@stackframe/stack-shared 2.7.30 → 2.8.1

package/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @stackframe/stack-shared
 
+## 2.8.1
+
+## 2.8.0
+
+### Minor Changes
+
+- Various changes
+
 ## 2.7.30
 
 ### Patch Changes

package/dist/interface/adminInterface.d.ts

@@ -2,6 +2,7 @@ import { InternalSession } from "../sessions";
 import { ApiKeysCrud } from "./crud/api-keys";
 import { EmailTemplateCrud, EmailTemplateType } from "./crud/email-templates";
 import { InternalEmailsCrud } from "./crud/emails";
+import { ProjectPermissionDefinitionsCrud } from "./crud/project-permissions";
 import { ProjectsCrud } from "./crud/projects";
 import { SvixTokenCrud } from "./crud/svix-token";
 import { TeamPermissionDefinitionsCrud } from "./crud/team-permissions";
@@ -41,10 +42,14 @@ export declare class StackAdminInterface extends StackServerInterface {
     listEmailTemplates(): Promise<EmailTemplateCrud['Admin']['Read'][]>;
     updateEmailTemplate(type: EmailTemplateType, data: EmailTemplateCrud['Admin']['Update']): Promise<EmailTemplateCrud['Admin']['Read']>;
     resetEmailTemplate(type: EmailTemplateType): Promise<void>;
-    listPermissionDefinitions(): Promise<TeamPermissionDefinitionsCrud['Admin']['Read'][]>;
-    createPermissionDefinition(data: TeamPermissionDefinitionsCrud['Admin']['Create']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
-    updatePermissionDefinition(permissionId: string, data: TeamPermissionDefinitionsCrud['Admin']['Update']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
-    deletePermissionDefinition(permissionId: string): Promise<void>;
+    listTeamPermissionDefinitions(): Promise<TeamPermissionDefinitionsCrud['Admin']['Read'][]>;
+    createTeamPermissionDefinition(data: TeamPermissionDefinitionsCrud['Admin']['Create']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
+    updateTeamPermissionDefinition(permissionId: string, data: TeamPermissionDefinitionsCrud['Admin']['Update']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
+    deleteTeamPermissionDefinition(permissionId: string): Promise<void>;
+    listProjectPermissionDefinitions(): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read'][]>;
+    createProjectPermissionDefinition(data: ProjectPermissionDefinitionsCrud['Admin']['Create']): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read']>;
+    updateProjectPermissionDefinition(permissionId: string, data: ProjectPermissionDefinitionsCrud['Admin']['Update']): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read']>;
+    deleteProjectPermissionDefinition(permissionId: string): Promise<void>;
     getSvixToken(): Promise<SvixTokenCrud["Admin"]["Read"]>;
     deleteProject(): Promise<void>;
     getMetrics(): Promise<any>;

package/dist/interface/adminInterface.js

@@ -77,12 +77,13 @@ export class StackAdminInterface extends StackServerInterface {
     async resetEmailTemplate(type) {
         await this.sendAdminRequest(`/email-templates/${type}`, { method: "DELETE" }, null);
     }
-    async listPermissionDefinitions() {
+    // Team permission definitions methods
+    async listTeamPermissionDefinitions() {
         const response = await this.sendAdminRequest(`/team-permission-definitions`, {}, null);
         const result = await response.json();
         return result.items;
     }
-    async createPermissionDefinition(data) {
+    async createTeamPermissionDefinition(data) {
         const response = await this.sendAdminRequest("/team-permission-definitions", {
             method: "POST",
             headers: {
@@ -92,7 +93,7 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async updatePermissionDefinition(permissionId, data) {
+    async updateTeamPermissionDefinition(permissionId, data) {
         const response = await this.sendAdminRequest(`/team-permission-definitions/${permissionId}`, {
             method: "PATCH",
             headers: {
@@ -102,9 +103,37 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async deletePermissionDefinition(permissionId) {
+    async deleteTeamPermissionDefinition(permissionId) {
         await this.sendAdminRequest(`/team-permission-definitions/${permissionId}`, { method: "DELETE" }, null);
     }
+    async listProjectPermissionDefinitions() {
+        const response = await this.sendAdminRequest(`/project-permission-definitions`, {}, null);
+        const result = await response.json();
+        return result.items;
+    }
+    async createProjectPermissionDefinition(data) {
+        const response = await this.sendAdminRequest("/project-permission-definitions", {
+            method: "POST",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, null);
+        return await response.json();
+    }
+    async updateProjectPermissionDefinition(permissionId, data) {
+        const response = await this.sendAdminRequest(`/project-permission-definitions/${permissionId}`, {
+            method: "PATCH",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, null);
+        return await response.json();
+    }
+    async deleteProjectPermissionDefinition(permissionId) {
+        await this.sendAdminRequest(`/project-permission-definitions/${permissionId}`, { method: "DELETE" }, null);
+    }
     async getSvixToken() {
         const response = await this.sendAdminRequest("/webhooks/svix-token", {
             method: "POST",

