@stackframe/js 2.7.30 → 2.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/CHANGELOG.md +31 -0
  2. package/dist/esm/lib/auth.js +6 -6
  3. package/dist/esm/lib/auth.js.map +1 -1
  4. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js +27 -6
  5. package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  6. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js +52 -30
  7. package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  8. package/dist/esm/lib/stack-app/apps/implementations/common.js +1 -1
  9. package/dist/esm/lib/stack-app/apps/implementations/common.js.map +1 -1
  10. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js +44 -18
  11. package/dist/esm/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  12. package/dist/esm/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  13. package/dist/esm/lib/stack-app/index.js.map +1 -1
  14. package/dist/esm/lib/stack-app/permissions/index.js +16 -0
  15. package/dist/esm/lib/stack-app/permissions/index.js.map +1 -1
  16. package/dist/esm/lib/stack-app/projects/index.js +1 -0
  17. package/dist/esm/lib/stack-app/projects/index.js.map +1 -1
  18. package/dist/esm/lib/stack-app/users/index.js.map +1 -1
  19. package/dist/esm/utils/url.js +2 -2
  20. package/dist/esm/utils/url.js.map +1 -1
  21. package/dist/index.d.mts +46 -2
  22. package/dist/index.d.ts +46 -2
  23. package/dist/lib/auth.js +6 -6
  24. package/dist/lib/auth.js.map +1 -1
  25. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js +26 -5
  26. package/dist/lib/stack-app/apps/implementations/admin-app-impl.js.map +1 -1
  27. package/dist/lib/stack-app/apps/implementations/client-app-impl.js +52 -30
  28. package/dist/lib/stack-app/apps/implementations/client-app-impl.js.map +1 -1
  29. package/dist/lib/stack-app/apps/implementations/common.js +1 -1
  30. package/dist/lib/stack-app/apps/implementations/common.js.map +1 -1
  31. package/dist/lib/stack-app/apps/implementations/server-app-impl.js +44 -18
  32. package/dist/lib/stack-app/apps/implementations/server-app-impl.js.map +1 -1
  33. package/dist/lib/stack-app/apps/interfaces/admin-app.js.map +1 -1
  34. package/dist/lib/stack-app/index.js.map +1 -1
  35. package/dist/lib/stack-app/permissions/index.js +18 -0
  36. package/dist/lib/stack-app/permissions/index.js.map +1 -1
  37. package/dist/lib/stack-app/project-configs/index.js.map +1 -1
  38. package/dist/lib/stack-app/projects/index.js +1 -0
  39. package/dist/lib/stack-app/projects/index.js.map +1 -1
  40. package/dist/lib/stack-app/users/index.js.map +1 -1
  41. package/dist/utils/url.js +2 -2
  42. package/dist/utils/url.js.map +1 -1
  43. package/package.json +3 -3
package/CHANGELOG.md CHANGED
@@ -1,5 +1,36 @@
1
1
  # @stackframe/stack
2
2
 
3
+ ## 2.8.2
4
+
5
+ ### Patch Changes
6
+
7
+ - Various changes
8
+ - Updated dependencies
9
+ - @stackframe/stack-shared@2.8.2
10
+ - @stackframe/stack-ui@2.8.2
11
+ - @stackframe/stack-sc@2.8.2
12
+
13
+ ## 2.8.1
14
+
15
+ ### Patch Changes
16
+
17
+ - @stackframe/stack-sc@2.8.1
18
+ - @stackframe/stack-shared@2.8.1
19
+ - @stackframe/stack-ui@2.8.1
20
+
21
+ ## 2.8.0
22
+
23
+ ### Minor Changes
24
+
25
+ - Various changes
26
+
27
+ ### Patch Changes
28
+
29
+ - Updated dependencies
30
+ - @stackframe/stack-shared@2.8.0
31
+ - @stackframe/stack-ui@2.8.0
32
+ - @stackframe/stack-sc@2.8.0
33
+
3
34
  ## 2.7.30
4
35
 
5
36
  ### Patch Changes
package/dist/esm/lib/auth.js CHANGED
@@ -10,8 +10,8 @@ async function signInWithOAuth(iface, options) {
10
10
  const { codeChallenge, state } = await saveVerifierAndState();
11
11
  const location = await iface.getOAuthUrl({
12
12
  provider: options.provider,
13
- redirectUrl: constructRedirectUrl(options.redirectUrl),
14
- errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),
13
+ redirectUrl: constructRedirectUrl(options.redirectUrl, "redirectUrl"),
14
+ errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, "errorRedirectUrl"),
15
15
  codeChallenge,
16
16
  state,
17
17
  type: "authenticate",
@@ -24,9 +24,9 @@ async function addNewOAuthProviderOrScope(iface, options, session) {
24
24
  const { codeChallenge, state } = await saveVerifierAndState();
25
25
  const location = await iface.getOAuthUrl({
26
26
  provider: options.provider,
27
- redirectUrl: constructRedirectUrl(options.redirectUrl),
28
- errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),
29
- afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),
27
+ redirectUrl: constructRedirectUrl(options.redirectUrl, "redirectUrl"),
28
+ errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, "errorRedirectUrl"),
29
+ afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, "afterCallbackRedirectUrl"),
30
30
  codeChallenge,
31
31
  state,
32
32
  type: "link",
@@ -79,7 +79,7 @@ async function callOAuthCallback(iface, redirectUrl) {
79
79
  try {
80
80
  return Result.ok(await iface.callOAuthCallback({
81
81
  oauthParams: consumed.originalUrl.searchParams,
82
- redirectUri: constructRedirectUrl(redirectUrl),
82
+ redirectUri: constructRedirectUrl(redirectUrl, "redirectUri"),
83
83
  codeVerifier: consumed.codeVerifier,
84
84
  state: consumed.state
85
85
  }));
package/dist/esm/lib/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n }\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n codeChallenge,\n state,\n type: \"authenticate\",\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n \n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Stack.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: StackClientInterface,\n redirectUrl: string,\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams();\n if (!consumed) return Result.ok(undefined);\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (e instanceof KnownError) {\n throw e;\n }\n throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";AAIA,SAAS,kBAAwC;AAEjD,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,oBAAoB;AAC7B,SAAS,cAAc;AACvB,SAAS,gBAAgB;AACzB,SAAS,4BAA4B;AACrC,SAAS,+BAA+B,4BAA4B;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,WAAW;AAAA,IACrD,kBAAkB,qBAAqB,QAAQ,gBAAgB;AAAA,IAC/D;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,WAAW;AAAA,IACrD,kBAAkB,qBAAqB,QAAQ,gBAAgB;AAAA,IAC/D,0BAA0B,qBAAqB,OAAO,SAAS,IAAI;AAAA,IACnE;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,cAAQ,KAAK,IAAI,MAAM,uDAAuD,KAAK,2EAA2E,CAAC;AAC/J,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,KAAK,SAAS,uDAAuD;AAC/H,QAAM,eAAe,8BAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,OAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,OAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,aAAa,qBAAqB,WAAW;AAAA,MAC7C,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,YAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,oBAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../src/lib/auth.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { KnownError, StackClientInterface } from \"@stackframe/stack-shared\";\nimport { InternalSession } from \"@stackframe/stack-shared/dist/sessions\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { neverResolve } from \"@stackframe/stack-shared/dist/utils/promises\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { deindent } from \"@stackframe/stack-shared/dist/utils/strings\";\nimport { constructRedirectUrl } from \"../utils/url\";\nimport { consumeVerifierAndStateCookie, saveVerifierAndState } from \"./cookie\";\n\nexport async function signInWithOAuth(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n }\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n codeChallenge,\n state,\n type: \"authenticate\",\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\nexport async function addNewOAuthProviderOrScope(\n iface: StackClientInterface,\n options: {\n provider: string,\n redirectUrl: string,\n errorRedirectUrl: string,\n providerScope?: string,\n },\n session: InternalSession,\n) {\n const { codeChallenge, state } = await saveVerifierAndState();\n const location = await iface.getOAuthUrl({\n provider: options.provider,\n redirectUrl: constructRedirectUrl(options.redirectUrl, \"redirectUrl\"),\n errorRedirectUrl: constructRedirectUrl(options.errorRedirectUrl, \"errorRedirectUrl\"),\n afterCallbackRedirectUrl: constructRedirectUrl(window.location.href, \"afterCallbackRedirectUrl\"),\n codeChallenge,\n state,\n type: \"link\",\n session,\n providerScope: options.providerScope,\n });\n window.location.assign(location);\n await neverResolve();\n}\n\n/**\n * Checks if the current URL has the query parameters for an OAuth callback, and if so, removes them.