@scalekit-sdk/node 2.1.7 → 2.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/buf.gen.yaml +1 -0
- package/lib/auth.d.ts +41 -9
- package/lib/auth.js +44 -12
- package/lib/auth.js.map +1 -1
- package/lib/connection.d.ts +195 -21
- package/lib/connection.js +197 -23
- package/lib/connection.js.map +1 -1
- package/lib/core.d.ts +2 -2
- package/lib/core.js +13 -12
- package/lib/core.js.map +1 -1
- package/lib/directory.d.ts +293 -40
- package/lib/directory.js +308 -44
- package/lib/directory.js.map +1 -1
- package/lib/domain.d.ts +166 -18
- package/lib/domain.js +178 -29
- package/lib/domain.js.map +1 -1
- package/lib/organization.d.ts +404 -44
- package/lib/organization.js +419 -54
- package/lib/organization.js.map +1 -1
- package/lib/permission.d.ts +179 -35
- package/lib/permission.js +190 -38
- package/lib/permission.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.d.ts +3 -3
- package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.js +2 -2
- package/lib/pkg/grpc/scalekit/v1/auth/auth_connect.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.d.ts +16 -16
- package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.js +21 -21
- package/lib/pkg/grpc/scalekit/v1/auth/auth_pb.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.d.ts +82 -0
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.js +90 -0
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_connect.js.map +1 -0
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.d.ts +647 -0
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.js +993 -0
- package/lib/pkg/grpc/scalekit/v1/auth/webauthn_pb.js.map +1 -0
- package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.d.ts +142 -0
- package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.js +165 -1
- package/lib/pkg/grpc/scalekit/v1/commons/commons_pb.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.d.ts +1 -10
- package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.js +0 -9
- package/lib/pkg/grpc/scalekit/v1/connections/connections_connect.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.d.ts +28 -63
- package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.js +9 -90
- package/lib/pkg/grpc/scalekit/v1/connections/connections_pb.js.map +1 -1
- package/lib/pkg/grpc/scalekit/v1/users/users_pb.d.ts +2 -2
- package/lib/pkg/grpc/scalekit/v1/users/users_pb.js +1 -1
- package/lib/pkg/grpc/scalekit/v1/users/users_pb.js.map +1 -1
- package/lib/role.d.ts +252 -56
- package/lib/role.js +262 -62
- package/lib/role.js.map +1 -1
- package/lib/scalekit.d.ts +323 -54
- package/lib/scalekit.js +354 -76
- package/lib/scalekit.js.map +1 -1
- package/lib/session.d.ts +235 -22
- package/lib/session.js +237 -24
- package/lib/session.js.map +1 -1
- package/lib/user.d.ts +571 -53
- package/lib/user.js +598 -89
- package/lib/user.js.map +1 -1
- package/lib/webauthn.d.ts +33 -0
- package/lib/webauthn.js +80 -0
- package/lib/webauthn.js.map +1 -0
- package/package.json +2 -2
- package/src/auth.ts +53 -19
- package/src/connection.ts +237 -62
- package/src/core.ts +39 -33
- package/src/directory.ts +356 -98
- package/src/domain.ts +215 -68
- package/src/organization.ts +490 -112
- package/src/permission.ts +234 -88
- package/src/pkg/grpc/scalekit/v1/auth/auth_connect.ts +3 -3
- package/src/pkg/grpc/scalekit/v1/auth/auth_pb.ts +24 -24
- package/src/pkg/grpc/scalekit/v1/auth/webauthn_connect.ts +89 -0
- package/src/pkg/grpc/scalekit/v1/auth/webauthn_pb.ts +1263 -0
- package/src/pkg/grpc/scalekit/v1/commons/commons_pb.ts +217 -0
- package/src/pkg/grpc/scalekit/v1/connections/connections_connect.ts +1 -10
- package/src/pkg/grpc/scalekit/v1/connections/connections_pb.ts +42 -129
- package/src/pkg/grpc/scalekit/v1/users/users_pb.ts +3 -3
- package/src/role.ts +336 -136
- package/src/scalekit.ts +478 -149
- package/src/session.ts +266 -63
- package/src/user.ts +675 -168
- package/src/webauthn.ts +98 -0
package/lib/permission.d.ts
CHANGED
|
@@ -1,68 +1,212 @@
|
|
|
1
|
-
import { Empty } from
|
|
2
|
-
import GrpcConnect from
|
|
3
|
-
import CoreClient from
|
|
4
|
-
import { CreatePermissionResponse, GetPermissionResponse, UpdatePermissionResponse, ListPermissionsResponse, ListRolePermissionsResponse, AddPermissionsToRoleResponse, ListEffectiveRolePermissionsResponse, CreatePermission } from
|
|
1
|
+
import { Empty } from "@bufbuild/protobuf";
|
|
2
|
+
import GrpcConnect from "./connect";
|
|
3
|
+
import CoreClient from "./core";
|
|
4
|
+
import { CreatePermissionResponse, GetPermissionResponse, UpdatePermissionResponse, ListPermissionsResponse, ListRolePermissionsResponse, AddPermissionsToRoleResponse, ListEffectiveRolePermissionsResponse, CreatePermission } from "./pkg/grpc/scalekit/v1/roles/roles_pb";
|
|
5
|
+
/**
|
|
6
|
+
* Client for managing permissions and role-permission assignments.
