@sirrlock/node 0.1.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/README.md +100 -24
- package/dist/cli.d.ts +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +48 -30
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +327 -45
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +271 -47
- package/dist/index.js.map +1 -1
- package/package.json +8 -3
package/dist/index.d.ts
CHANGED
|
@@ -1,20 +1,84 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* @sirrlock/node — Sirr Node.js client
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
*
|
|
4
|
+
* Zero-dependency TypeScript client for the Sirr HTTP API.
|
|
5
|
+
* Works in Node 18+, Deno, Bun, and edge runtimes.
|
|
6
6
|
*/
|
|
7
7
|
export interface SirrClientOptions {
|
|
8
|
-
/** Sirr server base URL. Default: http://localhost:
|
|
8
|
+
/** Sirr server base URL. Default: http://localhost:39999 */
|
|
9
9
|
server?: string;
|
|
10
|
-
/** Bearer token
|
|
10
|
+
/** Bearer token — master key or principal API key. */
|
|
11
11
|
token: string;
|
|
12
|
+
/**
|
|
13
|
+
* Org ID for multi-tenant mode. When set, all secret, audit, webhook, and
|
|
14
|
+
* prune operations are scoped under `/orgs/{org}/`.
|
|
15
|
+
*/
|
|
16
|
+
org?: string;
|
|
12
17
|
}
|
|
18
|
+
/** Options for `push()` — anonymous public dead-drop. */
|
|
13
19
|
export interface PushOptions {
|
|
14
|
-
/**
|
|
20
|
+
/** Time-to-live in seconds. Omit for no expiration. */
|
|
21
|
+
ttl?: number;
|
|
22
|
+
/** Maximum reads before the secret is burned. */
|
|
23
|
+
reads?: number;
|
|
24
|
+
}
|
|
25
|
+
/** Options for `set()` — org-scoped named secret. */
|
|
26
|
+
export interface SetOptions {
|
|
27
|
+
/** Time-to-live in seconds. Omit for no expiration. */
|
|
15
28
|
ttl?: number;
|
|
16
|
-
/** Maximum
|
|
29
|
+
/** Maximum reads before the secret is burned or sealed. */
|
|
17
30
|
reads?: number;
|
|
31
|
+
/**
|
|
32
|
+
* Whether to permanently delete the secret after reaching `reads`.
|
|
33
|
+
* `true` (default) = burn; `false` = seal (still patchable via `patch()`).
|
|
34
|
+
*/
|
|
35
|
+
burnOnRead?: boolean;
|
|
36
|
+
/**
|
|
37
|
+
* Webhook URL to call when this secret is read or burned.
|
|
38
|
+
* Must be HTTPS and within the server's allowed origins.
|
|
39
|
+
*/
|
|
40
|
+
webhookUrl?: string;
|
|
41
|
+
/**
|
|
42
|
+
* Restrict reads to specific principal key names (org-scoped secrets only).
|
|
43
|
+
* Omit to allow any key with read permission.
|
|
44
|
+
*/
|
|
45
|
+
allowedKeys?: string[];
|
|
46
|
+
/**
|
|
47
|
+
* Override the org for this call. Falls back to the client-level `org`.
|
|
48
|
+
*/
|
|
49
|
+
org?: string;
|
|
50
|
+
}
|
|
51
|
+
export interface PatchOptions {
|
|
52
|
+
/** Replace the stored value. */
|
|
53
|
+
value?: string;
|
|
54
|
+
/** New TTL in seconds from now (resets the expiry clock). */
|
|
55
|
+
ttl?: number;
|
|
56
|
+
/** New maximum read count. */
|
|
57
|
+
reads?: number;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Metadata returned by `check()` (HEAD request).
|
|
61
|
+
* Does not consume a read counter.
