@stackframe/stack 2.4.0 → 2.4.1

package/dist/lib/stack-app.d.mts

@@ -1,7 +1,8 @@
-import { ServerUserJson, ServerUserCustomizableJson, OAuthProviderConfigJson, KnownErrors } from '@stackframe/stack-shared';
-import { ReadonlyTokenStore, UserJson, UserCustomizableJson, ProjectJson, ProductionModeError, EmailConfigJson, DomainConfigJson, ClientProjectJson } from '@stackframe/stack-shared/dist/interface/clientInterface';
+import { ServerUserJson, OAuthProviderConfigJson, KnownErrors } from '@stackframe/stack-shared';
+import { ReadonlyTokenStore, UserJson, UserUpdateJson, ProjectJson, ProductionModeError, TeamJson, EmailConfigJson, DomainConfigJson, ClientProjectJson } from '@stackframe/stack-shared/dist/interface/clientInterface';
 import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
 import { ProjectUpdateOptions, ApiKeySetCreateOptions } from '@stackframe/stack-shared/dist/interface/adminInterface';
+import { ServerUserUpdateJson, ServerTeamCustomizableJson, ServerPermissionDefinitionCustomizableJson, ServerPermissionDefinitionJson } from '@stackframe/stack-shared/dist/interface/serverInterface';
 
 type TokenStoreOptions<HasTokenStore extends boolean = boolean> = HasTokenStore extends true ? "cookie" | "nextjs-cookie" | "memory" : HasTokenStore extends false ? null : TokenStoreOptions<true> | TokenStoreOptions<false>;
 type HandlerUrls = {
@@ -42,7 +43,7 @@ type StackClientAppJson<HasTokenStore extends boolean, ProjectId extends string>
 declare const stackAppInternalsSymbol: unique symbol;
 type Auth<T, C> = {
     readonly tokenStore: ReadonlyTokenStore;
-    update(this: T, user: Partial<C>): Promise<void>;
+    update(this: T, user: C): Promise<void>;
     signOut(this: T): Promise<void>;
     sendVerificationEmail(this: T): Promise<KnownErrors["EmailAlreadyVerified"] | undefined>;
     updatePassword(this: T, options: {
@@ -56,7 +57,7 @@ type InternalAuth<T> = {
     useOwnedProjects(this: T): Project[];
     onOwnedProjectsChange(this: T, callback: (projects: Project[]) => void): void;
 };
-type User = {
+type User = ({
     readonly projectId: string;
     readonly id: string;
     readonly displayName: string | null;
@@ -74,25 +75,37 @@ type User = {
     readonly hasPassword: boolean;
     readonly authWithEmail: boolean;
     readonly oauthProviders: readonly string[];
+    hasPermission(this: CurrentUser, scope: Team, permissionId: string): Promise<boolean>;
     toJson(this: CurrentUser): UserJson;
-};
-type CurrentUser = Auth<User, UserCustomizableJson> & User;
+} & AsyncStoreProperty<"team", [id: string], Team | null, false> & AsyncStoreProperty<"teams", [], Team[], true> & Omit<AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
+    direct?: boolean;
+}], Permission | null, false>, "onPermissionChange"> & Omit<AsyncStoreProperty<"permissions", [scope: Team, options?: {
+    direct?: boolean;
+}], Permission[], true>, "onPermissionsChange">);
+type CurrentUser = Auth<User, UserUpdateJson> & User;
 type CurrentInternalUser = CurrentUser & InternalAuth<CurrentUser>;
 /**
  * A user including sensitive fields that should only be used on the server, never sent to the client
  * (such as sensitive information and serverMetadata).
  */
-type ServerUser = Omit<User, "toJson"> & {
+type ServerUser = (Omit<User, 'hasPermission' | 'toJson' | keyof AsyncStoreProperty<"team", [], Team | null, false> | keyof AsyncStoreProperty<"teams", [], Team[], true> | keyof AsyncStoreProperty<"permission", [], Permission[], false> | keyof AsyncStoreProperty<"permissions", [], Permission[], true>> & {
     readonly serverMetadata: ReadonlyJson;
     /**
      * Returns a new user object with the sensitive fields removed.