|
|
7
|
+
*
|
|
8
|
+
* Permissions represent granular access controls defining specific actions users can perform
|
|
9
|
+
* on resources (e.g., 'read:documents', 'write:settings', 'delete:users'). This client provides
|
|
10
|
+
* comprehensive permission management including CRUD operations and role assignment.
|
|
11
|
+
*
|
|
12
|
+
* **Key Concepts:**
|
|
13
|
+
* - **Direct Permissions**: Explicitly assigned to a role
|
|
14
|
+
* - **Effective Permissions**: Direct + inherited from parent roles through hierarchy
|
|
15
|
+
* - **Permission Format**: 'action:resource' (e.g., 'read:invoices', 'admin:users')
|
|
16
|
+
*
|
|
17
|
+
* @example
|
|
18
|
+
* const scalekitClient = new ScalekitClient(envUrl, clientId, clientSecret);
|
|
19
|
+
* const permissionClient = scalekitClient.permission;
|
|
20
|
+
*
|
|
21
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Permission API Documentation}
|
|
22
|
+
*/
|
|
5
23
|
export default class PermissionClient {
|
|
6
24
|
private readonly grpcConnect;
|
|
7
25
|
private readonly coreClient;
|
|
8
26
|
private client;
|
|
9
27
|
constructor(grpcConnect: GrpcConnect, coreClient: CoreClient);
|
|
10
28
|
/**
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
29
|
+
* Creates a new permission defining a specific action users can perform.
|
|
30
|
+
*
|
|
31
|
+
* Permissions represent granular access controls following the 'action:resource' format.
|
|
32
|
+
* Use this to define the building blocks of your access control system.
|
|
33
|
+
*
|
|
34
|
+
* @param {CreatePermission} permission - Permission object containing:
|
|
35
|
+
* - name: Permission identifier in 'action:resource' format (e.g., 'read:documents', 'write:settings')
|
|
36
|
+
* - description: Optional explanation of what this permission grants
|
|
37
|
+
*
|
|
38
|
+
* @returns {Promise<CreatePermissionResponse>} Created permission with ID and timestamps
|
|
39
|
+
*
|
|
40
|
+
* @example
|
|
41
|
+
* // Create basic permissions
|
|
42
|
+
* await scalekitClient.permission.createPermission({
|
|
43
|
+
* name: 'read:invoices',
|
|
44
|
+
* description: 'View invoice details'
|
|
45
|
+
* });
|
|
46
|
+
|
|
47
|
+
*
|
|
48
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Create Permission API}
|
|
14
49
|
*/
|
|
15
50
|
createPermission(permission: CreatePermission): Promise<CreatePermissionResponse>;
|
|
16
51
|
/**
|
|
17
|
-
*
|
|
18
|
-
*
|
|
19
|
-
* @
|
|
52
|
+
* Retrieves complete information for a specific permission.
|
|
53
|
+
*
|
|
54
|
+
* @param {string} permissionName - Permission identifier (e.g., 'read:documents')
|
|
55
|
+
*
|
|
56
|
+
* @returns {Promise<GetPermissionResponse>} Permission details including description and timestamps
|
|
57
|
+
*
|
|
58
|
+
* @example
|
|
59
|
+
* const response = await scalekitClient.permission.getPermission('read:invoices');
|
|
60
|
+
* console.log('Description:', response.permission.description);
|
|
61
|
+
*
|
|
62
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Get Permission API}
|
|
20
63
|
*/
|
|
21
64
|
getPermission(permissionName: string): Promise<GetPermissionResponse>;
|
|
22
65
|
/**
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
26
|
-
*
|
|
66
|
+
* Lists all permissions with pagination support.
|
|
67
|
+
*
|
|
68
|
+
* View all permission definitions for auditing, role management, or understanding available access controls.
|
|
69
|
+
*
|
|
70
|
+
* @param {string} [pageToken] - Token for retrieving the next page
|
|
71
|
+
* @param {number} [pageSize] - Number of permissions per page (max: 100)
|
|
72
|
+
*
|
|
73
|
+
* @returns {Promise<ListPermissionsResponse>} Paginated list of permissions
|
|
74
|
+
*
|
|
75
|
+
* @example
|
|
76
|
+
* // List all permissions
|
|
77
|
+
* const response = await scalekitClient.permission.listPermissions();
|
|
78
|
+
* response.permissions.forEach(perm => {
|
|
79
|
+
* console.log(`${perm.name}: ${perm.description}`);
|
|
80
|
+
* });
|
|
81
|
+
*
|
|
82
|
+
* @example
|
|
83
|
+
* // Paginate through permissions
|
|
84
|
+
* let pageToken = undefined;
|
|
85
|
+
* do {
|
|
86
|
+
* const response = await scalekitClient.permission.listPermissions(pageToken, 50);
|
|
87
|
+
* // Process permissions
|
|
88
|
+
* pageToken = response.nextPageToken;
|
|
89
|
+
* } while (pageToken);
|
|
90
|
+
*
|
|
91
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Permissions API}
|
|
27
92
|
*/
|
|
28
93
|
listPermissions(pageToken?: string, pageSize?: number): Promise<ListPermissionsResponse>;
|
|
29
94
|
/**
|
|
30
|
-
*
|
|
31
|
-
*
|
|
32
|
-
*
|
|
33
|
-
*
|
|
95
|
+
* Updates an existing permission's attributes.