\n *\n * Must be synchronous for the logic in callOAuthCallback to work without race conditions.\n */\nfunction consumeOAuthCallbackQueryParams() {\n const requiredParams = [\"code\", \"state\"];\n const originalUrl = new URL(window.location.href);\n for (const param of requiredParams) {\n if (!originalUrl.searchParams.has(param)) {\n console.warn(new Error(`Missing required query parameter on OAuth callback: ${param}. Maybe you opened or reloaded the oauth-callback page from your history?`));\n return null;\n }\n }\n\n const expectedState = originalUrl.searchParams.get(\"state\") ?? throwErr(\"This should never happen; isn't state required above?\");\n const cookieResult = consumeVerifierAndStateCookie(expectedState);\n\n if (!cookieResult) {\n // If the state can't be found in the cookies, then the callback wasn't meant for us.\n // Maybe the website uses another OAuth library?\n console.warn(deindent`\n Stack found an outer OAuth callback state in the query parameters, but not in cookies.\n \n This could have multiple reasons:\n - The cookie expired, because the OAuth flow took too long.\n - The user's browser deleted the cookie, either manually or because of a very strict cookie policy.\n - The cookie was already consumed by this page, and the user already logged in.\n - You are using another OAuth client library with the same callback URL as Stack.\n - The user opened the OAuth callback page from their history.\n\n Either way, it is probably safe to ignore this warning unless you are debugging an OAuth issue.\n `);\n return null;\n }\n\n\n const newUrl = new URL(originalUrl);\n for (const param of requiredParams) {\n newUrl.searchParams.delete(param);\n }\n\n // let's get rid of the authorization code in the history as we\n // don't redirect to `redirectUrl` if there's a validation error\n // (as the redirectUrl might be malicious!).\n //\n // We use history.replaceState instead of location.assign(...) to\n // prevent an unnecessary reload\n window.history.replaceState({}, \"\", newUrl.toString());\n\n return {\n originalUrl,\n codeVerifier: cookieResult.codeVerifier,\n state: expectedState,\n };\n}\n\nexport async function callOAuthCallback(\n iface: StackClientInterface,\n redirectUrl: string,\n) {\n // note: this part of the function (until the return) needs\n // to be synchronous, to prevent race conditions when\n // callOAuthCallback is called multiple times in parallel\n const consumed = consumeOAuthCallbackQueryParams();\n if (!consumed) return Result.ok(undefined);\n\n // the rest can be asynchronous (we now know that we are the\n // intended recipient of the callback, and the only instance\n // of callOAuthCallback that's running)\n try {\n return Result.ok(await iface.callOAuthCallback({\n oauthParams: consumed.originalUrl.searchParams,\n redirectUri: constructRedirectUrl(redirectUrl, \"redirectUri\"),\n codeVerifier: consumed.codeVerifier,\n state: consumed.state,\n }));\n } catch (e) {\n if (e instanceof KnownError) {\n throw e;\n }\n throw new StackAssertionError(\"Error signing in during OAuth callback. Please try again.\", { cause: e });\n }\n}\n"],"mappings":";AAIA,SAAS,kBAAwC;AAEjD,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,oBAAoB;AAC7B,SAAS,cAAc;AACvB,SAAS,gBAAgB;AACzB,SAAS,4BAA4B;AACrC,SAAS,+BAA+B,4BAA4B;AAEpE,eAAsB,gBACpB,OACA,SAMA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,aAAa,aAAa;AAAA,IACpE,kBAAkB,qBAAqB,QAAQ,kBAAkB,kBAAkB;AAAA,IACnF;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAEA,eAAsB,2BACpB,OACA,SAMA,SACA;AACA,QAAM,EAAE,eAAe,MAAM,IAAI,MAAM,qBAAqB;AAC5D,QAAM,WAAW,MAAM,MAAM,YAAY;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,aAAa,qBAAqB,QAAQ,aAAa,aAAa;AAAA,IACpE,kBAAkB,qBAAqB,QAAQ,kBAAkB,kBAAkB;AAAA,IACnF,0BAA0B,qBAAqB,OAAO,SAAS,MAAM,0BAA0B;AAAA,IAC/F;AAAA,IACA;AAAA,IACA,MAAM;AAAA,IACN;AAAA,IACA,eAAe,QAAQ;AAAA,EACzB,CAAC;AACD,SAAO,SAAS,OAAO,QAAQ;AAC/B,QAAM,aAAa;AACrB;AAOA,SAAS,kCAAkC;AACzC,QAAM,iBAAiB,CAAC,QAAQ,OAAO;AACvC,QAAM,cAAc,IAAI,IAAI,OAAO,SAAS,IAAI;AAChD,aAAW,SAAS,gBAAgB;AAClC,QAAI,CAAC,YAAY,aAAa,IAAI,KAAK,GAAG;AACxC,cAAQ,KAAK,IAAI,MAAM,uDAAuD,KAAK,2EAA2E,CAAC;AAC/J,aAAO;AAAA,IACT;AAAA,EACF;AAEA,QAAM,gBAAgB,YAAY,aAAa,IAAI,OAAO,KAAK,SAAS,uDAAuD;AAC/H,QAAM,eAAe,8BAA8B,aAAa;AAEhE,MAAI,CAAC,cAAc;AAGjB,YAAQ,KAAK;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KAWZ;AACD,WAAO;AAAA,EACT;AAGA,QAAM,SAAS,IAAI,IAAI,WAAW;AAClC,aAAW,SAAS,gBAAgB;AAClC,WAAO,aAAa,OAAO,KAAK;AAAA,EAClC;AAQA,SAAO,QAAQ,aAAa,CAAC,GAAG,IAAI,OAAO,SAAS,CAAC;AAErD,SAAO;AAAA,IACL;AAAA,IACA,cAAc,aAAa;AAAA,IAC3B,OAAO;AAAA,EACT;AACF;AAEA,eAAsB,kBACpB,OACA,aACA;AAIA,QAAM,WAAW,gCAAgC;AACjD,MAAI,CAAC,SAAU,QAAO,OAAO,GAAG,MAAS;AAKzC,MAAI;AACF,WAAO,OAAO,GAAG,MAAM,MAAM,kBAAkB;AAAA,MAC7C,aAAa,SAAS,YAAY;AAAA,MAClC,aAAa,qBAAqB,aAAa,aAAa;AAAA,MAC5D,cAAc,SAAS;AAAA,MACvB,OAAO,SAAS;AAAA,IAClB,CAAC,CAAC;AAAA,EACJ,SAAS,GAAG;AACV,QAAI,aAAa,YAAY;AAC3B,YAAM;AAAA,IACR;AACA,UAAM,IAAI,oBAAoB,6DAA6D,EAAE,OAAO,EAAE,CAAC;AAAA,EACzG;AACF;","names":[]}
package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js CHANGED
@@ -7,7 +7,7 @@ import { Result } from "@stackframe/stack-shared/dist/utils/results";
7
7
  import { apiKeyCreateOptionsToCrud } from "../../api-keys";
8
8
  import { stackAppInternalsSymbol } from "../../common";
9
9
  import { adminEmailTemplateUpdateOptionsToCrud } from "../../email-templates";
10
- import { adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud } from "../../permissions";
10
+ import { adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud, adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud } from "../../permissions";
11
11
  import { adminProjectUpdateOptionsToCrud } from "../../projects";
12
12
  import { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from "./common";
13
13
  import { _StackServerAppImplIncomplete } from "./server-app-impl";
@@ -45,7 +45,10 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
45
45
  return await this._interface.listEmailTemplates();
46
46
  });
47
47
  this._adminTeamPermissionDefinitionsCache = createCache(async () => {
48
- return await this._interface.listPermissionDefinitions();
48
+ return await this._interface.listTeamPermissionDefinitions();
49
+ });
50
+ this._adminProjectPermissionDefinitionsCache = createCache(async () => {
51
+ return await this._interface.listProjectPermissionDefinitions();
49
52
  });
50
53
  this._svixTokenCache = createCache(async () => {
51
54
  return await this._interface.getSvixToken();
@@ -116,7 +119,8 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
116
119
  })),
117
120
  createTeamOnSignUp: data.config.create_team_on_sign_up,
118
121
  teamCreatorDefaultPermissions: data.config.team_creator_default_permissions,
119
- teamMemberDefaultPermissions: data.config.team_member_default_permissions
122
+ teamMemberDefaultPermissions: data.config.team_member_default_permissions,
123
+ userDefaultPermissions: data.config.user_default_permissions
120
124
  },
121
125
  async update(update) {
122
126
  await app._interface.updateProject(adminProjectUpdateOptionsToCrud(update));
@@ -208,22 +212,39 @@ var _StackAdminAppImplIncomplete = class extends _StackServerAppImplIncomplete {
208
212
  await this._adminEmailTemplatesCache.refresh([]);
209
213
  }
210
214
  async createTeamPermissionDefinition(data) {
211
- const crud = await this._interface.createPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));
215
+ const crud = await this._interface.createTeamPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));
212
216
  await this._adminTeamPermissionDefinitionsCache.refresh([]);
213
217
  return this._serverTeamPermissionDefinitionFromCrud(crud);
214
218
  }
215
219
  async updateTeamPermissionDefinition(permissionId, data) {
216
- await this._interface.updatePermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));
220
+ await this._interface.updateTeamPermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));
217
221
  await this._adminTeamPermissionDefinitionsCache.refresh([]);
218
222
  }
219
223
  async deleteTeamPermissionDefinition(permissionId) {
220
- await this._interface.deletePermissionDefinition(permissionId);
224
+ await this._interface.deleteTeamPermissionDefinition(permissionId);
221
225
  await this._adminTeamPermissionDefinitionsCache.refresh([]);
222
226
  }
223
227