package/dist/interface/clientInterface.d.ts

@@ -10,6 +10,7 @@ import { InternalProjectsCrud, ProjectsCrud } from './crud/projects';
 import { SessionsCrud } from './crud/sessions';
 import { TeamInvitationCrud } from './crud/team-invitation';
 import { TeamMemberProfilesCrud } from './crud/team-member-profiles';
+import { ProjectPermissionsCrud } from './crud/project-permissions';
 import { TeamPermissionsCrud } from './crud/team-permissions';
 import { TeamsCrud } from './crud/teams';
 export type ClientInterfaceOptions = {
@@ -187,6 +188,9 @@ export declare class StackClientInterface {
         teamId: string;
         recursive: boolean;
     }, session: InternalSession): Promise<TeamPermissionsCrud['Client']['Read'][]>;
+    listCurrentUserProjectPermissions(options: {
+        recursive: boolean;
+    }, session: InternalSession): Promise<ProjectPermissionsCrud['Client']['Read'][]>;
     listCurrentUserTeams(session: InternalSession): Promise<TeamsCrud["Client"]["Read"][]>;
     getClientProject(): Promise<Result<ProjectsCrud['Client']['Read'], KnownErrors["ProjectNotFound"]>>;
     updateClientUser(update: CurrentUserCrud["Client"]["Update"], session: InternalSession): Promise<void>;

package/dist/interface/clientInterface.js

@@ -790,6 +790,11 @@ export class StackClientInterface {
         const result = await response.json();
         return result.items;
     }
+    async listCurrentUserProjectPermissions(options, session) {
+        const response = await this.sendClientRequest(`/project-permissions?user_id=me&recursive=${options.recursive}`, {}, session);
+        const result = await response.json();
+        return result.items;
+    }
     async listCurrentUserTeams(session) {
         const response = await this.sendClientRequest("/teams?user_id=me", {}, session);
         const result = await response.json();