|
|
96
|
+
*
|
|
97
|
+
* Note: The permission name itself cannot be changed as it serves as the immutable identifier.
|
|
98
|
+
*
|
|
99
|
+
* @param {string} permissionName - Permission to update
|
|
100
|
+
* @param {CreatePermission} permission - Updated permission properties
|
|
101
|
+
*
|
|
102
|
+
* @returns {Promise<UpdatePermissionResponse>} Updated permission details
|
|
103
|
+
*
|
|
104
|
+
* @example
|
|
105
|
+
* await scalekitClient.permission.updatePermission('read:invoices', {
|
|
106
|
+
* name: 'read:invoices',
|
|
107
|
+
* description: 'View invoice details and history (updated)'
|
|
108
|
+
* });
|
|
109
|
+
*
|
|
110
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Update Permission API}
|
|
34
111
|
*/
|
|
35
112
|
updatePermission(permissionName: string, permission: CreatePermission): Promise<UpdatePermissionResponse>;
|
|
36
113
|
/**
|
|
37
|
-
*
|
|
38
|
-
*
|
|
39
|
-
*
|
|
114
|
+
* Permanently removes a permission.
|
|
115
|
+
*
|
|
116
|
+
* Ensure no active roles depend on the permission before deletion.
|
|
117
|
+
*
|
|
118
|
+
* @param {string} permissionName - Permission identifier to delete
|
|
119
|
+
*
|
|
120
|
+
* @returns {Promise<Empty>} Empty response on success
|
|
121
|
+
*
|
|
122
|
+
* @example
|
|
123
|
+
* await scalekitClient.permission.deletePermission('deprecated:feature');
|
|
124
|
+
*
|
|
125
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Delete Permission API}
|
|
40
126
|
*/
|
|
41
127
|
deletePermission(permissionName: string): Promise<Empty>;
|
|
42
128
|
/**
|
|
43
|
-
*
|
|
44
|
-
*
|
|
45
|
-
*
|
|
129
|
+
* Lists direct permissions assigned to a role (excluding inherited permissions).
|
|
130
|
+
*
|
|
131
|
+
* Use this to view explicit permission assignments without inheritance from base roles.
|
|
132
|
+
*
|
|
133
|
+
* @param {string} roleName - Role to examine
|
|
134
|
+
*
|
|
135
|
+
* @returns {Promise<ListRolePermissionsResponse>} List of directly assigned permissions only
|
|
136
|
+
*
|
|
137
|
+
* @example
|
|
138
|
+
* const response = await scalekitClient.permission.listRolePermissions('editor');
|
|
139
|
+
* console.log('Direct permissions:', response.permissions);
|
|
140
|
+
*
|
|
141
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Role Permissions API}
|
|
142
|
+
* @see {@link listEffectiveRolePermissions} - Get all permissions including inherited
|
|
46
143
|
*/
|
|
47
144
|
listRolePermissions(roleName: string): Promise<ListRolePermissionsResponse>;
|
|
48
145
|
/**
|
|
49
|
-
*
|
|
50
|
-
*
|
|
51
|
-
*
|
|
52
|
-
*
|
|
146
|
+
* Grants additional permissions to a role without removing existing assignments.
|
|
147
|
+
*
|
|
148
|
+
* This is an incremental operation that adds new permissions while preserving existing ones.
|
|
149
|
+
* System validates permission existence before assignment.
|
|
150
|
+
*
|
|
151
|
+
* @param {string} roleName - Target role to enhance
|
|
152
|
+
* @param {string[]} permissionNames - Array of permission identifiers to add
|
|
153
|
+
*
|
|
154
|
+
* @returns {Promise<AddPermissionsToRoleResponse>} Updated list of all role permissions
|
|
155
|
+
*
|
|
156
|
+
* @example
|
|
157
|
+
* // Add multiple permissions to a role
|
|
158
|
+
* await scalekitClient.permission.addPermissionsToRole('editor', [
|
|
159
|
+
* 'read:documents',
|
|
160
|
+
* 'write:documents',
|
|
161
|
+
* 'edit:documents'
|
|
162
|
+
* ]);
|
|
163
|
+
*
|
|
164
|
+
* @example
|
|
165
|
+
* // Incrementally add permissions
|
|
166
|
+
* await scalekitClient.permission.addPermissionsToRole('support', ['read:tickets']);
|
|
167
|
+
* await scalekitClient.permission.addPermissionsToRole('support', ['update:tickets']);
|
|
168
|
+
*
|
|
169
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Add Permissions to Role API}
|
|
53
170
|
*/
|
|
54
171
|
addPermissionsToRole(roleName: string, permissionNames: string[]): Promise<AddPermissionsToRoleResponse>;
|
|
55
172
|
/**
|
|
56
|
-
*
|
|
57
|
-
*
|
|
58
|
-
*
|
|
59
|
-
*
|
|
173
|
+
* Revokes a specific permission from a role, restricting access for all assigned users.
|
|
174
|
+
*
|
|
175
|
+
* Only affects direct assignments; doesn't impact inherited permissions from base roles.