      */
     getClientUser(this: ServerUser): User;
-    toJson(this: ServerUser): ServerUserJson;
-    update(this: ServerUser, user: Partial<ServerUserCustomizableJson>): Promise<void>;
+    update(this: ServerUser, user: Partial<ServerUserUpdateJson>): Promise<void>;
     delete(this: ServerUser): Promise<void>;
-};
-type CurrentServerUser = Auth<ServerUser, ServerUserCustomizableJson> & Omit<ServerUser, "getClientUser"> & {
+    grantPermission(scope: Team, permissionId: string): Promise<void>;
+    revokePermission(scope: Team, permissionId: string): Promise<void>;
+    hasPermission(scope: Team, permissionId: string): Promise<boolean>;
+    toJson(this: ServerUser): ServerUserJson;
+} & AsyncStoreProperty<"team", [id: string], ServerTeam | null, false> & AsyncStoreProperty<"teams", [], ServerTeam[], true> & Omit<AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
+    direct?: boolean;
+}], ServerPermission | null, false>, "onPermissionChange"> & Omit<AsyncStoreProperty<"permissions", [scope: Team, options?: {
+    direct?: boolean;
+}], ServerPermission[], true>, "onPermissionsChange">);
+type CurrentServerUser = Auth<ServerUser, ServerUserUpdateJson> & Omit<ServerUser, "getClientUser"> & {
     getClientUser(this: CurrentServerUser): CurrentUser;
 };
 type CurrentInternalServerUser = CurrentServerUser & InternalAuth<CurrentServerUser>;
@@ -111,11 +124,47 @@ type Project = {
         readonly oauthProviders: OAuthProviderConfig[];
         readonly emailConfig?: EmailConfig;
         readonly domains: DomainConfig[];
+        readonly createTeamOnSignUp: boolean;
     };
     update(this: Project, update: ProjectUpdateOptions): Promise<void>;
     toJson(this: Project): ProjectJson;
     getProductionModeErrors(this: Project): ProductionModeError[];
 };
+type Team = {
+    id: string;
+    displayName: string;
+    createdAt: Date;
+    toJson(this: Team): TeamJson;
+};
+type ServerTeam = Team & {
+    listMembers(): Promise<ServerTeamMember[]>;
+    useMembers(): ServerTeamMember[];
+    update(update: Partial<ServerTeamCustomizableJson>): Promise<void>;
+    delete(): Promise<void>;
+    addUser(userId: string): Promise<void>;
+    removeUser(userId: string): Promise<void>;
+};
+type TeamMember = {
+    userId: string;
+    teamId: string;
+    displayName: string | null;
+};
+type ServerTeamMember = TeamMember & {
+    getUser(): Promise<ServerUser>;
+};
+type Permission = {
+    id: string;
+} & ({
+    type: "global";
+} | {
+    type: "team";
+    teamId: string;
+});
+type ServerPermission = Permission & {
+    readonly __databaseUniqueId: string;
+    readonly description?: string;
+    readonly containPermissionIds: string[];
+};
 type ApiKeySetBase = {
     id: string;
     description: string;
@@ -148,12 +197,12 @@ type OAuthProviderConfig = OAuthProviderConfigJson;
 type GetUserOptions = {
     or?: 'redirect' | 'throw' | 'return-null';
 };
-type AsyncStoreProperty<Name extends string, Value, IsMultiple extends boolean> = {
-    [key in `${IsMultiple extends true ? "list" : "get"}${Capitalize<Name>}`]: () => Promise<Value>;
+type AsyncStoreProperty<Name extends string, Args extends any[], Value, IsMultiple extends boolean> = {
+    [key in `${IsMultiple extends true ? "list" : "get"}${Capitalize<Name>}`]: (...args: Args) => Promise<Value>;
 } & {
-    [key in `on${Capitalize<Name>}Change`]: (callback: (value: Value) => void) => void;
+    [key in `on${Capitalize<Name>}Change`]: (...tupleArgs: [...args: Args, callback: (value: Value) => void]) => void;
 } & {
-    [key in `use${Capitalize<Name>}`]: () => Value;
+    [key in `use${Capitalize<Name>}`]: (...args: Args) => Value;
 };
 type StackClientAppConstructor = {
     new <TokenStoreType extends string, HasTokenStore extends (TokenStoreType extends {} ? true : boolean), ProjectId extends string>(options: StackClientAppConstructorOptions<HasTokenStore, ProjectId>): StackClientApp<HasTokenStore, ProjectId>;