  async listTeamPermissionDefinitions() {
224
228
  const crud = Result.orThrow(await this._adminTeamPermissionDefinitionsCache.getOrWait([], "write-only"));
225
229
  return crud.map((p) => this._serverTeamPermissionDefinitionFromCrud(p));
226
230
  }
231
+ async createProjectPermissionDefinition(data) {
232
+ const crud = await this._interface.createProjectPermissionDefinition(adminProjectPermissionDefinitionCreateOptionsToCrud(data));
233
+ await this._adminProjectPermissionDefinitionsCache.refresh([]);
234
+ return this._serverProjectPermissionDefinitionFromCrud(crud);
235
+ }
236
+ async updateProjectPermissionDefinition(permissionId, data) {
237
+ await this._interface.updateProjectPermissionDefinition(permissionId, adminProjectPermissionDefinitionUpdateOptionsToCrud(data));
238
+ await this._adminProjectPermissionDefinitionsCache.refresh([]);
239
+ }
240
+ async deleteProjectPermissionDefinition(permissionId) {
241
+ await this._interface.deleteProjectPermissionDefinition(permissionId);
242
+ await this._adminProjectPermissionDefinitionsCache.refresh([]);
243
+ }
244
+ async listProjectPermissionDefinitions() {
245
+ const crud = Result.orThrow(await this._adminProjectPermissionDefinitionsCache.getOrWait([], "write-only"));
246
+ return crud.map((p) => this._serverProjectPermissionDefinitionFromCrud(p));
247
+ }
227
248
  async _refreshProject() {
228
249
  await Promise.all([
229
250
  super._refreshProject(),
package/dist/esm/lib/stack-app/apps/implementations/admin-app-impl.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/admin-app-impl.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { StackAdminInterface } from \"@stackframe/stack-shared\";\nimport { getProductionModeErrors } from \"@stackframe/stack-shared/dist/helpers/production-mode\";\nimport { ApiKeyCreateCrudResponse } from \"@stackframe/stack-shared/dist/interface/adminInterface\";\nimport { ApiKeysCrud } from \"@stackframe/stack-shared/dist/interface/crud/api-keys\";\nimport { EmailTemplateCrud, EmailTemplateType } from \"@stackframe/stack-shared/dist/interface/crud/email-templates\";\nimport { InternalProjectsCrud } from \"@stackframe/stack-shared/dist/interface/crud/projects\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { pick } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { AdminSentEmail } from \"../..\";\nimport { ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, apiKeyCreateOptionsToCrud } from \"../../api-keys\";\nimport { EmailConfig, stackAppInternalsSymbol } from \"../../common\";\nimport { AdminEmailTemplate, AdminEmailTemplateUpdateOptions, adminEmailTemplateUpdateOptionsToCrud } from \"../../email-templates\";\nimport { AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud } from \"../../permissions\";\nimport { AdminOwnedProject, AdminProject, AdminProjectUpdateOptions, adminProjectUpdateOptionsToCrud } from \"../../projects\";\nimport { StackAdminApp, StackAdminAppConstructorOptions } from \"../interfaces/admin-app\";\nimport { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from \"./common\";\nimport { _StackServerAppImplIncomplete } from \"./server-app-impl\";\n\n\nexport class _StackAdminAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string> extends _StackServerAppImplIncomplete<HasTokenStore, ProjectId> implements StackAdminApp<HasTokenStore, ProjectId>\n{\n declare protected _interface: StackAdminInterface;\n\n private readonly _adminProjectCache = createCache(async () => {\n return await this._interface.getProject();\n });\n private readonly _apiKeysCache = createCache(async () => {\n return await this._interface.listApiKeys();\n });\n private readonly _adminEmailTemplatesCache = createCache(async () => {\n return await this._interface.listEmailTemplates();\n });\n private readonly _adminTeamPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listPermissionDefinitions();\n });\n private readonly _svixTokenCache = createCache(async () => {\n return await this._interface.getSvixToken();\n });\n private readonly _metricsCache = createCache(async () => {\n return await this._interface.getMetrics();\n });\n\n constructor(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>) {\n super({\n interface: new StackAdminInterface({\n getBaseUrl: () => getBaseUrl(options.baseUrl),\n projectId: options.projectId ?? getDefaultProjectId(),\n extraRequestHeaders: options.extraRequestHeaders ?? {},\n clientVersion,\n ...\"projectOwnerSession\" in options ? {\n projectOwnerSession: options.projectOwnerSession,\n } : {\n publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),\n secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),\n superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey(),\n },\n }),\n baseUrl: options.baseUrl,\n extraRequestHeaders: options.extraRequestHeaders,\n projectId: options.projectId,\n tokenStore: options.tokenStore,\n urls: options.urls,\n oauthScopesOnSignIn: options.oauthScopesOnSignIn,\n redirectMethod: options.redirectMethod,\n });\n }\n\n _adminOwnedProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminOwnedProject {\n if (this._tokenStoreInit !== null) {\n throw new StackAssertionError(\"Owned apps must always have tokenStore === null — did you not create this project with app._createOwnedApp()?\");;\n }\n return {\n ...this._adminProjectFromCrud(data, onRefresh),\n app: this as StackAdminApp<false>,\n };\n }\n\n _adminProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminProject {\n if (data.id !== this.projectId) {\n throw new StackAssertionError(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${this.projectId})!`);\n }\n\n const app = this;\n return {\n id: data.id,\n displayName: data.display_name,\n description: data.description,\n createdAt: new Date(data.created_at_millis),\n userCount: data.user_count,\n isProductionMode: data.is_production_mode,\n config: {\n id: data.config.id,\n signUpEnabled: data.config.sign_up_enabled,\n credentialEnabled: data.config.credential_enabled,\n magicLinkEnabled: data.config.magic_link_enabled,\n passkeyEnabled: data.config.passkey_enabled,\n clientTeamCreationEnabled: data.config.client_team_creation_enabled,\n clientUserDeletionEnabled: data.config.client_user_deletion_enabled,\n allowLocalhost: data.config.allow_localhost,\n oauthAccountMergeStrategy: data.config.oauth_account_merge_strategy,\n oauthProviders: data.config.oauth_providers.map((p) => ((p.type === 'shared' ? {\n id: p.id,\n enabled: p.enabled,\n type: 'shared',\n } as const : {\n id: p.id,\n enabled: p.enabled,\n type: 'standard',\n clientId: p.client_id ?? throwErr(\"Client ID is missing\"),\n clientSecret: p.client_secret ?? throwErr(\"Client secret is missing\"),\n facebookConfigId: p.facebook_config_id,\n microsoftTenantId: p.microsoft_tenant_id,\n } as const))),\n emailConfig: data.config.email_config.type === 'shared' ? {\n type: 'shared'\n } : {\n type: 'standard',\n host: data.config.email_config.host ?? throwErr(\"Email host is missing\"),\n port: data.config.email_config.port ?? throwErr(\"Email port is missing\"),\n username: data.config.email_config.username ?? throwErr(\"Email username is missing\"),\n password: data.config.email_config.password ?? throwErr(\"Email password is missing\"),\n senderName: data.config.email_config.sender_name ?? throwErr(\"Email sender name is missing\"),\n senderEmail: data.config.email_config.sender_email ?? throwErr(\"Email sender email is missing\"),\n },\n domains: data.config.domains.map((d) => ({\n domain: d.domain,\n handlerPath: d.handler_path,\n })),\n createTeamOnSignUp: data.config.create_team_on_sign_up,\n teamCreatorDefaultPermissions: data.config.team_creator_default_permissions,\n teamMemberDefaultPermissions: data.config.team_member_default_permissions,\n },\n\n async update(update: AdminProjectUpdateOptions) {\n await app._interface.updateProject(adminProjectUpdateOptionsToCrud(update));\n await onRefresh();\n },\n async delete() {\n await app._interface.deleteProject();\n },\n async getProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n useProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n };\n }\n\n _adminEmailTemplateFromCrud(data: EmailTemplateCrud['Admin']['Read']): AdminEmailTemplate {\n return {\n type: data.type,\n subject: data.subject,\n content: data.content,\n isDefault: data.is_default,\n };\n }\n\n override async getProject(): Promise<AdminProject> {\n return this._adminProjectFromCrud(\n