|
|
176
|
+
*
|
|
177
|
+
* @param {string} roleName - Role to modify
|
|
178
|
+
* @param {string} permissionName - Permission to remove
|
|
179
|
+
*
|
|
180
|
+
* @returns {Promise<Empty>} Empty response on success
|
|
181
|
+
*
|
|
182
|
+
* @example
|
|
183
|
+
* // Remove delete permission from editor role
|
|
184
|
+
* await scalekitClient.permission.removePermissionFromRole('editor', 'delete:documents');
|
|
185
|
+
*
|
|
186
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Remove Permission from Role API}
|
|
60
187
|
*/
|
|
61
188
|
removePermissionFromRole(roleName: string, permissionName: string): Promise<Empty>;
|
|
62
189
|
/**
|
|
63
|
-
*
|
|
64
|
-
*
|
|
65
|
-
*
|
|
190
|
+
* Lists all effective permissions for a role including both direct and inherited permissions.
|
|
191
|
+
*
|
|
192
|
+
* This returns the complete set of capabilities available through the role hierarchy.
|
|
193
|
+
* Essential for understanding the full scope of access granted to users assigned to this role.
|
|
194
|
+
*
|
|
195
|
+
* @param {string} roleName - Role to analyze
|
|
196
|
+
*
|
|
197
|
+
* @returns {Promise<ListEffectiveRolePermissionsResponse>} Complete list including inherited permissions
|
|
198
|
+
*
|
|
199
|
+
* @example
|
|
200
|
+
* // Compare direct vs effective permissions
|
|
201
|
+
* const direct = await scalekitClient.permission.listRolePermissions('senior_editor');
|
|
202
|
+
* const effective = await scalekitClient.permission.listEffectiveRolePermissions('senior_editor');
|
|
203
|
+
*
|
|
204
|
+
* console.log('Direct permissions:', direct.permissions.length);
|
|
205
|
+
* console.log('Total effective permissions:', effective.permissions.length);
|
|
206
|
+
* console.log('Inherited:', effective.permissions.length - direct.permissions.length);
|
|
207
|
+
*
|
|
208
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Effective Role Permissions API}
|
|
209
|
+
* @see {@link listRolePermissions} - Get only direct permissions
|
|
66
210
|
*/
|
|
67
211
|
listEffectiveRolePermissions(roleName: string): Promise<ListEffectiveRolePermissionsResponse>;
|
|
68
212
|
}
|
package/lib/permission.js
CHANGED
|
@@ -10,6 +10,24 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
const roles_connect_1 = require("./pkg/grpc/scalekit/v1/roles/roles_connect");
|
|
13
|
+
/**
|
|
14
|
+
* Client for managing permissions and role-permission assignments.
|
|
15
|
+
*
|
|
16
|
+
* Permissions represent granular access controls defining specific actions users can perform
|
|
17
|
+
* on resources (e.g., 'read:documents', 'write:settings', 'delete:users'). This client provides
|
|
18
|
+
* comprehensive permission management including CRUD operations and role assignment.
|
|
19
|
+
*
|
|
20
|
+
* **Key Concepts:**
|
|
21
|
+
* - **Direct Permissions**: Explicitly assigned to a role
|
|
22
|
+
* - **Effective Permissions**: Direct + inherited from parent roles through hierarchy
|
|
23
|
+
* - **Permission Format**: 'action:resource' (e.g., 'read:invoices', 'admin:users')
|
|
24
|
+
*
|
|
25
|
+
* @example
|
|
26
|
+
* const scalekitClient = new ScalekitClient(envUrl, clientId, clientSecret);
|
|
27
|
+
* const permissionClient = scalekitClient.permission;
|
|
28
|
+
*
|
|
29
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Permission API Documentation}
|
|
30
|
+
*/
|
|
13
31
|
class PermissionClient {
|
|
14
32
|
constructor(grpcConnect, coreClient) {
|
|
15
33
|
this.grpcConnect = grpcConnect;
|
|
@@ -17,30 +35,81 @@ class PermissionClient {
|
|
|
17
35
|
this.client = this.grpcConnect.createClient(roles_connect_1.RolesService);
|
|
18
36
|
}
|
|
19
37
|
/**
|
|
20
|
-
*
|
|
21
|
-
*
|
|
22
|
-
*
|
|
38
|
+
* Creates a new permission defining a specific action users can perform.
|
|
39
|
+
*
|
|
40
|
+
* Permissions represent granular access controls following the 'action:resource' format.
|
|
41
|
+
* Use this to define the building blocks of your access control system.
|
|
42
|
+
*
|
|
43
|
+
* @param {CreatePermission} permission - Permission object containing:
|
|
44
|
+
* - name: Permission identifier in 'action:resource' format (e.g., 'read:documents', 'write:settings')
|
|
45
|
+
* - description: Optional explanation of what this permission grants
|
|
46
|
+
*
|
|
47
|
+
* @returns {Promise<CreatePermissionResponse>} Created permission with ID and timestamps
|
|
48
|
+
*
|
|
49
|
+
* @example
|
|
50
|
+
* // Create basic permissions
|
|
51
|
+
* await scalekitClient.permission.createPermission({
|
|
52
|
+
* name: 'read:invoices',
|
|
53
|
+
* description: 'View invoice details'
|
|
54
|
+
* });
|
|
55
|
+
|
|
56
|
+
*
|
|
57
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Create Permission API}
|
|
23
58
|
*/
|
|
24
59
|
createPermission(permission) {
|
|
25
60
|
return __awaiter(this, void 0, void 0, function* () {
|
|
26
|
-
return this.coreClient.connectExec(this.client.createPermission, {
|
|
61
|
+
return this.coreClient.connectExec(this.client.createPermission, {
|
|
62
|
+
permission,
|
|
63
|
+
});
|
|
27
64
|
});
|
|
28
65
|
}
|
|
29
66
|
/**
|
|
30
|
-
*
|
|
31
|
-
*
|
|
32
|
-
* @
|
|
67
|
+
* Retrieves complete information for a specific permission.