package/dist/interface/crud/project-permissions.d.ts

@@ -0,0 +1,155 @@
+import { CrudTypeOf } from "../../crud";
+export declare const projectPermissionsCrudClientReadSchema: import("yup").ObjectSchema<{
+    id: string;
+    user_id: string;
+}, import("yup").AnyObject, {
+    id: undefined;
+    user_id: undefined;
+}, "">;
+export declare const projectPermissionsCrudServerCreateSchema: import("yup").ObjectSchema<{}, import("yup").AnyObject, {}, "">;
+export declare const projectPermissionsCrudServerDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+export declare const projectPermissionsCrud: import("../../crud").CrudSchemaFromOptions<{
+    clientReadSchema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    serverCreateSchema: import("yup").ObjectSchema<{}, import("yup").AnyObject, {}, "">;
+    serverDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+    docs: {
+        clientList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverCreate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverDelete: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+    };
+}>;
+export type ProjectPermissionsCrud = CrudTypeOf<typeof projectPermissionsCrud>;
+export declare const projectPermissionCreatedWebhookEvent: {
+    type: string;
+    schema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    metadata: {
+        summary: string;
+        description: string;
+        tags: string[];
+    };
+};
+export declare const projectPermissionDeletedWebhookEvent: {
+    type: string;
+    schema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    metadata: {
+        summary: string;
+        description: string;
+        tags: string[];
+    };
+};
+export declare const projectPermissionDefinitionsCrudAdminReadSchema: import("yup").ObjectSchema<{
+    id: string;
+    description: string | undefined;
+    contained_permission_ids: string[];
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminCreateSchema: import("yup").ObjectSchema<{
+    id: string;
+    description: string | undefined;
+    contained_permission_ids: string[] | undefined;
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
+    id: string | undefined;
+    description: string | undefined;
+    contained_permission_ids: string[] | undefined;
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+export declare const projectPermissionDefinitionsCrud: import("../../crud").CrudSchemaFromOptions<{
+    adminReadSchema: import("yup").ObjectSchema<{
+        id: string;
+        description: string | undefined;
+        contained_permission_ids: string[];
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminCreateSchema: import("yup").ObjectSchema<{
+        id: string;
+        description: string | undefined;
+        contained_permission_ids: string[] | undefined;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminUpdateSchema: import("yup").ObjectSchema<{
+        id: string | undefined;
+        description: string | undefined;
+        contained_permission_ids: string[] | undefined;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+    docs: {
+        adminList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminCreate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminUpdate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminDelete: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+    };
+}>;
+export type ProjectPermissionDefinitionsCrud = CrudTypeOf<typeof projectPermissionDefinitionsCrud>;

package/dist/interface/crud/project-permissions.js

@@ -0,0 +1,100 @@
+import { createCrud } from "../../crud";
+import * as schemaFields from "../../schema-fields";
+import { yupMixed, yupObject } from "../../schema-fields";
+// =============== Project permissions =================
+export const projectPermissionsCrudClientReadSchema = yupObject({
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
+    user_id: schemaFields.userIdSchema.defined(),
+}).defined();
+export const projectPermissionsCrudServerCreateSchema = yupObject({}).defined();
+export const projectPermissionsCrudServerDeleteSchema = yupMixed();
+export const projectPermissionsCrud = createCrud({
+    clientReadSchema: projectPermissionsCrudClientReadSchema,
+    serverCreateSchema: projectPermissionsCrudServerCreateSchema,
+    serverDeleteSchema: projectPermissionsCrudServerDeleteSchema,
+    docs: {
+        clientList: {
+            summary: "List project permissions",
+            description: "List global permissions of the current user. `user_id=me` must be set for client requests. `(user_id, permission_id)` together uniquely identify a permission.",
+            tags: ["Permissions"],
+        },
+        serverList: {
+            summary: "List project permissions",
+            description: "Query and filter the permission with `user_id` and `permission_id`. `(user_id, permission_id)` together uniquely identify a permission.",
+            tags: ["Permissions"],
+        },
+        serverCreate: {
+            summary: "Grant a global permission to a user",
+            description: "Grant a global permission to a user (the permission must be created first on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        serverDelete: {
+            summary: "Revoke a global permission from a user",
+            description: "Revoke a global permission from a user",
+            tags: ["Permissions"],
+        },
+    },
+});
+export const projectPermissionCreatedWebhookEvent = {
+    type: "project_permission.created",
+    schema: projectPermissionsCrud.server.readSchema,
+    metadata: {
+        summary: "Project Permission Created",
+        description: "This event is triggered when a project permission is created.",
+        tags: ["Users"],
+    },
+};
+export const projectPermissionDeletedWebhookEvent = {
+    type: "project_permission.deleted",
+    schema: projectPermissionsCrud.server.readSchema,
+    metadata: {
+        summary: "Project Permission Deleted",
+        description: "This event is triggered when a project permission is deleted.",
+        tags: ["Users"],
+    },
+};
+// =============== Project permission definitions =================
+export const projectPermissionDefinitionsCrudAdminReadSchema = yupObject({
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminCreateSchema = yupObject({
+    id: schemaFields.customPermissionDefinitionIdSchema.defined(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminUpdateSchema = yupObject({
+    id: schemaFields.customPermissionDefinitionIdSchema.optional(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminDeleteSchema = yupMixed();
+export const projectPermissionDefinitionsCrud = createCrud({
+    adminReadSchema: projectPermissionDefinitionsCrudAdminReadSchema,
+    adminCreateSchema: projectPermissionDefinitionsCrudAdminCreateSchema,
+    adminUpdateSchema: projectPermissionDefinitionsCrudAdminUpdateSchema,
+    adminDeleteSchema: projectPermissionDefinitionsCrudAdminDeleteSchema,
+    docs: {
+        adminList: {
+            summary: "List project permission definitions",
+            description: "Query and filter project permission definitions (the equivalent of listing permissions on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminCreate: {
+            summary: "Create a new project permission definition",
+            description: "Create a new project permission definition (the equivalent of creating a new permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminUpdate: {
+            summary: "Update a project permission definition",
+            description: "Update a project permission definition (the equivalent of updating a permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminDelete: {
+            summary: "Delete a project permission definition",
+            description: "Delete a project permission definition (the equivalent of deleting a permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+    },
+});

