@stackframe/stack 2.3.8 → 2.4.1

package/dist/esm/lib/stack-app.js

@@ -16,6 +16,9 @@ import { filterUndefined, omit } from "@stackframe/stack-shared/dist/utils/objec
 import { neverResolve, resolved, runAsynchronously, wait } from "@stackframe/stack-shared/dist/utils/promises";
 import { AsyncCache } from "@stackframe/stack-shared/dist/utils/caches";
 import { suspend } from "@stackframe/stack-shared/dist/utils/react";
+function permissionDefinitionScopeToType(scope) {
+  return { "any-team": "team", "specific-team": "team", "global": "global" }[scope.type];
+}
 function getUrls(partial) {
   const handler = partial.handler ?? "/handler";
   return {
@@ -43,10 +46,10 @@ function getDefaultPublishableClientKey() {
   return process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY || throwErr("Welcome to Stack! It seems that you haven't provided a publishable client key. Please create an API key for your project on the Stack dashboard at https://app.stack-auth.com and copy your publishable client key into the NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY environment variable.");
 }
 function getDefaultSecretServerKey() {
-  return process.env.STACK_SECRET_SERVER_KEY || throwErr("No secret server key provided. Please copy your publishable client key from the Stack dashboard and put your it in the STACK_SECRET_SERVER_KEY environment variable.");
+  return process.env.STACK_SECRET_SERVER_KEY || throwErr("No secret server key provided. Please copy your key from the Stack dashboard and put your it in the STACK_SECRET_SERVER_KEY environment variable.");
 }
 function getDefaultSuperSecretAdminKey() {
-  return process.env.STACK_SUPER_SECRET_ADMIN_KEY || throwErr("No super secret admin key provided. Please copy your publishable client key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.");
+  return process.env.STACK_SUPER_SECRET_ADMIN_KEY || throwErr("No super secret admin key provided. Please copy your key from the Stack dashboard and put it in the STACK_SUPER_SECRET_ADMIN_KEY environment variable.");
 }
 function getDefaultBaseUrl() {
   return process.env.NEXT_PUBLIC_STACK_URL || defaultBaseUrl;
@@ -83,8 +86,8 @@ var cookieTokenStoreInitializer = () => {
     }, 10);
     cookieTokenStore.onChange((value) => {
       try {
-        setOrDeleteCookie("stack-refresh", value.refreshToken);
-        setOrDeleteCookie("stack-access", value.accessToken);
+        setOrDeleteCookie("stack-refresh", value.refreshToken, { maxAge: 60 * 60 * 24 * 365 });
+        setOrDeleteCookie("stack-access", value.accessToken, { maxAge: 60 * 60 * 24 });
         hasSucceededInWriting = true;
       } catch (e) {
         hasSucceededInWriting = false;
@@ -106,8 +109,8 @@ var tokenStoreInitializers = /* @__PURE__ */ new Map([
       });
       store.onChange((value) => {
         try {
-          setOrDeleteCookie("stack-refresh", value.refreshToken);
-          setOrDeleteCookie("stack-access", value.accessToken);
+          setOrDeleteCookie("stack-refresh", value.refreshToken, { maxAge: 60 * 60 * 24 * 365 });
+          setOrDeleteCookie("stack-access", value.accessToken, { maxAge: 60 * 60 * 24 });
         } catch (e) {
         }
       });
@@ -179,6 +182,12 @@ var _StackClientAppImpl = class __StackClientAppImpl {
   _ownedProjectsCache = createCacheByTokenStore(async (tokenStore) => {
     return await this._interface.listProjects(tokenStore);
   });
+  _currentUserPermissionsCache = createCacheByTokenStore(async (tokenStore, [teamId, type, direct]) => {
+    return await this._interface.listClientUserTeamPermissions({ teamId, type, direct }, tokenStore);
+  });
+  _currentUserTeamsCache = createCacheByTokenStore(async (tokenStore) => {
+    return await this._interface.listClientUserTeams(tokenStore);
+  });
   constructor(options) {
     if ("interface" in options) {
       this._interface = options.interface;
@@ -213,7 +222,33 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       throw new Error("Cannot call this function on a Stack app with a project ID other than 'internal'.");
     }
   }
+  _permissionFromJson(json) {
+    const type = permissionDefinitionScopeToType(json.scope);
+    if (type === "team") {
+      return {
+        id: json.id,
+        type,
+        teamId: json.scope.teamId
+      };
+    } else {
+      return {
+        id: json.id,
+        type
+      };
+    }
+  }
+  _teamFromJson(json) {
+    return {
+      id: json.id,
+      displayName: json.displayName,
+      createdAt: new Date(json.createdAtMillis),
+      toJson() {
+        return json;
+      }
+    };
+  }
   _userFromJson(json) {
+    const app = this;
     return {
       projectId: json.projectId,
       id: json.id,
@@ -227,11 +262,69 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       hasPassword: json.hasPassword,