|
|
62
|
+
*/
|
|
63
|
+
export interface SecretStatus {
|
|
64
|
+
/** `"active"` = readable; `"sealed"` = reads exhausted but not deleted. */
|
|
65
|
+
status: "active" | "sealed";
|
|
66
|
+
readCount: number;
|
|
67
|
+
readsRemaining: number | "unlimited";
|
|
68
|
+
/** `true` = burns on read; `false` = seals on read. */
|
|
69
|
+
burnOnRead: boolean;
|
|
70
|
+
createdAt: number;
|
|
71
|
+
expiresAt: number | null;
|
|
72
|
+
}
|
|
73
|
+
/** Response from `push()` — anonymous public dead-drop. */
|
|
74
|
+
export interface PushResponse {
|
|
75
|
+
/** 64-character hex ID used to retrieve the secret via `get(id)`. */
|
|
76
|
+
id: string;
|
|
77
|
+
}
|
|
78
|
+
/** Response from `set()` — org-scoped named secret. */
|
|
79
|
+
export interface SetResponse {
|
|
80
|
+
/** The key under which the secret was stored. */
|
|
81
|
+
key: string;
|
|
18
82
|
}
|
|
19
83
|
export interface SecretMeta {
|
|
20
84
|
key: string;
|
|
@@ -22,6 +86,14 @@ export interface SecretMeta {
|
|
|
22
86
|
expires_at: number | null;
|
|
23
87
|
max_reads: number | null;
|
|
24
88
|
read_count: number;
|
|
89
|
+
/**
|
|
90
|
+
* Whether the secret burns (`true`) or seals (`false`) on read-limit.
|
|
91
|
+
* Only present on secrets that were created with an explicit `burnOnRead`
|
|
92
|
+
* value or in responses from `patch()`.
|
|
93
|
+
*/
|
|
94
|
+
delete?: boolean;
|
|
95
|
+
/** ID of the principal that created this secret (org secrets only). */
|
|
96
|
+
owner_id?: string;
|
|
25
97
|
}
|
|
26
98
|
export interface AuditEvent {
|
|
27
99
|
id: number;
|
|
@@ -31,13 +103,24 @@ export interface AuditEvent {
|
|
|
31
103
|
source_ip: string;
|
|
32
104
|
success: boolean;
|
|
33
105
|
detail: string | null;
|
|
106
|
+
org_id?: string;
|
|
107
|
+
principal_id?: string;
|
|
34
108
|
}
|
|
35
|
-
|
|
109
|
+
/** Filter parameters for audit log queries. */
|
|
110
|
+
export interface AuditFilter {
|
|
111
|
+
/** Return events at or after this Unix timestamp. */
|
|
36
112
|
since?: number;
|
|
113
|
+
/** Return events at or before this Unix timestamp. */
|
|
37
114
|
until?: number;
|
|
115
|
+
/** Filter by action type, e.g. `"secret.read"`. */
|
|
38
116
|
action?: string;
|
|
117
|
+
/** Filter by secret key name (org-scoped audit only). */
|
|
118
|
+
key?: string;
|
|
119
|
+
/** Maximum number of entries to return (default 100, max 1000). */
|
|
39
120
|
limit?: number;
|
|
40
121
|
}
|
|
122
|
+
/** @deprecated Use `AuditFilter`. */
|
|
123
|
+
export type AuditOptions = AuditFilter;
|
|
41
124
|
export interface Webhook {
|
|
42
125
|
id: string;
|
|
43
126
|
url: string;
|
|
@@ -46,35 +129,159 @@ export interface Webhook {
|
|
|
46
129
|
}
|
|
47
130
|
export interface WebhookCreateResult {
|
|
48
131
|
id: string;
|
|
132
|
+
/** Signing secret — shown only once, save immediately. */
|
|
49
133
|
secret: string;
|
|
50
134
|
}
|
|
51
|
-
export interface
|
|
135
|
+
export interface Org {
|
|
136
|
+
id: string;
|
|
137
|
+
name: string;
|
|
138
|
+
metadata?: Record<string, string>;
|
|
139
|
+
created_at?: number;
|
|
140
|
+
}
|
|
141
|
+
export interface Principal {
|
|
52
142
|
id: string;
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
143
|
+
name: string;
|
|
144
|
+
role: string;
|
|
145
