nexport const memberGetByGroupAndUser = query({\n args: { groupId: v.id(\"Group\"), userId: v.id(\"User\") },\n returns: v.union(vGroupMemberDoc, v.null()),\n handler: async (ctx, { groupId, userId }) => {\n return await ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_user_id\", (q) =>\n q.eq(\"groupId\", groupId).eq(\"userId\", userId),\n )\n .unique();\n },\n});\n\n/**\n * Resolve a user's membership by walking the group hierarchy from the\n * requested group up to the root. Returns the first matching membership\n * found, enabling inherited (ancestor-level) access checks.\n *\n * The traversal walks from `groupId` to its `parentGroupId`, then to the\n * parent's parent, and so on, up to `maxDepth` levels (default 32). It\n * stops at the first group where the user has a membership record. Cycle\n * detection prevents infinite loops if the hierarchy is malformed.\n *\n * When `ancestry` is `true`, the response includes a `traversedGroupIds`\n * array showing the full path that was walked (useful for debugging or\n * audit trails).\n *\n * This runs entirely inside the component (no cross-component RPCs per level).\n *\n * @param args.userId - The `Id<\"User\">` of the user whose membership to resolve.\n * @param args.groupId - The `Id<\"Group\">` to start the upward traversal from.\n * @param args.maxDepth - Optional maximum number of parent levels to traverse (defaults to 32). Set to `0` to check only the exact group.\n * @param args.ancestry - When `true`, the response includes the `traversedGroupIds` array showing all group IDs visited during the walk.\n * @returns An object with:\n * - `membership` — the member document at the matched group, or `null` if none was found.\n * - `matchedGroupId` — the ID of the group where membership was found, or `null`.\n * - `depth` — how many levels above `groupId` the match was found (0 = direct), or `null` if not found.\n * - `isDirect` — `true` when `depth === 0`.\n * - `isInherited` — `true` when `depth > 0`.\n * - `traversedGroupIds` — (only when `ancestry` is `true`) array of group IDs visited.\n *\n * @example\n * ```ts\n * const result = await ctx.runQuery(\n * components.auth.groups.memberResolve,\n * {\n * userId: currentUserId,\n * groupId: subTeamGroupId,\n * maxDepth: 5,\n * ancestry: true,\n * },\n * );\n * if (result.membership !== null) {\n * console.log(\n * result.isDirect ? \"Direct member\" : `Inherited from depth ${result.depth}`,\n * );\n * }\n * ```\n */\nexport const memberResolve = query({\n args: {\n userId: v.id(\"User\"),\n groupId: v.id(\"Group\"),\n maxDepth: v.optional(v.number()),\n ancestry: v.optional(v.boolean()),\n },\n returns: v.object({\n membership: v.union(vGroupMemberDoc, v.null()),\n matchedGroupId: v.union(v.id(\"Group\"), v.null()),\n depth: v.union(v.number(), v.null()),\n isDirect: v.boolean(),\n isInherited: v.boolean(),\n traversedGroupIds: v.optional(v.array(v.id(\"Group\"))),\n }),\n handler: async (ctx, args) => {\n const maxDepth = Math.max(0, Math.floor(args.maxDepth ?? 