       authWithEmail: json.authWithEmail,
       oauthProviders: json.oauthProviders,
+      async getTeam(teamId) {
+        const teams = await this.listTeams();
+        return teams.find((t) => t.id === teamId) ?? null;
+      },
+      useTeam(teamId) {
+        const teams = this.useTeams();
+        return useMemo(() => {
+          return teams.find((t) => t.id === teamId) ?? null;
+        }, [teams, teamId]);
+      },
+      onTeamChange(teamId, callback) {
+        return this.onTeamsChange((teams) => {
+          const team = teams.find((t) => t.id === teamId) ?? null;
+          callback(team);
+        });
+      },
+      async listTeams() {
+        const teams = await app._currentUserTeamsCache.getOrWait([getTokenStore(app._tokenStoreOptions)], "write-only");
+        return teams.map((json2) => app._teamFromJson(json2));
+      },
+      useTeams() {
+        const teams = useCache(app._currentUserTeamsCache, [getTokenStore(app._tokenStoreOptions)], "user.useTeams()");
+        return useMemo(() => teams.map((json2) => app._teamFromJson(json2)), [teams]);
+      },
+      onTeamsChange(callback) {
+        return app._currentUserTeamsCache.onChange([getTokenStore(app._tokenStoreOptions)], (value, oldValue) => {
+          callback(value.map((json2) => app._teamFromJson(json2)), oldValue?.map((json2) => app._teamFromJson(json2)));
+        });
+      },
+      async listPermissions(scope, options) {
+        const permissions = await app._currentUserPermissionsCache.getOrWait([getTokenStore(app._tokenStoreOptions), scope.id, "team", !!options?.direct], "write-only");
+        return permissions.map((json2) => app._permissionFromJson(json2));
+      },
+      usePermissions(scope, options) {
+        const permissions = useCache(app._currentUserPermissionsCache, [getTokenStore(app._tokenStoreOptions), scope.id, "team", !!options?.direct], "user.usePermissions()");
+        return useMemo(() => permissions.map((json2) => app._permissionFromJson(json2)), [permissions]);
+      },
+      usePermission(scope, permissionId) {
+        const permissions = this.usePermissions(scope);
+        return useMemo(() => permissions.find((p) => p.id === permissionId) ?? null, [permissions, permissionId]);
+      },
+      async getPermission(scope, permissionId) {
+        const permissions = await this.listPermissions(scope);
+        return permissions.find((p) => p.id === permissionId) ?? null;
+      },
+      async hasPermission(scope, permissionId) {
+        const permissions = await this.listPermissions(scope);
+        return permissions.some((p) => p.id === permissionId);
+      },
       toJson() {
         return json;
       }
     };
   }
+  _teamMemberFromJson(json) {
+    if (json === null)
+      return null;
+    return {
+      teamId: json.teamId,
+      userId: json.userId,
+      displayName: json.displayName
+    };
+  }
   _currentUserFromJson(json, tokenStore) {
     if (json === null)
       return null;
@@ -309,7 +402,8 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         allowLocalhost: data.evaluatedConfig.allowLocalhost,
         oauthProviders: data.evaluatedConfig.oauthProviders,
         emailConfig: data.evaluatedConfig.emailConfig,
-        domains: data.evaluatedConfig.domains
+        domains: data.evaluatedConfig.domains,
+        createTeamOnSignUp: data.evaluatedConfig.createTeamOnSignUp
       },
       async update(update) {
         await adminInterface.updateProject(update);
@@ -341,7 +435,7 @@ var _StackClientAppImpl = class __StackClientAppImpl {
       throw new Error(`No URL for handler name ${handlerName}`);
     }
     window.location.href = this.urls[handlerName];
-    return neverResolve();
+    return wait(2e3);
   }
   async redirectToSignIn() {
     return await this._redirectTo("signIn");
@@ -432,7 +526,7 @@ var _StackClientAppImpl = class __StackClientAppImpl {
         case "redirect": {
           router.replace(this.urls.signIn);
           suspend();
-          throw new Error("suspend should never return! This is a bug in Stack.");
+          throw new StackAssertionError("suspend should never return");
         }
         case "throw": {
           throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
@@ -504,10 +598,12 @@ var _StackClientAppImpl = class __StackClientAppImpl {
     this._ensurePersistentTokenStore();
     const tokenStore = getTokenStore(this._tokenStoreOptions);
     const result = await callOAuthCallback(this._interface, tokenStore, this.urls.oauthCallback);
-    if (result?.newUser) {
-      window.location.replace(this.urls.afterSignUp);
-    } else {
-      window.location.replace(this.urls.afterSignIn);
+    if (result) {
+      if (result.newUser) {