|
+
org_id: string;
|
|
146
|
+
metadata?: Record<string, string>;
|
|
147
|
+
created_at?: number;
|
|
148
|
+
}
|
|
149
|
+
export interface Role {
|
|
150
|
+
name: string;
|
|
151
|
+
/** Permission letter string, e.g. `"rRlL"`. */
|
|
152
|
+
permissions: string;
|
|
153
|
+
org_id?: string;
|
|
154
|
+
builtin?: boolean;
|
|
155
|
+
created_at?: number;
|
|
156
|
+
}
|
|
157
|
+
export interface PrincipalKey {
|
|
158
|
+
id: string;
|
|
159
|
+
name: string;
|
|
160
|
+
valid_after: number;
|
|
161
|
+
valid_before: number;
|
|
56
162
|
created_at: number;
|
|
57
163
|
}
|
|
58
|
-
export interface
|
|
164
|
+
export interface MeResponse {
|
|
59
165
|
id: string;
|
|
166
|
+
name: string;
|
|
167
|
+
role: string;
|
|
168
|
+
org_id: string;
|
|
169
|
+
metadata: Record<string, string>;
|
|
170
|
+
created_at: number;
|
|
171
|
+
keys: PrincipalKey[];
|
|
172
|
+
}
|
|
173
|
+
export interface PrincipalKeyCreateResult {
|
|
174
|
+
id: string;
|
|
175
|
+
name: string;
|
|
176
|
+
/** Raw API key — shown only once, save immediately. */
|
|
60
177
|
key: string;
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
prefix: string | null;
|
|
178
|
+
valid_after: number;
|
|
179
|
+
valid_before: number;
|
|
64
180
|
}
|
|
65
|
-
export interface
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
181
|
+
export interface CreateOrgOptions {
|
|
182
|
+
name: string;
|
|
183
|
+
metadata?: Record<string, string>;
|
|
184
|
+
}
|
|
185
|
+
export interface CreatePrincipalOptions {
|
|
186
|
+
name: string;
|
|
187
|
+
/**
|
|
188
|
+
* Role to assign. Built-in: `reader`, `writer`, `admin`, `owner`.
|
|
189
|
+
* Custom roles can be created per-org.
|
|
190
|
+
*/
|
|
191
|
+
role: string;
|
|
192
|
+
metadata?: Record<string, string>;
|
|
193
|
+
}
|
|
194
|
+
export interface CreateRoleOptions {
|
|
195
|
+
name: string;
|
|
196
|
+
/**
|
|
197
|
+
* Permission letter string. Each letter enables a permission bit.
|
|
198
|
+
* Examples: `"r"` (read), `"rRlL"` (read + list), `"rRlLcCpPaAmMdD"` (full).
|
|
199
|
+
*
|
|
200
|
+
* | Letter | Permission |
|
|
201
|
+
* |--------|-----------|
|
|
202
|
+
* | `r` | ReadOrg |
|
|
203
|
+
* | `R` | ReadMy |
|
|
204
|
+
* | `l` | ListOrg |
|
|
205
|
+
* | `L` | ListMy |
|
|
206
|
+
* | `c` | CreateOrg |
|
|
207
|
+
* | `C` | CreateMy |
|
|
208
|
+
* | `p` | PatchOrg |
|
|
209
|
+
* | `P` | PatchMy |
|
|
210
|
+
* | `d` | DeleteOrg |
|
|
211
|
+
* | `D` | DeleteMy |
|
|
212
|
+
* | `a` | AuditRead |
|
|
213
|
+
* | `m` | ManageOrg |
|
|
214
|
+
*/
|
|
215
|
+
permissions: string;
|
|
216
|
+
}
|
|
217
|
+
export interface CreateKeyOptions {
|
|
218
|
+
/** Human-readable label for this key. */
|
|
219
|
+
name: string;
|
|
220
|
+
/** Lifetime in seconds from now. Defaults to 1 year. */
|
|
221
|
+
valid_for_seconds?: number;
|
|
222
|
+
/** Absolute expiry as a Unix timestamp. Overrides `valid_for_seconds`. */
|
|
223
|
+
valid_before?: number;
|
|
224
|
+
}
|
|
225
|
+
export interface PatchMeOptions {
|
|
226
|
+
/** Replaces the entire metadata map on the current principal. */
|
|
227
|
+
metadata: Record<string, string>;
|
|
228
|
+
}
|
|
229
|
+
export interface WebhookClient {
|
|
230
|
+
/**
|
|
231
|
+
* Register a webhook. Returns the ID and signing secret.