Result.orThrow(await this._adminProjectCache.getOrWait([], \"write-only\")),\n () => this._refreshProject()\n );\n }\n\n\n protected _createApiKeyBaseFromCrud(data: ApiKeyBaseCrudRead): ApiKeyBase {\n const app = this;\n return {\n id: data.id,\n description: data.description,\n expiresAt: new Date(data.expires_at_millis),\n manuallyRevokedAt: data.manually_revoked_at_millis ? new Date(data.manually_revoked_at_millis) : null,\n createdAt: new Date(data.created_at_millis),\n isValid() {\n return this.whyInvalid() === null;\n },\n whyInvalid() {\n if (this.expiresAt.getTime() < Date.now()) return \"expired\";\n if (this.manuallyRevokedAt) return \"manually-revoked\";\n return null;\n },\n async revoke() {\n const res = await app._interface.revokeApiKeyById(data.id);\n await app._refreshApiKeys();\n return res;\n }\n };\n }\n\n protected _createApiKeyFromCrud(data: ApiKeysCrud[\"Admin\"][\"Read\"]): ApiKey {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key ? { lastFour: data.publishable_client_key.last_four } : null,\n secretServerKey: data.secret_server_key ? { lastFour: data.secret_server_key.last_four } : null,\n superSecretAdminKey: data.super_secret_admin_key ? { lastFour: data.super_secret_admin_key.last_four } : null,\n };\n }\n\n protected _createApiKeyFirstViewFromCrud(data: ApiKeyCreateCrudResponse): ApiKeyFirstView {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key,\n secretServerKey: data.secret_server_key,\n superSecretAdminKey: data.super_secret_admin_key,\n };\n }\n\n async listApiKeys(): Promise<ApiKey[]> {\n const crud = Result.orThrow(await this._apiKeysCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._createApiKeyFromCrud(j));\n }\n\n\n async createApiKey(options: ApiKeyCreateOptions): Promise<ApiKeyFirstView> {\n const crud = await this._interface.createApiKey(apiKeyCreateOptionsToCrud(options));\n await this._refreshApiKeys();\n return this._createApiKeyFirstViewFromCrud(crud);\n }\n\n async listEmailTemplates(): Promise<AdminEmailTemplate[]> {\n const crud = Result.orThrow(await this._adminEmailTemplatesCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._adminEmailTemplateFromCrud(j));\n }\n\n async updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void> {\n await this._interface.updateEmailTemplate(type, adminEmailTemplateUpdateOptionsToCrud(data));\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async resetEmailTemplate(type: EmailTemplateType) {\n await this._interface.resetEmailTemplate(type);\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>{\n const crud = await this._interface.createPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n return this._serverTeamPermissionDefinitionFromCrud(crud);\n }\n\n async updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions) {\n await this._interface.updatePermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteTeamPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deletePermissionDefinition(permissionId);\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async listTeamPermissionDefinitions(): Promise<AdminTeamPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminTeamPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverTeamPermissionDefinitionFromCrud(p));\n }\n\n\n protected override async _refreshProject() {\n await Promise.all([\n super._refreshProject(),\n this._adminProjectCache.refresh([]),\n ]);\n }\n\n protected async _refreshApiKeys() {\n await this._apiKeysCache.refresh([]);\n }\n\n get [stackAppInternalsSymbol]() {\n return {\n ...super[stackAppInternalsSymbol],\n };\n }\n\n async sendTestEmail(options: {\n recipientEmail: string,\n emailConfig: EmailConfig,\n }): Promise<Result<undefined, { errorMessage: string }>> {\n const response = await this._interface.sendTestEmail({\n recipient_email: options.recipientEmail,\n email_config: {\n ...(pick(options.emailConfig, ['host', 'port', 'username', 'password'])),\n sender_email: options.emailConfig.senderEmail,\n sender_name: options.emailConfig.senderName,\n },\n });\n\n if (response.success) {\n return Result.ok(undefined);\n } else {\n return Result.error({ errorMessage: response.error_message ?? throwErr(\"Email test error not specified\") });\n }\n }\n\n async listSentEmails(): Promise<AdminSentEmail[]> {\n const response = await this._interface.listSentEmails();\n return response.items.map((email) => ({\n id: email.id,\n to: email.to ?? [],\n subject: email.subject,\n recipient: email.to?.[0] ?? \"\",\n sentAt: new Date(email.sent_at_millis),\n error: email.error,\n }));\n }\n}\n"],"mappings":";AAIA,SAAS,2BAA2B;AACpC,SAAS,+BAA+B;AAKxC,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,YAAY;AACrB,SAAS,cAAc;AAEvB,SAAuF,iCAAiC;AACxH,SAAsB,+BAA+B;AACrD,SAA8D,6CAA6C;AAC3G,SAAqJ,kDAAkD,wDAAwD;AAC/P,SAAqE,uCAAuC;AAE5G,SAAS,eAAe,aAAa,YAAY,qBAAqB,gCAAgC,2BAA2B,qCAAqC;AACtK,SAAS,qCAAqC;AAGvC,IAAM,+BAAN,cAAoG,8BAC3G;AAAA,EAsBE,YAAY,SAAoE;AAC9E,UAAM;AAAA,MACJ,WAAW,IAAI,oBAAoB;AAAA,QACjC,YAAY,MAAM,WAAW,QAAQ,OAAO;AAAA,QAC5C,WAAW,QAAQ,aAAa,oBAAoB;AAAA,QACpD,qBAAqB,QAAQ,uBAAuB,CAAC;AAAA,QACrD;AAAA,QACA,GAAG,yBAAyB,UAAU;AAAA,UACpC,qBAAqB,QAAQ;AAAA,QAC/B,IAAI;AAAA,UACF,sBAAsB,QAAQ,wBAAwB,+BAA+B;AAAA,UACrF,iBAAiB,QAAQ,mBAAmB,0BAA0B;AAAA,UACtE,qBAAqB,QAAQ,uBAAuB,8BAA8B;AAAA,QACpF;AAAA,MACF,CAAC;AAAA,MACD,SAAS,QAAQ;AAAA,MACjB,qBAAqB,QAAQ;AAAA,MAC7B,WAAW,QAAQ;AAAA,MACnB,YAAY,QAAQ;AAAA,MACpB,MAAM,QAAQ;AAAA,MACd,qBAAqB,QAAQ;AAAA,MAC7B,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AAzCH,SAAiB,qBAAqB,YAAY,YAAY;AAC5D,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,YAAY;AAAA,IAC3C,CAAC;AACD,SAAiB,4BAA4B,YAAY,YAAY;AACnE,aAAO,MAAM,KAAK,WAAW,mBAAmB;AAAA,IAClD,CAAC;AACD,SAAiB,uCAAuC,YAAY,YAAY;AAC9E,aAAO,MAAM,KAAK,WAAW,0BAA0B;AAAA,IACzD,CAAC;AACD,SAAiB,kBAAkB,YAAY,YAAY;AACzD,aAAO,MAAM,KAAK,WAAW,aAAa;AAAA,IAC5C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AAAA,EAyBD;AAAA,EAEA,2BAA2B,MAA6C,WAAmD;AACzH,QAAI,KAAK,oBAAoB,MAAM;AACjC,YAAM,IAAI,oBAAoB,oHAA+G;AAAE;AAAA,IACjJ;AACA,WAAO;AAAA,MACL,GAAG,KAAK,sBAAsB,MAAM,SAAS;AAAA,MAC7C,KAAK;AAAA,IACP;AAAA,EACF;AAAA,EAEA,sBAAsB,MAA6C,WAA8C;AAC/G,QAAI,KAAK,OAAO,KAAK,WAAW;AAC9B,YAAM,IAAI,oBAAoB,gDAAgD,KAAK,EAAE,+CAA+C,KAAK,SAAS,IAAI;AAAA,IACxJ;AAEA,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,WAAW,KAAK;AAAA,MAChB,kBAAkB,KAAK;AAAA,MACvB,QAAQ;AAAA,QACN,IAAI,KAAK,OAAO;AAAA,QAChB,eAAe,KAAK,OAAO;AAAA,QAC3B,mBAAmB,KAAK,OAAO;AAAA,QAC/B,kBAAkB,KAAK,OAAO;AAAA,QAC9B,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO,gBAAgB,IAAI,CAAC,MAAQ,EAAE,SAAS,WAAW;AAAA,UAC7E,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,QACR,IAAa;AAAA,UACX,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,UACN,UAAU,EAAE,aAAa,SAAS,sBAAsB;AAAA,UACxD,cAAc,EAAE,iBAAiB,SAAS,0BAA0B;AAAA,UACpE,kBAAkB,EAAE;AAAA,UACpB,mBAAmB,EAAE;AAAA,QACvB,CAAY;AAAA,QACZ,aAAa,KAAK,OAAO,aAAa,SAAS,WAAW;AAAA,UACxD,MAAM;AAAA,QACR,IAAI;AAAA,UACF,MAAM;AAAA,UACN,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,YAAY,KAAK,OAAO,aAAa,eAAe,SAAS,8BAA8B;AAAA,UAC3F,aAAa,KAAK,OAAO,aAAa,gBAAgB,SAAS,+BAA+B;AAAA,QAChG;AAAA,QACA,SAAS,KAAK,OAAO,QAAQ,IAAI,CAAC,OAAO;AAAA,UACvC,QAAQ,EAAE;AAAA,UACV,aAAa,EAAE;AAAA,QACjB,EAAE;AAAA,QACF,oBAAoB,KAAK,OAAO;AAAA,QAChC,+BAA+B,KAAK,OAAO;AAAA,QAC3C,8BAA8B,KAAK,OAAO;AAAA,MAC5C;AAAA,MAEA,MAAM,OAAO,QAAmC;AAC9C,cAAM,IAAI,WAAW,cAAc,gCAAgC,MAAM,CAAC;AAC1E,cAAM,UAAU;AAAA,MAClB;AAAA,MACA,MAAM,SAAS;AACb,cAAM,IAAI,WAAW,cAAc;AAAA,MACrC;AAAA,MACA,MAAM,0BAA0B;AAC9B,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,MACA,0BAA0B;AACxB,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,4BAA4B,MAA8D;AACxF,WAAO;AAAA,MACL,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAe,aAAoC;AACjD,WAAO,KAAK;AAAA,MACV,OAAO,QAAQ,MAAM,KAAK,mBAAmB,UAAU,CAAC,GAAG,YAAY,CAAC;AAAA,MACxE,MAAM,KAAK,gBAAgB;AAAA,IAC7B;AAAA,EACF;AAAA,EAGU,0BAA0B,MAAsC;AACxE,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,mBAAmB,KAAK,6BAA6B,IAAI,KAAK,KAAK,0BAA0B,IAAI;AAAA,MACjG,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,UAAU;AACR,eAAO,KAAK,WAAW,MAAM;AAAA,MAC/B;AAAA,MACA,aAAa;AACX,YAAI,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAClD,YAAI,KAAK,kBAAmB,QAAO;AACnC,eAAO;AAAA,MACT;AAAA,MACA,MAAM,SAAS;AACb,cAAM,MAAM,MAAM,IAAI,WAAW,iBAAiB,KAAK,EAAE;AACzD,cAAM,IAAI,gBAAgB;AAC1B,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEU,sBAAsB,MAA4C;AAC1E,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,MAC1G,iBAAiB,KAAK,oBAAoB,EAAE,UAAU,KAAK,kBAAkB,UAAU,IAAI;AAAA,MAC3F,qBAAqB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