+        window.location.replace(this.urls.afterSignUp);
+      } else {
+        window.location.replace(this.urls.afterSignIn);
+      }
     }
     await neverResolve();
   }
@@ -642,6 +738,22 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
   _serverUsersCache = createCache(async () => {
     return await this._interface.listUsers();
   });
+  _serverUserCache = createCache(async ([userId]) => {
+    const user = await this._interface.getServerUserById(userId);
+    return Result.or(user, null);
+  });
+  _serverTeamsCache = createCache(async () => {
+    return await this._interface.listTeams();
+  });
+  _serverTeamMembersCache = createCache(async ([teamId]) => {
+    return await this._interface.listTeamMembers(teamId);
+  });
+  _serverTeamPermissionDefinitionsCache = createCache(async () => {
+    return await this._interface.listPermissionDefinitions();
+  });
+  _serverTeamUserPermissionsCache = createCache(async ([teamId, userId, type, direct]) => {
+    return await this._interface.listTeamMemberPermissions({ teamId, userId, type, direct });
+  });
   constructor(options) {
     if ("interface" in options) {
       super({
@@ -682,6 +794,67 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       getClientUser() {
         return app._userFromJson(json);
       },
+      async grantPermission(scope, permissionId) {
+        await app._interface.grantTeamUserPermission(scope.id, json.id, permissionId, "team");
+        for (const direct of [true, false]) {
+          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
+        }
+      },
+      async revokePermission(scope, permissionId) {
+        await app._interface.revokeTeamUserPermission(scope.id, json.id, permissionId, "team");
+        for (const direct of [true, false]) {
+          await app._serverTeamUserPermissionsCache.refresh([scope.id, json.id, "team", direct]);
+        }
+      },
+      async getTeam(teamId) {
+        const teams = await this.listTeams();
+        return teams.find((t) => t.id === teamId) ?? null;
+      },
+      useTeam(teamId) {
+        const teams = this.useTeams();
+        return useMemo(() => {
+          return teams.find((t) => t.id === teamId) ?? null;
+        }, [teams, teamId]);
+      },
+      onTeamChange(teamId, callback) {
+        return this.onTeamsChange((teams) => {
+          const team = teams.find((t) => t.id === teamId) ?? null;
+          callback(team);
+        });
+      },
+      async listTeams() {
+        const teams = await app._serverTeamsCache.getOrWait([getTokenStore(app._tokenStoreOptions)], "write-only");
+        return teams.map((json2) => app._serverTeamFromJson(json2));
+      },
+      useTeams() {
+        const teams = useCache(app._serverTeamsCache, [getTokenStore(app._tokenStoreOptions)], "user.useTeams()");
+        return useMemo(() => teams.map((json2) => app._serverTeamFromJson(json2)), [teams]);
+      },
+      onTeamsChange(callback) {
+        return app._serverTeamsCache.onChange([getTokenStore(app._tokenStoreOptions)], (value, oldValue) => {
+          callback(value.map((json2) => app._serverTeamFromJson(json2)), oldValue?.map((json2) => app._serverTeamFromJson(json2)));
+        });
+      },
+      async listPermissions(scope, options) {
+        const permissions = await app._serverTeamUserPermissionsCache.getOrWait([scope.id, json.id, "team", !!options?.direct], "write-only");
+        return permissions.map((json2) => app._serverPermissionFromJson(json2));
+      },
+      usePermissions(scope, options) {
+        const permissions = useCache(app._serverTeamUserPermissionsCache, [scope.id, json.id, "team", !!options?.direct], "user.usePermissions()");
+        return useMemo(() => permissions.map((json2) => app._serverPermissionFromJson(json2)), [permissions]);
+      },
+      usePermission(scope, permissionId) {
+        const permissions = this.usePermissions(scope);
+        return useMemo(() => permissions.find((p) => p.id === permissionId) ?? null, [permissions, permissionId]);
+      },
+      async getPermission(scope, permissionId) {
+        const permissions = await this.listPermissions(scope);
+        return permissions.find((p) => p.id === permissionId) ?? null;
+      },
+      async hasPermission(scope, permissionId) {
+        const permissions = await this.listPermissions(scope);
+        return permissions.some((p) => p.id === permissionId);
+      },
       toJson() {
         return app._serverUserToJson(this);
       }
@@ -741,6 +914,20 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       return currentUser;
     }
   }
+  _serverTeamMemberFromJson(json) {
+    if (json === null)
+      return null;
+    const app = this;
+    return {
+      ...app._teamMemberFromJson(json),