|
|
68
|
+
*
|
|
69
|
+
* @param {string} permissionName - Permission identifier (e.g., 'read:documents')
|
|
70
|
+
*
|
|
71
|
+
* @returns {Promise<GetPermissionResponse>} Permission details including description and timestamps
|
|
72
|
+
*
|
|
73
|
+
* @example
|
|
74
|
+
* const response = await scalekitClient.permission.getPermission('read:invoices');
|
|
75
|
+
* console.log('Description:', response.permission.description);
|
|
76
|
+
*
|
|
77
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Get Permission API}
|
|
33
78
|
*/
|
|
34
79
|
getPermission(permissionName) {
|
|
35
80
|
return __awaiter(this, void 0, void 0, function* () {
|
|
36
|
-
return this.coreClient.connectExec(this.client.getPermission, {
|
|
81
|
+
return this.coreClient.connectExec(this.client.getPermission, {
|
|
82
|
+
permissionName,
|
|
83
|
+
});
|
|
37
84
|
});
|
|
38
85
|
}
|
|
39
86
|
/**
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
43
|
-
*
|
|
87
|
+
* Lists all permissions with pagination support.
|
|
88
|
+
*
|
|
89
|
+
* View all permission definitions for auditing, role management, or understanding available access controls.
|
|
90
|
+
*
|
|
91
|
+
* @param {string} [pageToken] - Token for retrieving the next page
|
|
92
|
+
* @param {number} [pageSize] - Number of permissions per page (max: 100)
|
|
93
|
+
*
|
|
94
|
+
* @returns {Promise<ListPermissionsResponse>} Paginated list of permissions
|
|
95
|
+
*
|
|
96
|
+
* @example
|
|
97
|
+
* // List all permissions
|
|
98
|
+
* const response = await scalekitClient.permission.listPermissions();
|
|
99
|
+
* response.permissions.forEach(perm => {
|
|
100
|
+
* console.log(`${perm.name}: ${perm.description}`);
|
|
101
|
+
* });
|
|
102
|
+
*
|
|
103
|
+
* @example
|
|
104
|
+
* // Paginate through permissions
|
|
105
|
+
* let pageToken = undefined;
|
|
106
|
+
* do {
|
|
107
|
+
* const response = await scalekitClient.permission.listPermissions(pageToken, 50);
|
|
108
|
+
* // Process permissions
|
|
109
|
+
* pageToken = response.nextPageToken;
|
|
110
|
+
* } while (pageToken);
|
|
111
|
+
*
|
|
112
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Permissions API}
|
|
44
113
|
*/
|
|
45
114
|
listPermissions(pageToken, pageSize) {
|
|
46
115
|
return __awaiter(this, void 0, void 0, function* () {
|
|
@@ -55,71 +124,154 @@ class PermissionClient {
|
|
|
55
124
|
});
|
|
56
125
|
}
|
|
57
126
|
/**
|
|
58
|
-
*
|
|
59
|
-
*
|
|
60
|
-
*
|
|
61
|
-
*
|
|
127
|
+
* Updates an existing permission's attributes.
|
|
128
|
+
*
|
|
129
|
+
* Note: The permission name itself cannot be changed as it serves as the immutable identifier.
|
|
130
|
+
*
|
|
131
|
+
* @param {string} permissionName - Permission to update
|
|
132
|
+
* @param {CreatePermission} permission - Updated permission properties
|
|
133
|
+
*
|
|
134
|
+
* @returns {Promise<UpdatePermissionResponse>} Updated permission details
|
|
135
|
+
*
|
|
136
|
+
* @example
|
|
137
|
+
* await scalekitClient.permission.updatePermission('read:invoices', {
|
|
138
|
+
* name: 'read:invoices',
|
|
139
|
+
* description: 'View invoice details and history (updated)'
|
|
140
|
+
* });
|
|
141
|
+
*
|
|
142
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Update Permission API}
|
|
62
143
|
*/
|
|
63
144
|
updatePermission(permissionName, permission) {
|
|
64
145
|
return __awaiter(this, void 0, void 0, function* () {
|
|
65
146
|
return this.coreClient.connectExec(this.client.updatePermission, {
|
|
66
147
|
permissionName,
|
|
67
|
-
permission
|
|
148
|
+
permission,
|
|
68
149
|
});
|
|
69
150
|
});
|
|
70
151
|
}
|
|
71
152
|
/**
|
|
72
|
-
*
|
|
73
|
-
*
|
|
74
|
-
*
|
|
153
|
+
* Permanently removes a permission.
|
|
154
|
+
*
|
|
155
|
+
* Ensure no active roles depend on the permission before deletion.