,IAC3G;AAAA,EACF;AAAA,EAEU,+BAA+B,MAAiD;AACxF,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB,KAAK;AAAA,MACtB,qBAAqB,KAAK;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,cAAiC;AACrC,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,cAAc,UAAU,CAAC,GAAG,YAAY,CAAC;AAChF,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,sBAAsB,CAAC,CAAC;AAAA,EACtD;AAAA,EAGA,MAAM,aAAa,SAAwD;AACzE,UAAM,OAAO,MAAM,KAAK,WAAW,aAAa,0BAA0B,OAAO,CAAC;AAClF,UAAM,KAAK,gBAAgB;AAC3B,WAAO,KAAK,+BAA+B,IAAI;AAAA,EACjD;AAAA,EAEA,MAAM,qBAAoD;AACxD,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,0BAA0B,UAAU,CAAC,GAAG,YAAY,CAAC;AAC5F,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,4BAA4B,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,oBAAoB,MAAyB,MAAsD;AACvG,UAAM,KAAK,WAAW,oBAAoB,MAAM,sCAAsC,IAAI,CAAC;AAC3F,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB,MAAyB;AAChD,UAAM,KAAK,WAAW,mBAAmB,IAAI;AAC7C,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,+BAA+B,MAA+E;AAClH,UAAM,OAAO,MAAM,KAAK,WAAW,2BAA2B,iDAAiD,IAAI,CAAC;AACpH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAC1D,WAAO,KAAK,wCAAwC,IAAI;AAAA,EAC1D;AAAA,EAEA,MAAM,+BAA+B,cAAsB,MAAkD;AAC3G,UAAM,KAAK,WAAW,2BAA2B,cAAc,iDAAiD,IAAI,CAAC;AACrH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,+BAA+B,cAAqC;AACxE,UAAM,KAAK,WAAW,2BAA2B,YAAY;AAC7D,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,gCAA0E;AAC9E,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,qCAAqC,UAAU,CAAC,GAAG,YAAY,CAAC;AACvG,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,wCAAwC,CAAC,CAAC;AAAA,EACxE;AAAA,EAGA,MAAyB,kBAAkB;AACzC,UAAM,QAAQ,IAAI;AAAA,MAChB,MAAM,gBAAgB;AAAA,MACtB,KAAK,mBAAmB,QAAQ,CAAC,CAAC;AAAA,IACpC,CAAC;AAAA,EACH;AAAA,EAEA,MAAgB,kBAAkB;AAChC,UAAM,KAAK,cAAc,QAAQ,CAAC,CAAC;AAAA,EACrC;AAAA,EAEA,KAAK,uBAAuB,IAAI;AAC9B,WAAO;AAAA,MACL,GAAG,MAAM,uBAAuB;AAAA,IAClC;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,SAGqC;AACvD,UAAM,WAAW,MAAM,KAAK,WAAW,cAAc;AAAA,MACnD,iBAAiB,QAAQ;AAAA,MACzB,cAAc;AAAA,QACZ,GAAI,KAAK,QAAQ,aAAa,CAAC,QAAQ,QAAQ,YAAY,UAAU,CAAC;AAAA,QACtE,cAAc,QAAQ,YAAY;AAAA,QAClC,aAAa,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF,CAAC;AAED,QAAI,SAAS,SAAS;AACpB,aAAO,OAAO,GAAG,MAAS;AAAA,IAC5B,OAAO;AACL,aAAO,OAAO,MAAM,EAAE,cAAc,SAAS,iBAAiB,SAAS,gCAAgC,EAAE,CAAC;AAAA,IAC5G;AAAA,EACF;AAAA,EAEA,MAAM,iBAA4C;AAChD,UAAM,WAAW,MAAM,KAAK,WAAW,eAAe;AACtD,WAAO,SAAS,MAAM,IAAI,CAAC,WAAW;AAAA,MACpC,IAAI,MAAM;AAAA,MACV,IAAI,MAAM,MAAM,CAAC;AAAA,MACjB,SAAS,MAAM;AAAA,MACf,WAAW,MAAM,KAAK,CAAC,KAAK;AAAA,MAC5B,QAAQ,IAAI,KAAK,MAAM,cAAc;AAAA,MACrC,OAAO,MAAM;AAAA,IACf,EAAE;AAAA,EACJ;AACF;","names":[]}
1
+ {"version":3,"sources":["../../../../../../src/lib/stack-app/apps/implementations/admin-app-impl.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY\n//===========================================\nimport { StackAdminInterface } from \"@stackframe/stack-shared\";\nimport { getProductionModeErrors } from \"@stackframe/stack-shared/dist/helpers/production-mode\";\nimport { ApiKeyCreateCrudResponse } from \"@stackframe/stack-shared/dist/interface/adminInterface\";\nimport { ApiKeysCrud } from \"@stackframe/stack-shared/dist/interface/crud/api-keys\";\nimport { EmailTemplateCrud, EmailTemplateType } from \"@stackframe/stack-shared/dist/interface/crud/email-templates\";\nimport { InternalProjectsCrud } from \"@stackframe/stack-shared/dist/interface/crud/projects\";\nimport { StackAssertionError, throwErr } from \"@stackframe/stack-shared/dist/utils/errors\";\nimport { pick } from \"@stackframe/stack-shared/dist/utils/objects\";\nimport { Result } from \"@stackframe/stack-shared/dist/utils/results\";\nimport { AdminSentEmail } from \"../..\";\nimport { ApiKey, ApiKeyBase, ApiKeyBaseCrudRead, ApiKeyCreateOptions, ApiKeyFirstView, apiKeyCreateOptionsToCrud } from \"../../api-keys\";\nimport { EmailConfig, stackAppInternalsSymbol } from \"../../common\";\nimport { AdminEmailTemplate, AdminEmailTemplateUpdateOptions, adminEmailTemplateUpdateOptionsToCrud } from \"../../email-templates\";\nimport { AdminTeamPermission, AdminTeamPermissionDefinition, AdminTeamPermissionDefinitionCreateOptions, AdminTeamPermissionDefinitionUpdateOptions, AdminProjectPermission, AdminProjectPermissionDefinition, AdminProjectPermissionDefinitionCreateOptions, AdminProjectPermissionDefinitionUpdateOptions, adminTeamPermissionDefinitionCreateOptionsToCrud, adminTeamPermissionDefinitionUpdateOptionsToCrud, adminProjectPermissionDefinitionCreateOptionsToCrud, adminProjectPermissionDefinitionUpdateOptionsToCrud } from \"../../permissions\";\nimport { AdminOwnedProject, AdminProject, AdminProjectUpdateOptions, adminProjectUpdateOptionsToCrud } from \"../../projects\";\nimport { StackAdminApp, StackAdminAppConstructorOptions } from \"../interfaces/admin-app\";\nimport { clientVersion, createCache, getBaseUrl, getDefaultProjectId, getDefaultPublishableClientKey, getDefaultSecretServerKey, getDefaultSuperSecretAdminKey } from \"./common\";\nimport { _StackServerAppImplIncomplete } from \"./server-app-impl\";\n\n\nexport class _StackAdminAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string> extends _StackServerAppImplIncomplete<HasTokenStore, ProjectId> implements StackAdminApp<HasTokenStore, ProjectId>\n{\n declare protected _interface: StackAdminInterface;\n\n private readonly _adminProjectCache = createCache(async () => {\n return await this._interface.getProject();\n });\n private readonly _apiKeysCache = createCache(async () => {\n return await this._interface.listApiKeys();\n });\n private readonly _adminEmailTemplatesCache = createCache(async () => {\n return await this._interface.listEmailTemplates();\n });\n private readonly _adminTeamPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listTeamPermissionDefinitions();\n });\n private readonly _adminProjectPermissionDefinitionsCache = createCache(async () => {\n return await this._interface.listProjectPermissionDefinitions();\n });\n private readonly _svixTokenCache = createCache(async () => {\n return await this._interface.getSvixToken();\n });\n private readonly _metricsCache = createCache(async () => {\n return await this._interface.getMetrics();\n });\n\n constructor(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>) {\n super({\n interface: new StackAdminInterface({\n getBaseUrl: () => getBaseUrl(options.baseUrl),\n projectId: options.projectId ?? getDefaultProjectId(),\n extraRequestHeaders: options.extraRequestHeaders ?? {},\n clientVersion,\n ...\"projectOwnerSession\" in options ? {\n projectOwnerSession: options.projectOwnerSession,\n } : {\n publishableClientKey: options.publishableClientKey ?? getDefaultPublishableClientKey(),\n secretServerKey: options.secretServerKey ?? getDefaultSecretServerKey(),\n superSecretAdminKey: options.superSecretAdminKey ?? getDefaultSuperSecretAdminKey(),\n },\n }),\n baseUrl: options.baseUrl,\n extraRequestHeaders: options.extraRequestHeaders,\n projectId: options.projectId,\n tokenStore: options.tokenStore,\n urls: options.urls,\n oauthScopesOnSignIn: options.oauthScopesOnSignIn,\n redirectMethod: options.redirectMethod,\n });\n }\n\n _adminOwnedProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminOwnedProject {\n if (this._tokenStoreInit !== null) {\n throw new StackAssertionError(\"Owned apps must always have tokenStore === null — did you not create this project with app._createOwnedApp()?\");;\n }\n return {\n ...this._adminProjectFromCrud(data, onRefresh),\n app: this as StackAdminApp<false>,\n };\n }\n\n _adminProjectFromCrud(data: InternalProjectsCrud['Admin']['Read'], onRefresh: () => Promise<void>): AdminProject {\n if (data.id !== this.projectId) {\n throw new StackAssertionError(`The project ID of the provided project JSON (${data.id}) does not match the project ID of the app (${this.projectId})!