+      async getUser() {
+        const user = app._serverUserFromJson(await app._serverUserCache.getOrWait([json.userId], "write-only"));
+        if (!user)
+          throw new Error(`User ${json.userId} not found`);
+        return user;
+      }
+    };
+  }
   _serverUserToJson(user) {
     return {
       projectId: user.projectId,
@@ -758,12 +945,56 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       oauthProviders: user.oauthProviders
     };
   }
+  _serverTeamFromJson(json) {
+    const app = this;
+    return {
+      id: json.id,
+      displayName: json.displayName,
+      createdAt: new Date(json.createdAtMillis),
+      async listMembers() {
+        return (await app._interface.listTeamMembers(json.id)).map((u) => app._serverTeamMemberFromJson(u));
+      },
+      async update(update) {
+        await app._interface.updateTeam(json.id, update);
+        await app._serverTeamsCache.refresh([]);
+      },
+      async delete() {
+        await app._interface.deleteTeam(json.id);
+        await app._serverTeamsCache.refresh([]);
+      },
+      useMembers() {
+        const result = useCache(app._serverTeamMembersCache, [json.id], "team.useUsers()");
+        return useMemo(() => result.map((u) => app._serverTeamMemberFromJson(u)), [result]);
+      },
+      async addUser(userId) {
+        await app._interface.addUserToTeam({
+          teamId: json.id,
+          userId
+        });
+        await app._serverTeamMembersCache.refresh([json.id]);
+      },
+      async removeUser(userId) {
+        await app._interface.removeUserFromTeam({
+          teamId: json.id,
+          userId
+        });
+        await app._serverTeamMembersCache.refresh([json.id]);
+      },
+      toJson() {
+        return json;
+      }
+    };
+  }
   async getServerUser() {
     this._ensurePersistentTokenStore();
     const tokenStore = getTokenStore(this._tokenStoreOptions);
     const userJson = await this._currentServerUserCache.getOrWait([tokenStore], "write-only");
     return this._currentServerUserFromJson(userJson, tokenStore);
   }
+  async getServerUserById(userId) {
+    const json = await this._serverUserCache.getOrWait([userId], "write-only");
+    return this._serverUserFromJson(json);
+  }
   useServerUser(options) {
     this._ensurePersistentTokenStore();
     const tokenStore = getTokenStore(this._tokenStoreOptions);
@@ -797,6 +1028,58 @@ var _StackServerAppImpl = class extends _StackClientAppImpl {
       callback(users.map((j) => this._serverUserFromJson(j)));
     });
   }
+  async listPermissionDefinitions() {
+    return await this._serverTeamPermissionDefinitionsCache.getOrWait([], "write-only");
+  }
+  usePermissionDefinitions() {
+    return useCache(this._serverTeamPermissionDefinitionsCache, [], "usePermissions()");
+  }
+  _serverPermissionFromJson(json) {
+    return {
+      ...this._permissionFromJson(json),
+      __databaseUniqueId: json.__databaseUniqueId,
+      description: json.description,
+      containPermissionIds: json.containPermissionIds
+    };
+  }
+  async createPermissionDefinition(data) {
+    const permission = await this._serverPermissionFromJson(await this._interface.createPermissionDefinition(data));
+    await this._serverTeamPermissionDefinitionsCache.refresh([]);
+    return permission;
+  }
+  async updatePermissionDefinition(permissionId, data) {
+    await this._interface.updatePermissionDefinition(permissionId, data);
+    await this._serverTeamPermissionDefinitionsCache.refresh([]);
+  }
+  async deletePermissionDefinition(permissionId) {
+    await this._interface.deletePermissionDefinition(permissionId);
+    await this._serverTeamPermissionDefinitionsCache.refresh([]);
+  }
+  async listTeams() {
+    const teams = await this._serverTeamsCache.getOrWait([], "write-only");
+    return teams.map((t) => this._serverTeamFromJson(t));
+  }
+  async createTeam(data) {
+    const team = await this._interface.createTeam(data);
+    await this._serverTeamsCache.refresh([]);
+    return this._serverTeamFromJson(team);
+  }
+  useTeams() {
+    const teams = useCache(this._serverTeamsCache, [], "useServerTeams()");
+    return useMemo(() => {
+      return teams.map((t) => this._serverTeamFromJson(t));
+    }, [teams]);
+  }
+  async getTeam(teamId) {
+    const teams = await this.listTeams();
+    return teams.find((t) => t.id === teamId) ?? null;
+  }
+  useTeam(teamId) {
+    const teams = this.useTeams();
+    return useMemo(() => {
+      return teams.find((t) => t.id === teamId) ?? null;
+    }, [teams, teamId]);
+  }
   async _refreshUser(tokenStore) {
     await Promise.all([
       super._refreshUser(tokenStore),
@@ -938,3 +1221,4 @@ export {
   StackServerApp,
   stackAppInternalsSymbol
 };
+//# sourceMappingURL=stack-app.js.map