|
|
232
|
+
* @param url HTTPS endpoint to receive events
|
|
233
|
+
* @param opts Optional event filter (default `["*"]`)
|
|
234
|
+
*/
|
|
235
|
+
create(url: string, opts?: {
|
|
236
|
+
events?: string[];
|
|
237
|
+
}): Promise<WebhookCreateResult>;
|
|
238
|
+
/** List all registered webhooks. Signing secrets are redacted. */
|
|
239
|
+
list(): Promise<Webhook[]>;
|
|
240
|
+
/** Delete a webhook by ID. Returns false if not found. */
|
|
241
|
+
delete(id: string): Promise<boolean>;
|
|
242
|
+
}
|
|
243
|
+
export interface OrgClient {
|
|
244
|
+
/** Create a new organization. Requires master key. */
|
|
245
|
+
create(opts: CreateOrgOptions): Promise<Org>;
|
|
246
|
+
/** List all organizations. Requires master key. */
|
|
247
|
+
list(): Promise<Org[]>;
|
|
248
|
+
/** Delete an organization by ID. Requires master key. */
|
|
249
|
+
delete(id: string): Promise<void>;
|
|
250
|
+
}
|
|
251
|
+
export interface PrincipalClient {
|
|
252
|
+
/** Create a principal within an org. Requires master key. */
|
|
253
|
+
create(orgId: string, opts: CreatePrincipalOptions): Promise<Principal>;
|
|
254
|
+
/** List all principals in an org. Requires master key. */
|
|
255
|
+
list(orgId: string): Promise<Principal[]>;
|
|
256
|
+
/** Delete a principal by ID. Requires master key. */
|
|
257
|
+
delete(orgId: string, principalId: string): Promise<void>;
|
|
69
258
|
}
|
|
70
259
|
export declare class SirrError extends Error {
|
|
71
260
|
readonly status: number;
|
|
72
261
|
constructor(status: number, message: string);
|
|
73
262
|
}
|
|
263
|
+
/**
|
|
264
|
+
* Thrown by `set()` when a secret with the given key already exists (HTTP 409).
|
|
265
|
+
* Delete the existing secret first, then call `set()` again.
|
|
266
|
+
*/
|
|
267
|
+
export declare class SecretExistsError extends Error {
|
|
268
|
+
constructor(key: string);
|
|
269
|
+
}
|
|
74
270
|
export declare class SirrClient {
|
|
75
271
|
private readonly server;
|
|
76
272
|
private readonly token;
|
|
273
|
+
private readonly org?;
|
|
274
|
+
/** Webhook management — `sirr.webhooks.create/list/delete`. */
|
|
275
|
+
readonly webhooks: WebhookClient;
|
|
276
|
+
/** Organization management — `sirr.orgs.create/list/delete`. Requires master key. */
|
|
277
|
+
readonly orgs: OrgClient;
|
|
278
|
+
/** Principal management — `sirr.principals.create/list/delete`. Requires master key. */
|
|
279
|
+
readonly principals: PrincipalClient;
|
|
77
280
|
constructor(opts: SirrClientOptions);
|
|
281
|
+
private secretsPath;
|
|
282
|
+
private auditPath;
|
|
283
|
+
private webhooksPath;
|
|
284
|
+
private prunePath;
|
|
78
285
|
private headers;
|
|
79
286
|
private request;
|
|
80
287
|
/** Check server health. Does not require authentication. */
|
|
@@ -82,49 +289,124 @@ export declare class SirrClient {
|
|
|
82
289
|
status: string;
|
|
83
290
|
}>;
|
|
84
291
|
/**
|
|
85
|
-
* Push
|
|
292
|
+
* Push an anonymous secret (public dead-drop).
|
|
86
293
|
*
|
|
87
|
-
*
|
|
88
|
-
*
|
|
89
|
-
*
|
|
294
|
+
* No key is required. The server assigns a random 64-char hex ID.
|
|
295
|
+
* Share the returned `id` with the recipient — they use `get(id)` to retrieve it.
|
|
296
|
+
*
|
|
297
|
+
* @param value Secret value (max 1 MiB)
|
|
298
|
+
* @param opts TTL and read limit
|
|
299
|
+
* @returns `{ id }` — the hex ID for retrieval
|
|
90
300
|
*/
|
|
91
|
-
push(
|
|
301
|
+
push(value: string, opts?: PushOptions): Promise<PushResponse>;
|
|
92
302
|
/**
|
|
93
|
-
*
|
|
94
|
-
*
|
|
303
|
+
* Store a named secret in an org vault.
|
|
304
|
+
*
|
|
305
|
+
* Requires `org` in the client config or in `opts`.
|
|
306
|
+
* Throws `SecretExistsError` if the key already exists (HTTP 409).