package/dist/interface/crud/projects.d.ts

@@ -80,6 +80,9 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         team_member_default_permissions: {
             id: string;
         }[];
+        user_default_permissions: {
+            id: string;
+        }[];
         oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
     };
 }, import("yup").AnyObject, {
@@ -113,6 +116,7 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         create_team_on_sign_up: undefined;
         team_creator_default_permissions: undefined;
         team_member_default_permissions: undefined;
+        user_default_permissions: undefined;
         oauth_account_merge_strategy: undefined;
     };
 }, "">;
@@ -184,6 +188,9 @@ export declare const projectsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
         team_member_default_permissions?: {
             id: string;
         }[] | undefined;
+        user_default_permissions?: {
+            id: string;
+        }[] | undefined;
         oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
     } | undefined;
 }, import("yup").AnyObject, {
@@ -233,6 +240,9 @@ export declare const projectsCrudAdminCreateSchema: import("yup").ObjectSchema<{
         team_member_default_permissions?: {
             id: string;
         }[] | undefined;
+        user_default_permissions?: {
+            id: string;
+        }[] | undefined;
         oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
     } | undefined;
 } & {
@@ -320,6 +330,9 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             team_member_default_permissions: {
                 id: string;
             }[];
+            user_default_permissions: {
+                id: string;
+            }[];
             oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
         };
     }, import("yup").AnyObject, {
@@ -353,6 +366,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             create_team_on_sign_up: undefined;
             team_creator_default_permissions: undefined;
             team_member_default_permissions: undefined;
+            user_default_permissions: undefined;
             oauth_account_merge_strategy: undefined;
         };
     }, "">;
@@ -397,6 +411,9 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             team_member_default_permissions?: {
                 id: string;
             }[] | undefined;
+            user_default_permissions?: {
+                id: string;
+            }[] | undefined;
             oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
         } | undefined;
     }, import("yup").AnyObject, {
@@ -479,6 +496,9 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             team_member_default_permissions: {
                 id: string;
             }[];
+            user_default_permissions: {
+                id: string;
+            }[];
             oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
         };
     }, import("yup").AnyObject, {
@@ -512,6 +532,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             create_team_on_sign_up: undefined;
             team_creator_default_permissions: undefined;
             team_member_default_permissions: undefined;
+            user_default_permissions: undefined;
             oauth_account_merge_strategy: undefined;
         };
     }, "">;
@@ -556,6 +577,9 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             team_member_default_permissions?: {
                 id: string;
             }[] | undefined;
+            user_default_permissions?: {
+                id: string;
+            }[] | undefined;
             oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
         } | undefined;
     } & {