|
|
156
|
+
*
|
|
157
|
+
* @param {string} permissionName - Permission identifier to delete
|
|
158
|
+
*
|
|
159
|
+
* @returns {Promise<Empty>} Empty response on success
|
|
160
|
+
*
|
|
161
|
+
* @example
|
|
162
|
+
* await scalekitClient.permission.deletePermission('deprecated:feature');
|
|
163
|
+
*
|
|
164
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Delete Permission API}
|
|
75
165
|
*/
|
|
76
166
|
deletePermission(permissionName) {
|
|
77
167
|
return __awaiter(this, void 0, void 0, function* () {
|
|
78
|
-
return this.coreClient.connectExec(this.client.deletePermission, {
|
|
168
|
+
return this.coreClient.connectExec(this.client.deletePermission, {
|
|
169
|
+
permissionName,
|
|
170
|
+
});
|
|
79
171
|
});
|
|
80
172
|
}
|
|
81
173
|
/**
|
|
82
|
-
*
|
|
83
|
-
*
|
|
84
|
-
*
|
|
174
|
+
* Lists direct permissions assigned to a role (excluding inherited permissions).
|
|
175
|
+
*
|
|
176
|
+
* Use this to view explicit permission assignments without inheritance from base roles.
|
|
177
|
+
*
|
|
178
|
+
* @param {string} roleName - Role to examine
|
|
179
|
+
*
|
|
180
|
+
* @returns {Promise<ListRolePermissionsResponse>} List of directly assigned permissions only
|
|
181
|
+
*
|
|
182
|
+
* @example
|
|
183
|
+
* const response = await scalekitClient.permission.listRolePermissions('editor');
|
|
184
|
+
* console.log('Direct permissions:', response.permissions);
|
|
185
|
+
*
|
|
186
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Role Permissions API}
|
|
187
|
+
* @see {@link listEffectiveRolePermissions} - Get all permissions including inherited
|
|
85
188
|
*/
|
|
86
189
|
listRolePermissions(roleName) {
|
|
87
190
|
return __awaiter(this, void 0, void 0, function* () {
|
|
88
|
-
return this.coreClient.connectExec(this.client.listRolePermissions, {
|
|
191
|
+
return this.coreClient.connectExec(this.client.listRolePermissions, {
|
|
192
|
+
roleName,
|
|
193
|
+
});
|
|
89
194
|
});
|
|
90
195
|
}
|
|
91
196
|
/**
|
|
92
|
-
*
|
|
93
|
-
*
|
|
94
|
-
*
|
|
95
|
-
*
|
|
197
|
+
* Grants additional permissions to a role without removing existing assignments.
|
|
198
|
+
*
|
|
199
|
+
* This is an incremental operation that adds new permissions while preserving existing ones.
|
|
200
|
+
* System validates permission existence before assignment.
|
|
201
|
+
*
|
|
202
|
+
* @param {string} roleName - Target role to enhance
|
|
203
|
+
* @param {string[]} permissionNames - Array of permission identifiers to add
|
|
204
|
+
*
|
|
205
|
+
* @returns {Promise<AddPermissionsToRoleResponse>} Updated list of all role permissions
|
|
206
|
+
*
|
|
207
|
+
* @example
|
|
208
|
+
* // Add multiple permissions to a role
|
|
209
|
+
* await scalekitClient.permission.addPermissionsToRole('editor', [
|
|
210
|
+
* 'read:documents',
|
|
211
|
+
* 'write:documents',
|
|
212
|
+
* 'edit:documents'
|
|
213
|
+
* ]);
|
|
214
|
+
*
|
|
215
|
+
* @example
|
|
216
|
+
* // Incrementally add permissions
|
|
217
|
+
* await scalekitClient.permission.addPermissionsToRole('support', ['read:tickets']);
|
|
218
|
+
* await scalekitClient.permission.addPermissionsToRole('support', ['update:tickets']);
|
|
219
|
+
*
|
|
220
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Add Permissions to Role API}
|
|
96
221
|
*/
|
|
97
222
|
addPermissionsToRole(roleName, permissionNames) {
|
|
98
223
|
return __awaiter(this, void 0, void 0, function* () {
|
|
99
224
|
return this.coreClient.connectExec(this.client.addPermissionsToRole, {
|
|
100
225
|
roleName,
|
|
101
|
-
permissionNames
|
|
226
|
+
permissionNames,
|
|
102
227
|
});
|
|
103
228
|
});
|
|
104
229
|
}
|
|
105
230
|
/**
|
|
106
|
-
*
|
|
107
|
-
*
|
|
108
|
-
*
|
|
109
|
-
*
|
|
231
|
+
* Revokes a specific permission from a role, restricting access for all assigned users.
|
|
232
|
+
*
|
|
233
|
+
* Only affects direct assignments; doesn't impact inherited permissions from base roles.
|
|
234
|
+
*
|
|
235
|
+
* @param {string} roleName - Role to modify
|
|
236
|
+
* @param {string} permissionName - Permission to remove
|
|
237
|
+
*
|
|
238
|
+
* @returns {Promise<Empty>} Empty response on success
|
|
239
|
+
*
|
|
240
|
+
* @example
|
|
241
|
+
* // Remove delete permission from editor role
|
|
242
|
+
* await scalekitClient.permission.removePermissionFromRole('editor', 'delete:documents');
|
|
243
|
+
*
|
|
244
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | Remove Permission from Role API}
|
|
110
245
|
*/
|
|
111
246
|
removePermissionFromRole(roleName, permissionName) {
|
|
112
247
|
return __awaiter(this, void 0, void 0, function* () {
|
|
113
248
|
return this.coreClient.connectExec(this.client.removePermissionFromRole, {
|
|
114
249
|
roleName,
|
|
115
|
-
permissionName
|
|
250
|
+
permissionName,
|
|
116
251
|
});
|
|
117
252
|
});
|
|
118
253
|
}
|
|
119
254
|
/**
|
|
120
|
-
*
|
|
121
|
-
*
|
|
122
|
-
*
|
|
255
|
+
* Lists all effective permissions for a role including both direct and inherited permissions.