32));\n const includeAncestry = args.ancestry ?? false;\n const visited = new Set<string>();\n const traversedGroupIds: Id<\"Group\">[] = [];\n let currentGroupId: Id<\"Group\"> | undefined = args.groupId;\n let depth = 0;\n\n while (currentGroupId !== undefined && depth <= maxDepth) {\n if (visited.has(currentGroupId)) break;\n visited.add(currentGroupId);\n if (includeAncestry) traversedGroupIds.push(currentGroupId);\n\n const membership = await ctx.db\n .query(\"GroupMember\")\n .withIndex(\"group_id_user_id\", (q) =>\n q.eq(\"groupId\", currentGroupId!).eq(\"userId\", args.userId),\n )\n .unique();\n\n if (membership !== null) {\n return {\n membership,\n matchedGroupId: currentGroupId,\n depth,\n isDirect: depth === 0,\n isInherited: depth > 0,\n ...(includeAncestry ? { traversedGroupIds } : {}),\n };\n }\n\n const groupDoc: { parentGroupId?: Id<\"Group\"> } | null =\n await ctx.db.get(currentGroupId);\n if (!groupDoc?.parentGroupId) break;\n currentGroupId = groupDoc.parentGroupId;\n depth++;\n }\n\n return {\n membership: null,\n matchedGroupId: null,\n depth: null,\n isDirect: false,\n isInherited: false,\n ...(includeAncestry ? { traversedGroupIds } : {}),\n };\n },\n});\n\n/**\n * Remove a member from a group by permanently deleting the member record.\n *\n * This is a hard delete — the `GroupMember` document is removed from the\n * database entirely. If you need soft-delete semantics, use\n * {@link memberUpdate} to set the `status` field instead.\n *\n * @param args.memberId - The `Id<\"GroupMember\">` of the member record to delete.\n * @returns `null` on success.\n *\n * @example\n * ```ts\n * await ctx.runMutation(components.auth.groups.memberRemove, {\n * memberId: memberToRemoveId,\n * });\n * ```\n */\nexport const memberRemove = mutation({\n args: { memberId: v.id(\"GroupMember\") },\n returns: v.null(),\n handler: async (ctx, { memberId }) => {\n await ctx.db.delete(\"GroupMember\", memberId);\n return null;\n },\n});\n\n/**\n * Update a member record's mutable fields such as `roleIds`, `status`, and\n * `extend`.\n *\n * Uses `db.patch` under the hood, so only the fields present in `data` are\n * modified — all other fields on the member document are left unchanged.\n *\n * @param args.memberId - The `Id<\"GroupMember\">` of the member record to update.\n * @param args.data - A partial object of fields to patch. Supported keys include `roleIds`, `status`, and `extend`.\n * @returns `null` on success.