|
|
307
|
+
*
|
|
308
|
+
* @param key Secret key name (1-256 chars, alphanumeric + `-_.`)
|
|
309
|
+
* @param value Secret value (max 1 MiB)
|
|
310
|
+
* @param opts TTL, read limit, webhook, allowed keys, and optional org override
|
|
311
|
+
* @returns `{ key }` — the stored key name
|
|
95
312
|
*/
|
|
96
|
-
|
|
313
|
+
set(key: string, value: string, opts?: SetOptions): Promise<SetResponse>;
|
|
314
|
+
/**
|
|
315
|
+
* Update a secret's value, TTL, or read limit in place.
|
|
316
|
+
* Returns the updated metadata, or `null` if the secret does not exist.
|
|
317
|
+
*
|
|
318
|
+
* Only works on secrets created with `burnOnRead: false`. Attempting to
|
|
319
|
+
* patch a burn-on-read secret returns `409 Conflict` (thrown as `SirrError`).
|
|
320
|
+
*/
|
|
321
|
+
patch(key: string, opts: PatchOptions): Promise<SecretMeta | null>;
|
|
322
|
+
/**
|
|
323
|
+
* Retrieve a secret. Increments the read counter.
|
|
324
|
+
*
|
|
325
|
+
* - **Without org** (public): `id` is the 64-char hex returned by `push()`.
|
|
326
|
+
* Routes to `GET /secrets/{id}`.
|
|
327
|
+
* - **With org** (named): `key` is the named key stored via `set()`.
|
|
328
|
+
* Routes to `GET /orgs/{org}/secrets/{key}`.
|
|
329
|
+
*
|
|
330
|
+
* Returns `null` if the secret does not exist, has expired, has been
|
|
331
|
+
* burned, or is sealed.
|
|
332
|
+
*/
|
|
333
|
+
get(idOrKey: string, opts?: {
|
|
334
|
+
org?: string;
|
|
335
|
+
}): Promise<string | null>;
|
|
97
336
|
/** List metadata for all active secrets. Values are never returned. */
|
|
98
337
|
list(): Promise<SecretMeta[]>;
|
|
99
|
-
/** Delete a secret immediately. Returns true if it existed. */
|
|
338
|
+
/** Delete a secret immediately. Returns `true` if it existed. */
|
|
100
339
|
delete(key: string): Promise<boolean>;
|
|
101
340
|
/**
|
|
102
|
-
*
|
|
103
|
-
*
|
|
341
|
+
* Inspect a secret's metadata without consuming a read counter (HEAD request).
|
|
342
|
+
* Returns `null` if the secret does not exist or has expired.
|
|
343
|
+
*
|
|
344
|
+
* Use this in AI agent workflows to verify a secret is still valid before
|
|
345
|
+
* fetching it and triggering an irreversible read.
|
|
346
|
+
*/
|
|
347
|
+
check(key: string): Promise<SecretStatus | null>;
|
|
348
|
+
/**
|
|
349
|
+
* Retrieve all secrets and return them as a `key → value` map.
|
|
350
|
+
* Each `get()` call increments the respective read counter.
|
|
104
351
|
*/
|
|
105
352
|
pullAll(): Promise<Record<string, string>>;
|
|
106
|
-
/** Trigger an immediate sweep of expired secrets on the server. */
|
|
107
|
-
prune(): Promise<number>;
|
|
108
353
|
/**
|
|
109
|
-
* Inject all vault secrets as process.env variables
|
|
110
|
-
*
|
|
354
|
+
* Inject all vault secrets as `process.env` variables for the duration of
|
|
355
|
+
* `fn`, then restore the original values (even if `fn` throws).
|
|
356
|
+
*
|
|
357
|
+
* @example
|
|
358
|
+
* await sirr.withSecrets(async () => {
|
|
359
|
+
* await execa('python', ['agent.py'])
|
|
360
|
+
* })
|
|
111
361
|
*/
|
|
112
362
|
withSecrets<T>(fn: () => Promise<T>): Promise<T>;
|
|
113
|
-
/**
|
|
114
|
-
|
|
115
|
-
/**
|
|
363
|
+
/** Trigger an immediate sweep of expired secrets on the server. Returns the pruned count. */
|
|
364
|
+
prune(): Promise<number>;
|
|
365
|
+
/**
|
|
366
|
+
* Query the audit log.
|
|
367
|
+
*
|
|
368
|
+
* @example
|
|
369
|
+
* const events = await sirr.audit({ action: 'secret.read', limit: 50 })
|
|
370
|
+
*/
|
|
371
|
+
audit(opts?: AuditFilter): Promise<AuditEvent[]>;
|
|
372
|
+
/** @deprecated Use `audit()`. */
|
|
373
|
+
getAuditLog(opts?: AuditFilter): Promise<AuditEvent[]>;
|
|
374
|
+
/** Register a webhook. Returns the ID and signing secret (shown once). */
|
|
116
375
|
createWebhook(url: string, opts?: {
|
|
117
376
|
events?: string[];
|
|
118
377
|
}): Promise<WebhookCreateResult>;
|
|
119
|
-
/** List registered webhooks. Signing secrets are redacted. */
|
|
378
|
+
/** List all registered webhooks. Signing secrets are redacted. */
|
|
120
379
|
listWebhooks(): Promise<Webhook[]>;
|
|
121
|
-
/** Delete a webhook by ID. Returns false if not found. */
|
|
380
|
+
/** Delete a webhook by ID. Returns `false` if not found. */
|
|
122
381
|
deleteWebhook(id: string): Promise<boolean>;
|
|
123
|
-
/**
|
|
124
|
-
|
|
125
|
-
/**
|
|
126
|
-
|
|
127
|
-
/**
|
|
128
|
-
|
|
382
|
+
/** Get the current principal's profile, role, and key list. */
|
|
383
|
+
me(): Promise<MeResponse>;
|
|
384
|
+
/** Update the current principal's metadata. */
|
|
385
|
+
updateMe(opts: PatchMeOptions): Promise<Principal>;
|
|
386
|
+
/**
|
|
387
|
+
* Create a new API key for the current principal.
|
|
388
|
+
* The raw key is returned once — save it immediately.
|
|
389
|
+
*/
|
|
390
|
+
createKey(opts: CreateKeyOptions): Promise<PrincipalKeyCreateResult>;
|
|
391
|
+
/** Revoke one of the current principal's keys. Returns `false` if not found. */
|
|
392
|
+
deleteKey(keyId: string): Promise<boolean>;
|
|
393
|
+
/** Create an org. Requires master key. */
|
|
394
|
+
createOrg(opts: CreateOrgOptions): Promise<Org>;
|
|
395
|
+
/** List all orgs. Requires master key. */
|
|
396
|
+
listOrgs(): Promise<Org[]>;
|
|
397
|
+
/** Delete an org by ID. Requires master key. */
|
|
398
|
+
deleteOrg(orgId: string): Promise<void>;
|
|
399
|
+
/** Create a principal within an org. Requires master key. */
|
|
400
|
+
createPrincipal(orgId: string, opts: CreatePrincipalOptions): Promise<Principal>;
|
|
401
|
+
/** List all principals in an org. Requires master key. */
|
|
402
|
+
listPrincipals(orgId: string): Promise<Principal[]>;
|
|
403
|
+
/** Delete a principal by ID. Requires master key. */
|
|
404
|
+
deletePrincipal(orgId: string, principalId: string): Promise<void>;
|
|
405
|
+
/** Create a custom role within an org. Requires master key. */
|
|
406
|
+
createRole(orgId: string, opts: CreateRoleOptions): Promise<Role>;
|
|
407
|
+
/** List all roles (built-in and custom) in an org. Requires master key. */
|
|
408
|
+
listRoles(orgId: string): Promise<Role[]>;
|
|
409
|
+
/** Delete a custom role by name. Requires master key. */
|
|
410
|
+
deleteRole(orgId: string, roleName: string): Promise<void>;
|
|
129
411
|
}
|
|
130
412
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,WAAW,iBAAiB;IAChC,4DAA4D;IAC5D,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,sDAAsD;IACtD,KAAK,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAID,yDAAyD;AACzD,MAAM,WAAW,WAAW;IAC1B,uDAAuD;IACvD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,iDAAiD;IACjD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qDAAqD;AACrD,MAAM,WAAW,UAAU;IACzB,uDAAuD;IACvD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,2DAA2D;IAC3D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,YAAY;IAC3B,gCAAgC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6DAA6D;IAC7D,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,2EAA2E;IAC3E,MAAM,EAAE,QAAQ,GAAG,QAAQ,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,GAAG,WAAW,CAAC;IACrC,uDAAuD;IACvD,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAID,2DAA2D;AAC3D,MAAM,WAAW,YAAY;IAC3B,qEAAqE;IACrE,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,uDAAuD;AACvD,MAAM,WAAW,WAAW;IAC1B,iDAAiD;IACjD,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,uEAAuE;IACvE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,+CAA+C;AAC/C,MAAM,WAAW,WAAW;IAC1B,qDAAqD;IACrD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sDAAsD;IACtD,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mDAAmD;IACnD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yDAAyD;IACzD,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,mEAAmE;IACnE,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,qCAAqC;AACrC,MAAM,MAAM,YAAY,GAAG,WAAW,CAAC