|
|
256
|
+
*
|
|
257
|
+
* This returns the complete set of capabilities available through the role hierarchy.
|
|
258
|
+
* Essential for understanding the full scope of access granted to users assigned to this role.
|
|
259
|
+
*
|
|
260
|
+
* @param {string} roleName - Role to analyze
|
|
261
|
+
*
|
|
262
|
+
* @returns {Promise<ListEffectiveRolePermissionsResponse>} Complete list including inherited permissions
|
|
263
|
+
*
|
|
264
|
+
* @example
|
|
265
|
+
* // Compare direct vs effective permissions
|
|
266
|
+
* const direct = await scalekitClient.permission.listRolePermissions('senior_editor');
|
|
267
|
+
* const effective = await scalekitClient.permission.listEffectiveRolePermissions('senior_editor');
|
|
268
|
+
*
|
|
269
|
+
* console.log('Direct permissions:', direct.permissions.length);
|
|
270
|
+
* console.log('Total effective permissions:', effective.permissions.length);
|
|
271
|
+
* console.log('Inherited:', effective.permissions.length - direct.permissions.length);
|
|
272
|
+
*
|
|
273
|
+
* @see {@link https://docs.scalekit.com/apis/#tag/permissions | List Effective Role Permissions API}
|
|
274
|
+
* @see {@link listRolePermissions} - Get only direct permissions
|
|
123
275
|
*/
|
|
124
276
|
listEffectiveRolePermissions(roleName) {
|
|
125
277
|
return __awaiter(this, void 0, void 0, function* () {
|
package/lib/permission.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission.js","sourceRoot":"","sources":["../src/permission.ts"],"names":[],"mappings":";;;;;;;;;;;AAIA,8EAA0E;AAqB1E,MAAqB,gBAAgB;IAGnC,YACmB,WAAwB,EACxB,UAAsB;QADtB,gBAAW,GAAX,WAAW,CAAa;QACxB,eAAU,GAAV,UAAU,CAAY;QAEvC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,4BAAY,CAAC,CAAC;IAC5D,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"permission.js","sourceRoot":"","sources":["../src/permission.ts"],"names":[],"mappings":";;;;;;;;;;;AAIA,8EAA0E;AAqB1E;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAqB,gBAAgB;IAGnC,YACmB,WAAwB,EACxB,UAAsB;QADtB,gBAAW,GAAX,WAAW,CAAa;QACxB,eAAU,GAAV,UAAU,CAAY;QAEvC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,4BAAY,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACG,gBAAgB,CACpB,UAA4B;;YAE5B,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;gBAC/D,UAAU;aACX,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,aAAa,CAAC,cAAsB;;YACxC,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;gBAC5D,cAAc;aACf,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACG,eAAe,CACnB,SAAkB,EAClB,QAAiB;;YAEjB,MAAM,OAAO,GAA2C,EAAE,CAAC;YAC3D,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC;YAChC,CAAC;YACD,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC;YAC9B,CAAC;YAED,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAC3E,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;OAiBG;IACG,gBAAgB,CACpB,cAAsB,EACtB,UAA4B;;YAE5B,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;gBAC/D,cAAc;gBACd,UAAU;aACX,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,gBAAgB,CAAC,cAAsB;;YAC3C,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE;gBAC/D,cAAc;aACf,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;;;OAeG;IACG,mBAAmB,CACvB,QAAgB;;YAEhB,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE;gBAClE,QAAQ;aACT,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACG,oBAAoB,CACxB,QAAgB,EAChB,eAAyB;;YAEzB,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE;gBACnE,QAAQ;gBACR,eAAe;aAChB,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;;;OAeG;IACG,wBAAwB,CAC5B,QAAgB,EAChB,cAAsB;;YAEtB,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,wBAAwB,EAAE;gBACvE,QAAQ;gBACR,cAAc;aACf,CAAC,CAAC;QACL,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACG,4BAA4B,CAChC,QAAgB;;YAEhB,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAChC,IAAI,CAAC,MAAM,CAAC,4BAA4B,EACxC,EAAE,QAAQ,EAAE,CACb,CAAC;QACJ,CAAC;KAAA;CACF;AA1QD,mCA0QC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { DiscoveryAuthMethodRequest, DiscoveryAuthMethodResponse, GetAuthCustomizationsRequest, GetAuthCustomizationsResponse, GetAuthErrorRequest, GetAuthErrorResponse, GetAuthFeaturesResponse, GetAuthStateResponse, ListAuthMethodsRequest, ListAuthMethodsResponse, ListUserOrganizationsResponse, SignupOrganizationRequest, SignupOrganizationResponse, UpdateLoginUserDetailsRequest,
|
|
1
|
+
import { DiscoveryAuthMethodRequest, DiscoveryAuthMethodResponse, GetAuthCustomizationsRequest, GetAuthCustomizationsResponse, GetAuthErrorRequest, GetAuthErrorResponse, GetAuthFeaturesResponse, GetAuthStateResponse, ListAuthMethodsRequest, ListAuthMethodsResponse, ListUserOrganizationsResponse, SignupOrganizationRequest, SignupOrganizationResponse, UpdateLoginUserDetailsRequest, VerifyPasswordLessOtpRequest, VerifyPasswordLessOtpResponse } from "./auth_pb.js";
|
|
2
2
|
import { Empty, MethodKind } from "@bufbuild/protobuf";
|
|
3
3
|
/**
|
|
4
4
|
* @generated from service scalekit.v1.auth.AuthService
|
|
@@ -29,8 +29,8 @@ export declare const AuthService: {
|
|
|
29
29
|
*/
|
|
30
30
|
readonly verifyPasswordLessOtp: {
|
|
31
31
|
readonly name: "VerifyPasswordLessOtp";
|
|
32
|
-
readonly I: typeof
|
|
33
|
-
readonly O: typeof
|
|
32
|
+
readonly I: typeof VerifyPasswordLessOtpRequest;
|
|
33
|
+
readonly O: typeof VerifyPasswordLessOtpResponse;
|
|
34
34
|
readonly kind: MethodKind.Unary;
|
|
35
35
|
};
|
|
36
36
|
/**
|
|
@@ -36,8 +36,8 @@ exports.AuthService = {
|
|
|
36
36
|
*/
|
|
37
37
|
verifyPasswordLessOtp: {
|
|
38
38
|
name: "VerifyPasswordLessOtp",
|
|
39
|
-
I: auth_pb_js_1.