\n *\n * @example\n * ```ts\n * await ctx.runMutation(components.auth.groups.memberUpdate, {\n * memberId: existingMemberId,\n * data: {\n * roleIds: [\"admin\", \"editor\"],\n * status: \"active\",\n * },\n * });\n * ```\n */\nexport const memberUpdate = mutation({\n args: { memberId: v.id(\"GroupMember\"), data: v.any() },\n returns: v.null(),\n handler: async (ctx, { memberId, data }) => {\n await ctx.db.patch(\"GroupMember\", memberId, data);\n return null;\n },\n});\n\n// ============================================================================\n// Invites\n// ============================================================================\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCA,MAAa,YAAY,SAAS;CAChC,MAAM;EACJ,SAAS,EAAE,GAAG,QAAQ;EACtB,QAAQ,EAAE,GAAG,OAAO;EACpB,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;EACxC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC9B,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC;EAC5B;CACD,SAAS,EAAE,GAAG,cAAc;CAC5B,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,qBAAqB,MAAM,IAAI,GAClC,MAAM,cAAc,CACpB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,WAAW,KAAK,QAAQ,CAAC,GAAG,UAAU,KAAK,OAAO,CACxD,CACA,QAAQ;AACX,MAAI,uBAAuB,KACzB,OAAM,IAAI,YAAY;GACpB,MAAM;GACN,SAAS;GACT,SAAS,KAAK;GACd,QAAQ,KAAK;GACb,kBAAkB,mBAAmB;GACtC,CAAC;AAEJ,SAAO,MAAM,IAAI,GAAG,OAAO,eAAe,KAAK;;CAElD,CAAC;;;;;;;;;;;;;;;;;;;;AAqBF,MAAa,YAAY,MAAM;CAC7B,MAAM,EAAE,UAAU,EAAE,GAAG,cAAc,EAAE;CACvC,SAAS,EAAE,MAAM,iBAAiB,EAAE,MAAM,CAAC;CAC3C,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,SAAO,MAAM,IAAI,GAAG,IAAI,eAAe,SAAS;;CAEnD,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCF,MAAa,aAAa,MAAM;CAC9B,MAAM;EACJ,OAAO,EAAE,SACP,EAAE,OAAO;GACP,SAAS,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAC;GAClC,QAAQ,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;GAChC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;GAC9B,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;GAC/B,CAAC,CACH;EACD,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;EAC7B,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,CAAC;EACjD,SAAS,EAAE,SACT,EAAE,MAAM,EAAE,QAAQ,gBAAgB,EAAE,EAAE,QAAQ,SAAS,CAAC,CACzD;EACD,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,MAAM,EAAE,EAAE,QAAQ,OAAO,CAAC,CAAC;EAChE;CACD,SAAS,WAAW,gBAAgB;CACpC,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,QAAQ,KAAK,SAAS,EAAE;EAC9B,MAAM,QAAQ,KAAK,IAAI,KAAK,IAAI,KAAK,SAAS,IAAI,EAAE,EAAE,IAAI;EAC1D,MAAM,QAAQ,KAAK,SAAS;EAE5B,IAAI;AACJ,MAAI,MAAM,YAAY,UAAa,MAAM,WAAW,QAAW;AAC7D,OAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,qBAAqB,QAC9B,IAAI,GAAG,WAAW,MAAM,QAAS,CAAC,GAAG,UAAU,MAAM,OAAQ,CAC9D;AACH,OAAI,MAAM,WAAW,OACnB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,SAAS,EAAE,MAAM,OAAQ,CAAC;aAEpD,MAAM,YAAY,UAAa,MAAM,WAAW,OACzD,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,oBAAoB,QAC7B,IAAI,GAAG,WAAW,MAAM,QAAS,CAAC,GAAG,UAAU,MAAM,OAAQ,CAC9D;WACM,MAAM,YAAY,OAC3B,KAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,aAAa,QAAQ,IAAI,GAAG,WAAW,MAAM,QAAS,CAAC;WAC3D,MAAM,WAAW,QAAW;AACrC,OAAI,IAAI,GACL,MAAM,cAAc,CACpB,UAAU,YAAY,QAAQ,IAAI,GAAG,UAAU,MAAM,OAAQ,CAAC;AACjE,OAAI,MAAM,WAAW,OACnB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,SAAS,EAAE,MAAM,OAAQ,CAAC;SAExD;AACL,OAAI,IAAI,GAAG,MAAM,cAAc;AAC/B,OAAI,MAAM,WAAW,OACnB,KAAI,EAAE,QAAQ,MAAM,EAAE,GAAG,EAAE,MAAM,SAAS,EAAE,MAAM,OAAQ,CAAC;;AAI/D,MAAI,EAAE,MAAM,MAAM;EAElB,IAAI,MAAM,MAAM,EAAE,SAAS;AAC3B,MAAI,MAAM,WAAW,OACnB,OAAM,IAAI,QAAQ,SAAS,IAAI,WAAW,EAAE,EAAE,SAAS,MAAM,OAAQ,CAAC;EAExE,IAAI,WAAW;AACf,MAAI,KAAK,QAAQ;GACf,MAAM,YAAY,IAAI,WAAW,QAAQ,IAAI,QAAQ,KAAK,OAAO;AACjE,OAAI,cAAc,GAChB,YAAW,YAAY;;EAG3B,MAAM,OAAO,IAAI,MAAM,UAAU,WAAW,QAAQ,EAAE;EACtD,MAAM,UAAU,KAAK,SAAS;EAC9B,MAAM,QAAQ,UAAU,KAAK,MAAM,GAAG,MAAM,GAAG;AAE/C,SAAO;GAAE;GAAO,YADG,UAAU,MAAM,MAAM,SAAS,GAAG,MAAM;GAC/B;;CAE/B,CAAC;;;;;;;;;;;;;;;;;;;;;;;;AAyBF,MAAa,0BAA0B,MAAM;CAC3C,MAAM;EAAE,SAAS,EAAE,GAAG,QAAQ;EAAE,QAAQ,EAAE,GAAG,OAAO;EAAE;CACtD,SAAS,EAAE,MAAM,iBAAiB,EAAE,MAAM,CAAC;CAC3C,SAAS,OAAO,KAAK,EAAE,SAAS,aAAa;AAC3C,SAAO,MAAM,IAAI,GACd,MAAM,cAAc,CACpB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,WAAW,QAAQ,CAAC,GAAG,UAAU,OAAO,CAC9C,CACA,QAAQ;;CAEd,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDF,MAAa,gBAAgB,MAAM;CACjC,MAAM;EACJ,QAAQ,EAAE,GAAG,OAAO;EACpB,SAAS,EAAE,GAAG,QAAQ;EACtB,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC;EAChC,UAAU,EAAE,SAAS,EAAE,SAAS,CAAC;EAClC;CACD,SAAS,EAAE,OAAO;EAChB,YAAY,EAAE,MAAM,iBAAiB,EAAE,MAAM,CAAC;EAC9C,gBAAgB,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,EAAE,MAAM,CAAC;EAChD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC;EACpC,UAAU,EAAE,SAAS;EACrB,aAAa,EAAE,SAAS;EACxB,mBAAmB,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC,CAAC;EACtD,CAAC;CACF,SAAS,OAAO,KAAK,SAAS;EAC5B,MAAM,WAAW,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,YAAY,GAAG,CAAC;EAC7D,MAAM,kBAAkB,KAAK,YAAY;EACzC,MAAM,0BAAU,IAAI,KAAa;EACjC,MAAM,oBAAmC,EAAE;EAC3C,IAAI,iBAA0C,KAAK;EACnD,IAAI,QAAQ;AAEZ,SAAO,mBAAmB,UAAa,SAAS,UAAU;AACxD,OAAI,QAAQ,IAAI,eAAe,CAAE;AACjC,WAAQ,IAAI,eAAe;AAC3B,OAAI,gBAAiB,mBAAkB,KAAK,eAAe;GAE3D,MAAM,aAAa,MAAM,IAAI,GAC1B,MAAM,cAAc,CACpB,UAAU,qBAAqB,MAC9B,EAAE,GAAG,WAAW,eAAgB,CAAC,GAAG,UAAU,KAAK,OAAO,CAC3D,CACA,QAAQ;AAEX,OAAI,eAAe,KACjB,QAAO;IACL;IACA,gBAAgB;IAChB;IACA,UAAU,UAAU;IACpB,aAAa,QAAQ;IACrB,GAAI,kBAAkB,EAAE,mBAAmB,GAAG,EAAE;IACjD;GAGH,MAAM,WACJ,MAAM,IAAI,GAAG,IAAI,eAAe;AAClC,OAAI,CAAC,UAAU,cAAe;AAC9B,oBAAiB,SAAS;AAC1B;;AAGF,SAAO;GACL,YAAY;GACZ,gBAAgB;GAChB,OAAO;GACP,UAAU;GACV,aAAa;GACb,GAAI,kBAAkB,EAAE,mBAAmB,GAAG,EAAE;GACjD;;CAEJ,CAAC;;;;;;;;;;;;;;;;;;AAmBF,MAAa,eAAe,SAAS;CACnC,MAAM,EAAE,UAAU,EAAE,GAAG,cAAc,EAAE;CACvC,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,eAAe;AACpC,QAAM,IAAI,GAAG,OAAO,eAAe,SAAS;AAC5C,SAAO;;CAEV,CAAC;;;;;;;;;;;;;;;;;;;;;;;AAwBF,MAAa,eAAe,SAAS;CACnC,MAAM;EAAE,UAAU,EAAE,GAAG,cAAc;EAAE,MAAM,EAAE,KAAK;EAAE;CACtD,SAAS,EAAE,MAAM;CACjB,SAAS,OAAO,KAAK,EAAE,UAAU,WAAW;AAC1C,QAAM,IAAI,GAAG,MAAM,eAAe,UAAU,KAAK;AACjD,SAAO;;CAEV,CAAC"}
|