package/dist/interface/crud/projects.js

@@ -75,6 +75,7 @@ export const projectsCrudAdminReadSchema = yupObject({
         create_team_on_sign_up: schemaFields.projectCreateTeamOnSignUpSchema.defined(),
         team_creator_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
         team_member_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
+        user_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
         oauth_account_merge_strategy: schemaFields.oauthAccountMergeStrategySchema.defined(),
     }).defined(),
 }).defined();
@@ -109,6 +110,7 @@ export const projectsCrudAdminUpdateSchema = yupObject({
         create_team_on_sign_up: schemaFields.projectCreateTeamOnSignUpSchema.optional(),
         team_creator_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
         team_member_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
+        user_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
         oauth_account_merge_strategy: schemaFields.oauthAccountMergeStrategySchema.optional(),
     }).optional().default(undefined),
 }).defined();

package/dist/interface/crud/team-permissions.js

@@ -3,7 +3,7 @@ import * as schemaFields from "../../schema-fields";
 import { yupMixed, yupObject } from "../../schema-fields";
 // =============== Team permissions =================
 export const teamPermissionsCrudClientReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
     user_id: schemaFields.userIdSchema.defined(),
     team_id: schemaFields.teamIdSchema.defined(),
 }).defined();
@@ -56,19 +56,19 @@ export const teamPermissionDeletedWebhookEvent = {
 };
 // =============== Team permission definitions =================
 export const teamPermissionDefinitionsCrudAdminReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminCreateSchema = yupObject({
-    id: schemaFields.customTeamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.customPermissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminUpdateSchema = yupObject({
-    id: schemaFields.customTeamPermissionDefinitionIdSchema.optional(),
+    id: schemaFields.customPermissionDefinitionIdSchema.optional(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminDeleteSchema = yupMixed();
 export const teamPermissionDefinitionsCrud = createCrud({

package/dist/interface/serverInterface.d.ts

@@ -9,6 +9,7 @@ import { SessionsCrud } from "./crud/sessions";
 import { TeamInvitationCrud } from "./crud/team-invitation";
 import { TeamMemberProfilesCrud } from "./crud/team-member-profiles";
 import { TeamMembershipsCrud } from "./crud/team-memberships";
+import { ProjectPermissionsCrud } from "./crud/project-permissions";
 import { TeamPermissionsCrud } from "./crud/team-permissions";
 import { TeamsCrud } from "./crud/teams";
 import { UsersCrud } from "./crud/users";
@@ -51,6 +52,10 @@ export declare class StackServerInterface extends StackClientInterface {
         teamId?: string;
         recursive: boolean;
     }, session: InternalSession | null): Promise<TeamPermissionsCrud['Server']['Read'][]>;
+    listServerProjectPermissions(options: {
+        userId?: string;
+        recursive: boolean;
+    }, session: InternalSession | null): Promise<ProjectPermissionsCrud['Server']['Read'][]>;
     listServerUsers(options: {
         cursor?: string;
         limit?: number;

package/dist/interface/serverInterface.js

@@ -91,6 +91,14 @@ export class StackServerInterface extends StackClientInterface {
         const result = await response.json();
         return result.items;
     }
+    async listServerProjectPermissions(options, session) {
+        const response = await this.sendServerRequest(`/project-permissions?${new URLSearchParams(filterUndefined({
+            user_id: options.userId,
+            recursive: options.recursive.toString(),
+        }))}`, {}, session);
+        const result = await response.json();
+        return result.items;
+    }
     async listServerUsers(options) {
         const searchParams = new URLSearchParams(filterUndefined({
             cursor: options.cursor,

package/dist/known-errors.d.ts

@@ -373,6 +373,9 @@ export declare const KnownErrors: {
     TeamMembershipAlreadyExists: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_MEMBERSHIP_ALREADY_EXISTS">, []> & {
         errorCode: "TEAM_MEMBERSHIP_ALREADY_EXISTS";
     };
+    ProjectPermissionRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_PERMISSION_REQUIRED">, [any, any]> & {
+        errorCode: "PROJECT_PERMISSION_REQUIRED";
+    };
     TeamPermissionRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_PERMISSION_REQUIRED">, [any, any, any]> & {
         errorCode: "TEAM_PERMISSION_REQUIRED";
     };