`);\n }\n\n const app = this;\n return {\n id: data.id,\n displayName: data.display_name,\n description: data.description,\n createdAt: new Date(data.created_at_millis),\n userCount: data.user_count,\n isProductionMode: data.is_production_mode,\n config: {\n id: data.config.id,\n signUpEnabled: data.config.sign_up_enabled,\n credentialEnabled: data.config.credential_enabled,\n magicLinkEnabled: data.config.magic_link_enabled,\n passkeyEnabled: data.config.passkey_enabled,\n clientTeamCreationEnabled: data.config.client_team_creation_enabled,\n clientUserDeletionEnabled: data.config.client_user_deletion_enabled,\n allowLocalhost: data.config.allow_localhost,\n oauthAccountMergeStrategy: data.config.oauth_account_merge_strategy,\n oauthProviders: data.config.oauth_providers.map((p) => ((p.type === 'shared' ? {\n id: p.id,\n enabled: p.enabled,\n type: 'shared',\n } as const : {\n id: p.id,\n enabled: p.enabled,\n type: 'standard',\n clientId: p.client_id ?? throwErr(\"Client ID is missing\"),\n clientSecret: p.client_secret ?? throwErr(\"Client secret is missing\"),\n facebookConfigId: p.facebook_config_id,\n microsoftTenantId: p.microsoft_tenant_id,\n } as const))),\n emailConfig: data.config.email_config.type === 'shared' ? {\n type: 'shared'\n } : {\n type: 'standard',\n host: data.config.email_config.host ?? throwErr(\"Email host is missing\"),\n port: data.config.email_config.port ?? throwErr(\"Email port is missing\"),\n username: data.config.email_config.username ?? throwErr(\"Email username is missing\"),\n password: data.config.email_config.password ?? throwErr(\"Email password is missing\"),\n senderName: data.config.email_config.sender_name ?? throwErr(\"Email sender name is missing\"),\n senderEmail: data.config.email_config.sender_email ?? throwErr(\"Email sender email is missing\"),\n },\n domains: data.config.domains.map((d) => ({\n domain: d.domain,\n handlerPath: d.handler_path,\n })),\n createTeamOnSignUp: data.config.create_team_on_sign_up,\n teamCreatorDefaultPermissions: data.config.team_creator_default_permissions,\n teamMemberDefaultPermissions: data.config.team_member_default_permissions,\n userDefaultPermissions: data.config.user_default_permissions,\n },\n\n async update(update: AdminProjectUpdateOptions) {\n await app._interface.updateProject(adminProjectUpdateOptionsToCrud(update));\n await onRefresh();\n },\n async delete() {\n await app._interface.deleteProject();\n },\n async getProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n useProductionModeErrors() {\n return getProductionModeErrors(data);\n },\n };\n }\n\n _adminEmailTemplateFromCrud(data: EmailTemplateCrud['Admin']['Read']): AdminEmailTemplate {\n return {\n type: data.type,\n subject: data.subject,\n content: data.content,\n isDefault: data.is_default,\n };\n }\n\n override async getProject(): Promise<AdminProject> {\n return this._adminProjectFromCrud(\n Result.orThrow(await this._adminProjectCache.getOrWait([], \"write-only\")),\n () => this._refreshProject()\n );\n }\n\n\n protected _createApiKeyBaseFromCrud(data: ApiKeyBaseCrudRead): ApiKeyBase {\n const app = this;\n return {\n id: data.id,\n description: data.description,\n expiresAt: new Date(data.expires_at_millis),\n manuallyRevokedAt: data.manually_revoked_at_millis ? new Date(data.manually_revoked_at_millis) : null,\n createdAt: new Date(data.created_at_millis),\n isValid() {\n return this.whyInvalid() === null;\n },\n whyInvalid() {\n if (this.expiresAt.getTime() < Date.now()) return \"expired\";\n if (this.manuallyRevokedAt) return \"manually-revoked\";\n return null;\n },\n async revoke() {\n const res = await app._interface.revokeApiKeyById(data.id);\n await app._refreshApiKeys();\n return res;\n }\n };\n }\n\n protected _createApiKeyFromCrud(data: ApiKeysCrud[\"Admin\"][\"Read\"]): ApiKey {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key ? { lastFour: data.publishable_client_key.last_four } : null,\n secretServerKey: data.secret_server_key ? { lastFour: data.secret_server_key.last_four } : null,\n superSecretAdminKey: data.super_secret_admin_key ? { lastFour: data.super_secret_admin_key.last_four } : null,\n };\n }\n\n protected _createApiKeyFirstViewFromCrud(data: ApiKeyCreateCrudResponse): ApiKeyFirstView {\n return {\n ...this._createApiKeyBaseFromCrud(data),\n publishableClientKey: data.publishable_client_key,\n secretServerKey: data.secret_server_key,\n superSecretAdminKey: data.super_secret_admin_key,\n };\n }\n\n async listApiKeys(): Promise<ApiKey[]> {\n const crud = Result.orThrow(await this._apiKeysCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._createApiKeyFromCrud(j));\n }\n\n\n async createApiKey(options: ApiKeyCreateOptions): Promise<ApiKeyFirstView> {\n const crud = await this._interface.createApiKey(apiKeyCreateOptionsToCrud(options));\n await this._refreshApiKeys();\n return this._createApiKeyFirstViewFromCrud(crud);\n }\n\n async listEmailTemplates(): Promise<AdminEmailTemplate[]> {\n const crud = Result.orThrow(await this._adminEmailTemplatesCache.getOrWait([], \"write-only\"));\n return crud.map((j) => this._adminEmailTemplateFromCrud(j));\n }\n\n async updateEmailTemplate(type: EmailTemplateType, data: AdminEmailTemplateUpdateOptions): Promise<void> {\n await this._interface.updateEmailTemplate(type, adminEmailTemplateUpdateOptionsToCrud(data));\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async resetEmailTemplate(type: EmailTemplateType) {\n await this._interface.resetEmailTemplate(type);\n await this._adminEmailTemplatesCache.refresh([]);\n }\n\n async createTeamPermissionDefinition(data: AdminTeamPermissionDefinitionCreateOptions): Promise<AdminTeamPermission>{\n const crud = await this._interface.createTeamPermissionDefinition(adminTeamPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n return this._serverTeamPermissionDefinitionFromCrud(crud);\n }\n\n async updateTeamPermissionDefinition(permissionId: string, data: AdminTeamPermissionDefinitionUpdateOptions) {\n await this._interface.updateTeamPermissionDefinition(permissionId, adminTeamPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteTeamPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteTeamPermissionDefinition(permissionId);\n await this._adminTeamPermissionDefinitionsCache.refresh([]);\n }\n\n async listTeamPermissionDefinitions(): Promise<AdminTeamPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminTeamPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverTeamPermissionDefinitionFromCrud(p));\n }\n\n\n async createProjectPermissionDefinition(data: AdminProjectPermissionDefinitionCreateOptions): Promise<AdminProjectPermission> {\n const crud = await this._interface.createProjectPermissionDefinition(adminProjectPermissionDefinitionCreateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n return this._serverProjectPermissionDefinitionFromCrud(crud);\n }\n\n async updateProjectPermissionDefinition(permissionId: string, data: AdminProjectPermissionDefinitionUpdateOptions) {\n await this._interface.updateProjectPermissionDefinition(permissionId, adminProjectPermissionDefinitionUpdateOptionsToCrud(data));\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async deleteProjectPermissionDefinition(permissionId: string): Promise<void> {\n await this._interface.deleteProjectPermissionDefinition(permissionId);\n await this._adminProjectPermissionDefinitionsCache.refresh([]);\n }\n\n async listProjectPermissionDefinitions(): Promise<AdminProjectPermissionDefinition[]> {\n const crud = Result.orThrow(await this._adminProjectPermissionDefinitionsCache.getOrWait([], \"write-only\"));\n return crud.map((p) => this._serverProjectPermissionDefinitionFromCrud(p));\n }\n\n\n protected override async _refreshProject() {\n await Promise.all([\n super._refreshProject(),\n this._adminProjectCache.refresh([]),\n ]);\n }\n\n protected async _refreshApiKeys() {\n await this._apiKeysCache.refresh([]);\n }\n\n get [stackAppInternalsSymbol]() {\n return {\n ...super[stackAppInternalsSymbol],\n };\n }\n\n async sendTestEmail(options: {\n recipientEmail: string,\n emailConfig: EmailConfig,\n }): Promise<Result<undefined, { errorMessage: string }>> {\n const response = await this._interface.sendTestEmail({\n recipient_email: options.recipientEmail,\n email_config: {\n ...(pick(options.emailConfig, ['host', 'port', 'username', 'password'])),\n sender_email: options.emailConfig.senderEmail,\n sender_name: options.emailConfig.senderName,\n },\n });\n\n if (response.success) {\n return Result.ok(undefined);\n } else {\n return Result.error({ errorMessage: response.error_message ?? throwErr(\"Email test error not specified\") });\n }\n }\n\n async listSentEmails(): Promise<AdminSentEmail[]> {\n const response = await this._interface.listSentEmails();\n return response.items.map((email) => ({\n id: email.id,\n to: email.to ?? [],\n subject: email.subject,\n recipient: email.to?.