|
|
40
|
-
O: auth_pb_js_1.
|
|
39
|
+
I: auth_pb_js_1.VerifyPasswordLessOtpRequest,
|
|
40
|
+
O: auth_pb_js_1.VerifyPasswordLessOtpResponse,
|
|
41
41
|
kind: protobuf_1.MethodKind.Unary,
|
|
42
42
|
},
|
|
43
43
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth_connect.js","sourceRoot":"","sources":["../../../../../../src/pkg/grpc/scalekit/v1/auth/auth_connect.ts"],"names":[],"mappings":";AAAA,wEAAwE;AACxE,6FAA6F;AAC7F,oBAAoB;AACpB,cAAc;;;AAEd,
|
|
1
|
+
{"version":3,"file":"auth_connect.js","sourceRoot":"","sources":["../../../../../../src/pkg/grpc/scalekit/v1/auth/auth_connect.ts"],"names":[],"mappings":";AAAA,wEAAwE;AACxE,6FAA6F;AAC7F,oBAAoB;AACpB,cAAc;;;AAEd,6CAAid;AACjd,iDAAuD;AAEvD;;GAEG;AACU,QAAA,WAAW,GAAG;IACzB,QAAQ,EAAE,8BAA8B;IACxC,OAAO,EAAE;QACP;;WAEG;QACH,eAAe,EAAE;YACf,IAAI,EAAE,iBAAiB;YACvB,CAAC,EAAE,mCAAsB;YACzB,CAAC,EAAE,oCAAuB;YAC1B,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,mBAAmB,EAAE;YACnB,IAAI,EAAE,qBAAqB;YAC3B,CAAC,EAAE,uCAA0B;YAC7B,CAAC,EAAE,wCAA2B;YAC9B,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,qBAAqB,EAAE;YACrB,IAAI,EAAE,uBAAuB;YAC7B,CAAC,EAAE,yCAA4B;YAC/B,CAAC,EAAE,0CAA6B;YAChC,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,kBAAkB,EAAE;YAClB,IAAI,EAAE,oBAAoB;YAC1B,CAAC,EAAE,gBAAK;YACR,CAAC,EAAE,gBAAK;YACR,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,qBAAqB,EAAE;YACrB,IAAI,EAAE,uBAAuB;YAC7B,CAAC,EAAE,gBAAK;YACR,CAAC,EAAE,0CAA6B;YAChC,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,kBAAkB,EAAE;YAClB,IAAI,EAAE,oBAAoB;YAC1B,CAAC,EAAE,sCAAyB;YAC5B,CAAC,EAAE,uCAA0B;YAC7B,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,YAAY,EAAE;YACZ,IAAI,EAAE,cAAc;YACpB,CAAC,EAAE,gBAAK;YACR,CAAC,EAAE,iCAAoB;YACvB,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,YAAY,EAAE;YACZ,IAAI,EAAE,cAAc;YACpB,CAAC,EAAE,gCAAmB;YACtB,CAAC,EAAE,iCAAoB;YACvB,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,MAAM,EAAE;YACN,IAAI,EAAE,QAAQ;YACd,CAAC,EAAE,gBAAK;YACR,CAAC,EAAE,gBAAK;YACR,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,qBAAqB,EAAE;YACrB,IAAI,EAAE,uBAAuB;YAC7B,CAAC,EAAE,yCAA4B;YAC/B,CAAC,EAAE,0CAA6B;YAChC,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,eAAe,EAAE;YACf,IAAI,EAAE,iBAAiB;YACvB,CAAC,EAAE,gBAAK;YACR,CAAC,EAAE,oCAAuB;YAC1B,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;QACD;;WAEG;QACH,sBAAsB,EAAE;YACtB,IAAI,EAAE,wBAAwB;YAC9B,CAAC,EAAE,0CAA6B;YAChC,CAAC,EAAE,gBAAK;YACR,IAAI,EAAE,qBAAU,CAAC,KAAK;SACvB;KACF;CACO,CAAC"}
|