@sanity/cli 3.70.1-export-comments.11 → 3.70.1-export-comments.45

package/lib/_chunks-cjs/cli.js

@@ -26600,8 +26600,9 @@ const DISALLOWED_PATHS = [
   "/.github/"
 ], ENV_VAR = {
   ...templateValidator.REQUIRED_ENV_VAR,
-  READ_TOKEN: "SANITY_API_READ_TOKEN"
-};
+  READ_TOKEN: "SANITY_API_READ_TOKEN",
+  WRITE_TOKEN: "SANITY_API_WRITE_TOKEN"
+}, API_READ_TOKEN_ROLE = "viewer", API_WRITE_TOKEN_ROLE = "editor";
 function getGitHubRawContentUrl(repoInfo) {
   const { username, name, branch, filePath } = repoInfo;
   return `https://raw.githubusercontent.com/${username}/${name}/${branch}/${filePath}`;
@@ -26688,12 +26689,12 @@ async function downloadAndExtractRepo(root2, { username, name, branch, filePath
     })
   );
 }
-async function checkNeedsReadToken(root2) {
+async function checkIfNeedsApiToken(root2, type2) {
   try {
     const templatePath = await Promise.any(
       templateValidator.ENV_TEMPLATE_FILES.map(async (file) => (await fs.access(path$3.join(root2, file)), file))
     );
-    return (await fs.readFile(path$3.join(root2, templatePath), "utf8")).includes(ENV_VAR.READ_TOKEN);
+    return (await fs.readFile(path$3.join(root2, templatePath), "utf8")).includes(type2 === "read" ? ENV_VAR.READ_TOKEN : ENV_VAR.WRITE_TOKEN);
   } catch {
     return !1;
   }
@@ -26738,14 +26739,13 @@ async function tryApplyPackageName(root2, name) {
   } catch {
   }
 }
-async function generateSanityApiReadToken(label, projectId, apiClient) {
+async function generateSanityApiToken(label, type2, projectId, apiClient) {
   return (await apiClient({ requireProject: !1, requireUser: !0 }).config({ apiVersion: "v2021-06-07" }).request({
     uri: `/projects/${projectId}/tokens`,
     method: "POST",
     body: {
       label: `${label} (${Date.now()})`,
-      // Add timestamp to ensure uniqueness
-      roleName: "viewer"
+      roleName: type2 === "read" ? API_READ_TOKEN_ROLE : API_WRITE_TOKEN_ROLE
     }
   })).key;
 }
@@ -51892,7 +51892,7 @@ function isInMercurialRepository(rootDir) {
   }
   return !1;
 }
-const SANITY_DEFAULT_PORT = 3333, READ_TOKEN_LABEL = "Live Preview API", INITIAL_COMMIT_MESSAGE = "Initial commit from Sanity CLI";
+const SANITY_DEFAULT_PORT = 3333, READ_TOKEN_LABEL = "Live Preview API", WRITE_TOKEN_LABEL = "App Write Token", INITIAL_COMMIT_MESSAGE = "Initial commit from Sanity CLI";
 async function bootstrapRemoteTemplate(opts, context) {
   const { outputPath, repoInfo, bearerToken, variables, packageName } = opts, { output, apiClient } = context, name = [repoInfo.username, repoInfo.name, repoInfo.filePath].filter(Boolean).join("/"), contentsUrl = getGitHubRawContentUrl(repoInfo), headers = {};
   bearerToken && (headers.Authorization = `Bearer ${bearerToken}`);
@@ -51904,10 +51904,12 @@ async function bootstrapRemoteTemplate(opts, context) {
 `));
   loadEnv.debug('Create new directory "%s"', outputPath), await fs.mkdir(outputPath, { recursive: !0 }), loadEnv.debug("Downloading and extracting repo to %s", outputPath), await downloadAndExtractRepo(outputPath, repoInfo, bearerToken), loadEnv.debug("Checking if template needs read token");
   const needsReadToken = await Promise.all(
-    (packages ?? [""]).map((pkg) => checkNeedsReadToken(path$3.join(outputPath, pkg)))
+    (packages ?? [""]).map((pkg) => checkIfNeedsApiToken(path$3.join(outputPath, pkg), "read"))
+  ).then((results) => results.some(Boolean)), needsWriteToken = await Promise.all(
+    (packages ?? [""]).map((pkg) => checkIfNeedsApiToken(path$3.join(outputPath, pkg), "write"))
   ).then((results) => results.some(Boolean));
   loadEnv.debug("Applying environment variables");
-  const readToken = needsReadToken ? await generateSanityApiReadToken(READ_TOKEN_LABEL, variables.projectId, apiClient) : void 0;
+  const readToken = needsReadToken ? await generateSanityApiToken(READ_TOKEN_LABEL, "read", variables.projectId, apiClient) : void 0, writeToken = needsWriteToken ? await generateSanityApiToken(WRITE_TOKEN_LABEL, "write", variables.projectId, apiClient) : void 0;
   for (const pkg of packages ?? [""]) {
     const packagePath = path$3.join(outputPath, pkg), packageFramework = await distExports.detectFrameworkRecord({
       fs: new distExports.LocalFileSystemDetector(packagePath),
@@ -51917,7 +51919,7 @@ async function bootstrapRemoteTemplate(opts, context) {
     const envName = packageFramework?.slug === "nextjs" ? ".env.local" : ".env";
     await applyEnvVariables(packagePath, { ...variables, readToken }, envName);
   }
-  loadEnv.debug("Setting package name to %s", packageName), await tryApplyPackageName(outputPath, packageName), loadEnv.debug("Initializing git repository"), tryGitInit(outputPath, INITIAL_COMMIT_MESSAGE), loadEnv.debug("Updating initial template metadata"), await updateInitialTemplateMetadata(apiClient, variables.projectId, `external-${name}`), spinner.succeed(), corsAdded.length && output.success(`CORS origins added (${corsAdded.map((p) => `localhost:${p}`).join(", ")})`), readToken && output.success(`API token generated (${READ_TOKEN_LABEL})`);
+  loadEnv.debug("Setting package name to %s", packageName), await tryApplyPackageName(outputPath, packageName), loadEnv.debug("Initializing git repository"), tryGitInit(outputPath, INITIAL_COMMIT_MESSAGE), loadEnv.debug("Updating initial template metadata"), await updateInitialTemplateMetadata(apiClient, variables.projectId, `external-${name}`), spinner.succeed(), corsAdded.length && output.success(`CORS origins added (${corsAdded.map((p) => `localhost:${p}`).join(", ")})`), readToken && output.success(`API token generated (${READ_TOKEN_LABEL})`), writeToken && output.success(`API token generated (${WRITE_TOKEN_LABEL})`);
 }
 function validateEmptyPath(dir) {
   const checkPath = absolutify(dir);