[0] ?? \"\",\n sentAt: new Date(email.sent_at_millis),\n error: email.error,\n }));\n }\n}\n"],"mappings":";AAIA,SAAS,2BAA2B;AACpC,SAAS,+BAA+B;AAKxC,SAAS,qBAAqB,gBAAgB;AAC9C,SAAS,YAAY;AACrB,SAAS,cAAc;AAEvB,SAAuF,iCAAiC;AACxH,SAAsB,+BAA+B;AACrD,SAA8D,6CAA6C;AAC3G,SAA6S,kDAAkD,kDAAkD,qDAAqD,2DAA2D;AACjgB,SAAqE,uCAAuC;AAE5G,SAAS,eAAe,aAAa,YAAY,qBAAqB,gCAAgC,2BAA2B,qCAAqC;AACtK,SAAS,qCAAqC;AAGvC,IAAM,+BAAN,cAAoG,8BAC3G;AAAA,EAyBE,YAAY,SAAoE;AAC9E,UAAM;AAAA,MACJ,WAAW,IAAI,oBAAoB;AAAA,QACjC,YAAY,MAAM,WAAW,QAAQ,OAAO;AAAA,QAC5C,WAAW,QAAQ,aAAa,oBAAoB;AAAA,QACpD,qBAAqB,QAAQ,uBAAuB,CAAC;AAAA,QACrD;AAAA,QACA,GAAG,yBAAyB,UAAU;AAAA,UACpC,qBAAqB,QAAQ;AAAA,QAC/B,IAAI;AAAA,UACF,sBAAsB,QAAQ,wBAAwB,+BAA+B;AAAA,UACrF,iBAAiB,QAAQ,mBAAmB,0BAA0B;AAAA,UACtE,qBAAqB,QAAQ,uBAAuB,8BAA8B;AAAA,QACpF;AAAA,MACF,CAAC;AAAA,MACD,SAAS,QAAQ;AAAA,MACjB,qBAAqB,QAAQ;AAAA,MAC7B,WAAW,QAAQ;AAAA,MACnB,YAAY,QAAQ;AAAA,MACpB,MAAM,QAAQ;AAAA,MACd,qBAAqB,QAAQ;AAAA,MAC7B,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AA5CH,SAAiB,qBAAqB,YAAY,YAAY;AAC5D,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,YAAY;AAAA,IAC3C,CAAC;AACD,SAAiB,4BAA4B,YAAY,YAAY;AACnE,aAAO,MAAM,KAAK,WAAW,mBAAmB;AAAA,IAClD,CAAC;AACD,SAAiB,uCAAuC,YAAY,YAAY;AAC9E,aAAO,MAAM,KAAK,WAAW,8BAA8B;AAAA,IAC7D,CAAC;AACD,SAAiB,0CAA0C,YAAY,YAAY;AACjF,aAAO,MAAM,KAAK,WAAW,iCAAiC;AAAA,IAChE,CAAC;AACD,SAAiB,kBAAkB,YAAY,YAAY;AACzD,aAAO,MAAM,KAAK,WAAW,aAAa;AAAA,IAC5C,CAAC;AACD,SAAiB,gBAAgB,YAAY,YAAY;AACvD,aAAO,MAAM,KAAK,WAAW,WAAW;AAAA,IAC1C,CAAC;AAAA,EAyBD;AAAA,EAEA,2BAA2B,MAA6C,WAAmD;AACzH,QAAI,KAAK,oBAAoB,MAAM;AACjC,YAAM,IAAI,oBAAoB,oHAA+G;AAAE;AAAA,IACjJ;AACA,WAAO;AAAA,MACL,GAAG,KAAK,sBAAsB,MAAM,SAAS;AAAA,MAC7C,KAAK;AAAA,IACP;AAAA,EACF;AAAA,EAEA,sBAAsB,MAA6C,WAA8C;AAC/G,QAAI,KAAK,OAAO,KAAK,WAAW;AAC9B,YAAM,IAAI,oBAAoB,gDAAgD,KAAK,EAAE,+CAA+C,KAAK,SAAS,IAAI;AAAA,IACxJ;AAEA,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,WAAW,KAAK;AAAA,MAChB,kBAAkB,KAAK;AAAA,MACvB,QAAQ;AAAA,QACN,IAAI,KAAK,OAAO;AAAA,QAChB,eAAe,KAAK,OAAO;AAAA,QAC3B,mBAAmB,KAAK,OAAO;AAAA,QAC/B,kBAAkB,KAAK,OAAO;AAAA,QAC9B,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO;AAAA,QAC5B,2BAA2B,KAAK,OAAO;AAAA,QACvC,gBAAgB,KAAK,OAAO,gBAAgB,IAAI,CAAC,MAAQ,EAAE,SAAS,WAAW;AAAA,UAC7E,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,QACR,IAAa;AAAA,UACX,IAAI,EAAE;AAAA,UACN,SAAS,EAAE;AAAA,UACX,MAAM;AAAA,UACN,UAAU,EAAE,aAAa,SAAS,sBAAsB;AAAA,UACxD,cAAc,EAAE,iBAAiB,SAAS,0BAA0B;AAAA,UACpE,kBAAkB,EAAE;AAAA,UACpB,mBAAmB,EAAE;AAAA,QACvB,CAAY;AAAA,QACZ,aAAa,KAAK,OAAO,aAAa,SAAS,WAAW;AAAA,UACxD,MAAM;AAAA,QACR,IAAI;AAAA,UACF,MAAM;AAAA,UACN,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,MAAM,KAAK,OAAO,aAAa,QAAQ,SAAS,uBAAuB;AAAA,UACvE,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,UAAU,KAAK,OAAO,aAAa,YAAY,SAAS,2BAA2B;AAAA,UACnF,YAAY,KAAK,OAAO,aAAa,eAAe,SAAS,8BAA8B;AAAA,UAC3F,aAAa,KAAK,OAAO,aAAa,gBAAgB,SAAS,+BAA+B;AAAA,QAChG;AAAA,QACA,SAAS,KAAK,OAAO,QAAQ,IAAI,CAAC,OAAO;AAAA,UACvC,QAAQ,EAAE;AAAA,UACV,aAAa,EAAE;AAAA,QACjB,EAAE;AAAA,QACF,oBAAoB,KAAK,OAAO;AAAA,QAChC,+BAA+B,KAAK,OAAO;AAAA,QAC3C,8BAA8B,KAAK,OAAO;AAAA,QAC1C,wBAAwB,KAAK,OAAO;AAAA,MACtC;AAAA,MAEA,MAAM,OAAO,QAAmC;AAC9C,cAAM,IAAI,WAAW,cAAc,gCAAgC,MAAM,CAAC;AAC1E,cAAM,UAAU;AAAA,MAClB;AAAA,MACA,MAAM,SAAS;AACb,cAAM,IAAI,WAAW,cAAc;AAAA,MACrC;AAAA,MACA,MAAM,0BAA0B;AAC9B,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,MACA,0BAA0B;AACxB,eAAO,wBAAwB,IAAI;AAAA,MACrC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,4BAA4B,MAA8D;AACxF,WAAO;AAAA,MACL,MAAM,KAAK;AAAA,MACX,SAAS,KAAK;AAAA,MACd,SAAS,KAAK;AAAA,MACd,WAAW,KAAK;AAAA,IAClB;AAAA,EACF;AAAA,EAEA,MAAe,aAAoC;AACjD,WAAO,KAAK;AAAA,MACV,OAAO,QAAQ,MAAM,KAAK,mBAAmB,UAAU,CAAC,GAAG,YAAY,CAAC;AAAA,MACxE,MAAM,KAAK,gBAAgB;AAAA,IAC7B;AAAA,EACF;AAAA,EAGU,0BAA0B,MAAsC;AACxE,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,aAAa,KAAK;AAAA,MAClB,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,mBAAmB,KAAK,6BAA6B,IAAI,KAAK,KAAK,0BAA0B,IAAI;AAAA,MACjG,WAAW,IAAI,KAAK,KAAK,iBAAiB;AAAA,MAC1C,UAAU;AACR,eAAO,KAAK,WAAW,MAAM;AAAA,MAC/B;AAAA,MACA,aAAa;AACX,YAAI,KAAK,UAAU,QAAQ,IAAI,KAAK,IAAI,EAAG,QAAO;AAClD,YAAI,KAAK,kBAAmB,QAAO;AACnC,eAAO;AAAA,MACT;AAAA,MACA,MAAM,SAAS;AACb,cAAM,MAAM,MAAM,IAAI,WAAW,iBAAiB,KAAK,EAAE;AACzD,cAAM,IAAI,gBAAgB;AAC1B,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEU,sBAAsB,MAA4C;AAC1E,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,MAC1G,iBAAiB,KAAK,oBAAoB,EAAE,UAAU,KAAK,kBAAkB,UAAU,IAAI;AAAA,MAC3F,qBAAqB,KAAK,yBAAyB,EAAE,UAAU,KAAK,uBAAuB,UAAU,IAAI;AAAA,IAC3G;AAAA,EACF;AAAA,EAEU,+BAA+B,MAAiD;AACxF,WAAO;AAAA,MACL,GAAG,KAAK,0BAA0B,IAAI;AAAA,MACtC,sBAAsB,KAAK;AAAA,MAC3B,iBAAiB,KAAK;AAAA,MACtB,qBAAqB,KAAK;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,MAAM,cAAiC;AACrC,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,cAAc,UAAU,CAAC,GAAG,YAAY,CAAC;AAChF,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,sBAAsB,CAAC,CAAC;AAAA,EACtD;AAAA,EAGA,MAAM,aAAa,SAAwD;AACzE,UAAM,OAAO,MAAM,KAAK,WAAW,aAAa,0BAA0B,OAAO,CAAC;AAClF,UAAM,KAAK,gBAAgB;AAC3B,WAAO,KAAK,+BAA+B,IAAI;AAAA,EACjD;AAAA,EAEA,MAAM,qBAAoD;AACxD,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,0BAA0B,UAAU,CAAC,GAAG,YAAY,CAAC;AAC5F,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,4BAA4B,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,oBAAoB,MAAyB,MAAsD;AACvG,UAAM,KAAK,WAAW,oBAAoB,MAAM,sCAAsC,IAAI,CAAC;AAC3F,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,mBAAmB,MAAyB;AAChD,UAAM,KAAK,WAAW,mBAAmB,IAAI;AAC7C,UAAM,KAAK,0BAA0B,QAAQ,CAAC,CAAC;AAAA,EACjD;AAAA,EAEA,MAAM,+BAA+B,MAA+E;AAClH,UAAM,OAAO,MAAM,KAAK,WAAW,+BAA+B,iDAAiD,IAAI,CAAC;AACxH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAC1D,WAAO,KAAK,wCAAwC,IAAI;AAAA,EAC1D;AAAA,EAEA,MAAM,+BAA+B,cAAsB,MAAkD;AAC3G,UAAM,KAAK,WAAW,+BAA+B,cAAc,iDAAiD,IAAI,CAAC;AACzH,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,+BAA+B,cAAqC;AACxE,UAAM,KAAK,WAAW,+BAA+B,YAAY;AACjE,UAAM,KAAK,qCAAqC,QAAQ,CAAC,CAAC;AAAA,EAC5D;AAAA,EAEA,MAAM,gCAA0E;AAC9E,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,qCAAqC,UAAU,CAAC,GAAG,YAAY,CAAC;AACvG,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,wCAAwC,CAAC,CAAC;AAAA,EACxE;AAAA,EAGA,MAAM,kCAAkC,MAAsF;AAC5H,UAAM,OAAO,MAAM,KAAK,WAAW,kCAAkC,oDAAoD,IAAI,CAAC;AAC9H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAC7D,WAAO,KAAK,2CAA2C,IAAI;AAAA,EAC7D;AAAA,EAEA,MAAM,kCAAkC,cAAsB,MAAqD;AACjH,UAAM,KAAK,WAAW,kCAAkC,cAAc,oDAAoD,IAAI,CAAC;AAC/H,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,kCAAkC,cAAqC;AAC3E,UAAM,KAAK,WAAW,kCAAkC,YAAY;AACpE,UAAM,KAAK,wCAAwC,QAAQ,CAAC,CAAC;AAAA,EAC/D;AAAA,EAEA,MAAM,mCAAgF;AACpF,UAAM,OAAO,OAAO,QAAQ,MAAM,KAAK,wCAAwC,UAAU,CAAC,GAAG,YAAY,CAAC;AAC1G,WAAO,KAAK,IAAI,CAAC,MAAM,KAAK,2CAA2C,CAAC,CAAC;AAAA,EAC3E;AAAA,EAGA,MAAyB,kBAAkB;AACzC,UAAM,QAAQ,IAAI;AAAA,MAChB,MAAM,gBAAgB;AAAA,MACtB,KAAK,mBAAmB,QAAQ,CAAC,CAAC;AAAA,IACpC,CAAC;AAAA,EACH;AAAA,EAEA,MAAgB,kBAAkB;AAChC,UAAM,KAAK,cAAc,QAAQ,CAAC,CAAC;AAAA,EACrC;AAAA,EAEA,KAAK,uBAAuB,IAAI;AAC9B,WAAO;AAAA,MACL,GAAG,MAAM,uBAAuB;AAAA,IAClC;AAAA,EACF;AAAA,EAEA,MAAM,cAAc,SAGqC;AACvD,UAAM,WAAW,MAAM,KAAK,WAAW,cAAc;AAAA,MACnD,iBAAiB,QAAQ;AAAA,MACzB,cAAc;AAAA,QACZ,GAAI,KAAK,QAAQ,aAAa,CAAC,QAAQ,QAAQ,YAAY,UAAU,CAAC;AAAA,QACtE,cAAc,QAAQ,YAAY;AAAA,QAClC,aAAa,QAAQ,YAAY;AAAA,MACnC;AAAA,IACF,CAAC;AAED,QAAI,SAAS,SAAS;AACpB,aAAO,OAAO,GAAG,MAAS;AAAA,IAC5B,OAAO;AACL,aAAO,OAAO,MAAM,EAAE,cAAc,SAAS,iBAAiB,SAAS,gCAAgC,EAAE,CAAC;AAAA,IAC5G;AAAA,EACF;AAAA,EAEA,MAAM,iBAA4C;AAChD,UAAM,WAAW,MAAM,KAAK,WAAW,eAAe;AACtD,WAAO,SAAS,MAAM,IAAI,CAAC,WAAW;AAAA,MACpC,IAAI,MAAM;AAAA,MACV,IAAI,MAAM,MAAM,CAAC;AAAA,MACjB,SAAS,MAAM;AAAA,MACf,WAAW,MAAM,KAAK,CAAC,KAAK;AAAA,MAC5B,QAAQ,IAAI,KAAK,MAAM,cAAc;AAAA,MACrC,OAAO,MAAM;AAAA,IACf,EAAE;AAAA,EACJ;AACF;","names":[]}
package/dist/esm/lib/stack-app/apps/implementations/client-app-impl.js CHANGED
@@ -49,6 +49,9 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
49
49
  this._currentUserPermissionsCache = createCacheBySession(async (session, [teamId, recursive]) => {
50
50
  return await this._interface.listCurrentUserTeamPermissions({ teamId, recursive }, session);
51
51
  });
52
+ this._currentUserProjectPermissionsCache = createCacheBySession(async (session, [recursive]) => {
53
+ return await this._interface.listCurrentUserProjectPermissions({ recursive }, session);
54
+ });
52
55
  this._currentUserTeamsCache = createCacheBySession(async (session) => {
53
56
  return await this._interface.listCurrentUserTeams(session);
54
57
  });
@@ -413,7 +416,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
413
416
  }
414
417
  };
415
418
  }
416
- _clientTeamPermissionFromCrud(crud) {
419
+ _clientPermissionFromCrud(crud) {
417
420
  return {
418
421
  id: crud.id