package/dist/known-errors.js

@@ -510,6 +510,14 @@ const TeamMembershipAlreadyExists = createKnownErrorConstructor(KnownError, "TEA
     409,
     "Team membership already exists.",
 ], () => []);
+const ProjectPermissionRequired = createKnownErrorConstructor(KnownError, "PROJECT_PERMISSION_REQUIRED", (userId, permissionId) => [
+    401,
+    `User ${userId} does not have permission ${permissionId}.`,
+    {
+        user_id: userId,
+        permission_id: permissionId,
+    },
+], (json) => [json.user_id, json.permission_id]);
 const TeamPermissionRequired = createKnownErrorConstructor(KnownError, "TEAM_PERMISSION_REQUIRED", (teamId, userId, permissionId) => [
     401,
     `User ${userId} does not have permission ${permissionId} in team ${teamId}.`,
@@ -648,6 +656,7 @@ export const KnownErrors = {
     InvalidTotpCode,
     UserAuthenticationRequired,
     TeamMembershipAlreadyExists,
+    ProjectPermissionRequired,
     TeamPermissionRequired,
     InvalidSharedOAuthProviderId,
     InvalidStandardOAuthProviderId,

package/dist/schema-fields.d.ts

@@ -131,8 +131,8 @@ export declare const signInResponseSchema: yup.ObjectSchema<{
     user_id: undefined;
 }, "">;
 export declare const teamSystemPermissions: readonly ["$update_team", "$delete_team", "$read_members", "$remove_members", "$invite_members"];
-export declare const teamPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
-export declare const customTeamPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const permissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const customPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const teamPermissionDescriptionSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const containedPermissionIdsSchema: yup.ArraySchema<string[] | undefined, yup.AnyObject, undefined, "">;
 export declare const teamIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;

package/dist/schema-fields.js

@@ -327,7 +327,7 @@ export const teamSystemPermissions = [
     '$remove_members',
     '$invite_members',
 ];
-export const teamPermissionDefinitionIdSchema = yupString()
+export const permissionDefinitionIdSchema = yupString()
     .matches(/^\$?[a-z0-9_:]+$/, 'Only lowercase letters, numbers, ":", "_" and optional "$" at the beginning are allowed')
     .test('is-system-permission', 'System permissions must start with a dollar sign', (value, ctx) => {
     if (!value)
@@ -338,11 +338,11 @@ export const teamPermissionDefinitionIdSchema = yupString()
     return true;
 })
     .meta({ openapiField: { description: `The permission ID used to uniquely identify a permission. Can either be a custom permission with lowercase letters, numbers, \`:\`, and \`_\` characters, or one of the system permissions: ${teamSystemPermissions.map(x => `\`${x}\``).join(', ')}`, exampleValue: 'read_secret_info' } });
-export const customTeamPermissionDefinitionIdSchema = yupString()
+export const customPermissionDefinitionIdSchema = yupString()
     .matches(/^[a-z0-9_:]+$/, 'Only lowercase letters, numbers, ":", "_" are allowed')
     .meta({ openapiField: { description: 'The permission ID used to uniquely identify a permission. Can only contain lowercase letters, numbers, ":", and "_" characters', exampleValue: 'read_secret_info' } });
 export const teamPermissionDescriptionSchema = yupString().meta({ openapiField: { description: 'A human-readable description of the permission', exampleValue: 'Read secret information' } });
-export const containedPermissionIdsSchema = yupArray(teamPermissionDefinitionIdSchema.defined()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
+export const containedPermissionIdsSchema = yupArray(permissionDefinitionIdSchema.defined()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
 // Teams
 export const teamIdSchema = yupString().uuid().meta({ openapiField: { description: _idDescription('team'), exampleValue: 'ad962777-8244-496a-b6a2-e0c6a449c79e' } });
 export const teamDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team'), exampleValue: 'My Team' } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.7.30",
+  "version": "2.8.1",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "type": "module",