;AAEvC,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,WAAW,GAAG;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,SAAS;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,IAAI;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,+CAA+C;IAC/C,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,YAAY,EAAE,CAAC;CACtB;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,uDAAuD;IACvD,GAAG,EAAE,MAAM,CAAC;IACZ,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;CACtB;AAID,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb;;;OAGG;IACH,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;;;;;;;;;;;;OAkBG;IACH,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,wDAAwD;IACxD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,0EAA0E;IAC1E,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,cAAc;IAC7B,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAID,MAAM,WAAW,aAAa;IAC5B;;;;OAIG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAChF,kEAAkE;IAClE,IAAI,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;IAC3B,0DAA0D;IAC1D,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,SAAS;IACxB,sDAAsD;IACtD,MAAM,CAAC,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7C,mDAAmD;IACnD,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACvB,yDAAyD;IACzD,MAAM,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CACnC;AAED,MAAM,WAAW,eAAe;IAC9B,6DAA6D;IAC7D,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IACxE,0DAA0D;IAC1D,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAC1C,qDAAqD;IACrD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3D;AAID,qBAAa,SAAU,SAAQ,KAAK;aAEhB,MAAM,EAAE,MAAM;gBAAd,MAAM,EAAE,MAAM,EAC9B,OAAO,EAAE,MAAM;CAKlB;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,KAAK;gBAC9B,GAAG,EAAE,MAAM;CAIxB;AAYD,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAS;IAC/B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAS;IAE9B,+DAA+D;IAC/D,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC;IAEjC,qFAAqF;IACrF,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC;IAEzB,wFAAwF;IACxF,QAAQ,CAAC,UAAU,EAAE,eAAe,CAAC;gBAEzB,IAAI,EAAE,iBAAiB;IA6BnC,OAAO,CAAC,WAAW;IAKnB,OAAO,CAAC,SAAS;IAIjB,OAAO,CAAC,YAAY;IAKpB,OAAO,CAAC,SAAS;IAMjB,OAAO,CAAC,OAAO;YAOD,OAAO;IA4BrB,4DAA4D;IACtD,MAAM,IAAI,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAU3C;;;;;;;;;OASG;IACG,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,YAAY,CAAC;IASxE;;;;;;;;;;OAUG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,GAAE,UAAe,GAAG,OAAO,CAAC,WAAW,CAAC;IA6BlF;;;;;;OAMG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAcxE;;;;;;;;;;OAUG;IACG,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAiB3E,uEAAuE;IACjE,IAAI,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;IAKnC,iEAAiE;IAC3D,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAW3C;;;;;;OAMG;IACG,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IA4BtD;;;OAGG;IACG,OAAO,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAYhD;;;;;;;;OAQG;IACG,WAAW,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAiBtD,6FAA6F;IACvF,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;IAO9B;;;;;OAKG;IACG,KAAK,CAAC,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAe1D,iCAAiC;IAC3B,WAAW,CAAC,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAOhE,0EAA0E;IACpE,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAM5F,kEAAkE;IAC5D,YAAY,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAKxC,4DAA4D;IACtD,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAYjD,+DAA+D;IACzD,EAAE,IAAI,OAAO,CAAC,UAAU,CAAC;IAI/B,+CAA+C;IACzC,QAAQ,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC;IAIxD;;;OAGG;IACG,SAAS,CAAC,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAI1E,gFAAgF;IAC1E,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAahD,0CAA0C;IACpC,SAAS,CAAC,IAAI,EAAE,gBAAgB,GAAG,OAAO,CAAC,GAAG,CAAC;IAIrD,0CAA0C;IACpC,QAAQ,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IAKhC,gDAAgD;IAC1C,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI7C,6DAA6D;IACvD,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC,SAAS,CAAC;IAItF,0DAA0D;IACpD,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAQzD,qDAAqD;IAC/C,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOxE,+DAA+D;IACzD,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvE,2EAA2E;IACrE,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAQ/C,yDAAyD;IACnD,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAMjE"}
|