419
422
  };
@@ -447,14 +450,11 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
447
450
  clientMetadata: crud.client_metadata,
448
451
  clientReadOnlyMetadata: crud.client_read_only_metadata,
449
452
  async inviteUser(options) {
450
- if (!options.callbackUrl && !await app._getCurrentUrl()) {
451
- throw new Error("Cannot invite user without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `inviteUser({ email, callbackUrl: ... })`");
452
- }
453
453
  await app._interface.sendTeamInvitation({
454
454
  teamId: crud.id,
455
455
  email: options.email,
456
456
  session,
457
- callbackUrl: options.callbackUrl ?? constructRedirectUrl(app.urls.teamInvitation)
457
+ callbackUrl: options.callbackUrl ?? constructRedirectUrl(app.urls.teamInvitation, "callbackUrl")
458
458
  });
459
459
  await app._teamInvitationsCache.refresh([session, crud.id]);
460
460
  },
@@ -485,8 +485,12 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
485
485
  isVerified: crud.is_verified,
486
486
  isPrimary: crud.is_primary,
487
487
  usedForAuth: crud.used_for_auth,
488
- async sendVerificationEmail() {
489
- await app._interface.sendCurrentUserContactChannelVerificationEmail(crud.id, constructRedirectUrl(app.urls.emailVerification), session);
488
+ async sendVerificationEmail(options) {
489
+ await app._interface.sendCurrentUserContactChannelVerificationEmail(
490
+ crud.id,
491
+ options?.callbackUrl || constructRedirectUrl(app.urls.emailVerification, "callbackUrl"),
492
+ session
493
+ );
490
494
  },
491
495
  async update(data) {
492
496
  await app._interface.updateClientContactChannel(crud.id, contactChannelUpdateOptionsToCrud(data), session);
@@ -588,6 +592,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
588
592
  oauthProviders: crud.oauth_providers,
589
593
  passkeyAuthEnabled: crud.passkey_auth_enabled,
590
594
  isMultiFactorRequired: crud.requires_totp_mfa,
595
+ isAnonymous: crud.is_anonymous,
591
596
  toClientJson() {
592
597
  return crud;
593
598
  }
@@ -628,22 +633,44 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
628
633
  async createTeam(data) {
629
634
  const crud2 = await app._interface.createClientTeam(teamCreateOptionsToCrud(data, "me"), session);
630
635
  await app._currentUserTeamsCache.refresh([session]);
636
+ await this.update({ selectedTeamId: crud2.id });
631
637
  return app._clientTeamFromCrud(crud2, session);
632
638
  },
633
639
  async leaveTeam(team) {
634
640
  await app._interface.leaveTeam(team.id, session);
635
641
  },
636
- async listPermissions(scope, options) {
637
- const recursive = options?.recursive ?? true;
638
- const permissions = Result.orThrow(await app._currentUserPermissionsCache.getOrWait([session, scope.id, recursive], "write-only"));
639
- return permissions.map((crud2) => app._clientTeamPermissionFromCrud(crud2));
642
+ async listPermissions(scopeOrOptions, options) {
643
+ if (scopeOrOptions && "id" in scopeOrOptions) {
644
+ const scope = scopeOrOptions;
645
+ const recursive = options?.recursive ?? true;
646
+ const permissions = Result.orThrow(await app._currentUserPermissionsCache.getOrWait([session, scope.id, recursive], "write-only"));
647
+ return permissions.map((crud2) => app._clientPermissionFromCrud(crud2));
648
+ } else {
649
+ const opts = scopeOrOptions;
650
+ const recursive = opts?.recursive ?? true;
651
+ const permissions = Result.orThrow(await app._currentUserProjectPermissionsCache.getOrWait([session, recursive], "write-only"));
652
+ return permissions.map((crud2) => app._clientPermissionFromCrud(crud2));
653
+ }
640
654
  },
641
- async getPermission(scope, permissionId) {
642
- const permissions = await this.listPermissions(scope);
643
- return permissions.find((p) => p.id === permissionId) ?? null;
655
+ async getPermission(scopeOrPermissionId, permissionId) {
656
+ if (scopeOrPermissionId && typeof scopeOrPermissionId !== "string") {
657
+ const scope = scopeOrPermissionId;
658
+ const permissions = await this.listPermissions(scope);
659
+ return permissions.find((p) => p.id === permissionId) ?? null;
660
+ } else {
661
+ const pid = scopeOrPermissionId;
662
+ const permissions = await this.listPermissions();
663
+ return permissions.find((p) => p.id === pid) ?? null;
664
+ }
644
665
  },
645
- async hasPermission(scope, permissionId) {
646
- return await this.getPermission(scope, permissionId) !== null;
666
+ async hasPermission(scopeOrPermissionId, permissionId) {
667
+ if (scopeOrPermissionId && typeof scopeOrPermissionId !== "string") {
668
+ const scope = scopeOrPermissionId;
669
+ return await this.getPermission(scope, permissionId) !== null;
670
+ } else {
671
+ const pid = scopeOrPermissionId;
672
+ return await this.getPermission(pid) !== null;
673
+ }
647
674
  },
648
675
  async update(update) {
649
676
  return await app._updateClientUser(update, session);
@@ -652,10 +679,11 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
652
679
  if (!crud.primary_email) {
653
680
  throw new StackAssertionError("User does not have a primary email");
654
681
  }
655
- if (!options?.callbackUrl && !await app._getCurrentUrl()) {
656
- throw new Error("Cannot send verification email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendVerificationEmail({ callbackUrl: ... })`");
657
- }
658
- return await app._interface.sendVerificationEmail(crud.primary_email, options?.callbackUrl ?? constructRedirectUrl(app.urls.emailVerification), session);
682
+ return await app._interface.sendVerificationEmail(
683
+ crud.primary_email,
684
+ options?.callbackUrl ?? constructRedirectUrl(app.urls.emailVerification, "callbackUrl"),
685
+ session
686
+ );
659
687
  },
660
688
  async updatePassword(options) {
661
689
  const result = await app._interface.updatePassword(options, session);
@@ -849,16 +877,10 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
849
877
  return await this._redirectToHandler("teamInvitation", options);
850
878
  }
851
879
  async sendForgotPasswordEmail(email, options) {
852
- if (!options?.callbackUrl && !await this._getCurrentUrl()) {
853
- throw new Error("Cannot send forgot password email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendForgotPasswordEmail({ email, callbackUrl: ... })`");
854
- }
855
- return await this._interface.sendForgotPasswordEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.passwordReset));
880
+ return await this._interface.sendForgotPasswordEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.passwordReset, "callbackUrl"));
856
881
  }
857
882
  async sendMagicLinkEmail(email, options) {
858
- if (!options?.callbackUrl && !await this._getCurrentUrl()) {
859
- throw new Error("Cannot send magic link email without a callback URL from the server or without a redirect method. Make sure you pass the `callbackUrl` option: `sendMagicLinkEmail({ email, callbackUrl: ... })`");
860
- }
861
- return await this._interface.sendMagicLinkEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.magicLinkCallback));
883
+ return await this._interface.sendMagicLinkEmail(email, options?.callbackUrl ?? constructRedirectUrl(this.urls.magicLinkCallback, "callbackUrl"));
862
884
  }
863
885
  async resetPassword(options) {
864
886
  return await this._interface.resetPassword(options);
@@ -921,7 +943,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
921
943
  }
922
944
  case "anonymous": {
923
945
  const tokens = await this._signUpAnonymously();
924
- return await this.getUser({ tokenStore: tokens }) ?? throwErr("Something went wrong while signing up anonymously");
946
+ return await this.getUser({ tokenStore: tokens, or: "anonymous-if-exists" }) ?? throwErr("Something went wrong while signing up anonymously");
925
947
  }
926
948
  case void 0:
927
949
  case "anonymous-if-exists":
@@ -1008,7 +1030,7 @@ var __StackClientAppImplIncomplete = class __StackClientAppImplIncomplete {
1008
1030
  async signUpWithCredential(options) {
1009
1031
  this._ensurePersistentTokenStore();
1010
1032
  const session = await this._getSession();
1011
- const emailVerificationRedirectUrl = options.verificationCallbackUrl ?? constructRedirectUrl(this.urls.emailVerification);
1033
+ const emailVerificationRedirectUrl = options.verificationCallbackUrl ?? constructRedirectUrl(this.urls.emailVerification, "verificationCallbackUrl");
1012
1034
  const result = await this._interface.signUpWithCredential(
1013
1035
  options.email,
1014
1036
  options.password,