@@ -188,10 +237,10 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
         toClientJson(): StackClientAppJson<HasTokenStore, ProjectId>;
         setCurrentUser(userJsonPromise: Promise<UserJson | null>): void;
     };
-} & AsyncStoreProperty<"project", ClientProjectJson, false> & {
-    [K in `redirectTo${Capitalize<keyof Omit<HandlerUrls, 'handler' | 'oauthCallback'>>}`]: () => Promise<never>;
+} & AsyncStoreProperty<"project", [], ClientProjectJson, false> & {
+    [K in `redirectTo${Capitalize<keyof Omit<HandlerUrls, 'handler' | 'oauthCallback'>>}`]: () => Promise<void>;
 } & (HasTokenStore extends false ? {} : {
-    redirectToOAuthCallback(): Promise<never>;
+    redirectToOAuthCallback(): Promise<void>;
     useUser(options: GetUserOptions & {
         or: 'redirect';
     }): ProjectCurrentUser<ProjectId>;
@@ -206,22 +255,29 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
         or: 'throw';
     }): Promise<ProjectCurrentUser<ProjectId>>;
     getUser(options?: GetUserOptions): Promise<ProjectCurrentUser<ProjectId> | null>;
-    onUserChange: AsyncStoreProperty<"user", CurrentUser | null, false>["onUserChange"];
+    onUserChange: AsyncStoreProperty<"user", [], CurrentUser | null, false>["onUserChange"];
 }));
 declare const StackClientApp: StackClientAppConstructor;
 type StackServerAppConstructor = {
     new <TokenStoreType extends string, HasTokenStore extends (TokenStoreType extends {} ? true : boolean), ProjectId extends string>(options: StackServerAppConstructorOptions<HasTokenStore, ProjectId>): StackServerApp<HasTokenStore, ProjectId>;
     new (options: StackServerAppConstructorOptions<boolean, string>): StackServerApp<boolean, string>;
 };
-type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackClientApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"serverUser", CurrentServerUser | null, false> & AsyncStoreProperty<"serverUsers", ServerUser[], true> & {});
+type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackClientApp<HasTokenStore, ProjectId> & {
+    createTeam(data: ServerTeamCustomizableJson): Promise<ServerTeam>;
+    createPermissionDefinition(data: ServerPermissionDefinitionCustomizableJson): Promise<ServerPermission>;
+    updatePermissionDefinition(permissionId: string, data: Partial<ServerPermissionDefinitionCustomizableJson>): Promise<void>;
+    deletePermissionDefinition(permissionId: string): Promise<void>;
+    listPermissionDefinitions(): Promise<ServerPermissionDefinitionJson[]>;
+    usePermissionDefinitions(): ServerPermissionDefinitionJson[];
+} & AsyncStoreProperty<"serverUser", [], CurrentServerUser | null, false> & AsyncStoreProperty<"serverUsers", [], ServerUser[], true> & Omit<AsyncStoreProperty<"team", [id: string], ServerTeam | null, false>, "onTeamChange"> & Omit<AsyncStoreProperty<"teams", [], ServerTeam[], true>, "onTeamsChange">);
 declare const StackServerApp: StackServerAppConstructor;
 type StackAdminAppConstructor = {
     new <HasTokenStore extends boolean, ProjectId extends string>(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>): StackAdminApp<HasTokenStore, ProjectId>;
     new (options: StackAdminAppConstructorOptions<boolean, string>): StackAdminApp<boolean, string>;
 };
-type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackServerApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"projectAdmin", Project, false> & AsyncStoreProperty<"apiKeySets", ApiKeySet[], true> & {
+type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackServerApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"projectAdmin", [], Project, false> & AsyncStoreProperty<"apiKeySets", [], ApiKeySet[], true> & {
     createApiKeySet(options: ApiKeySetCreateOptions): Promise<ApiKeySetFirstView>;
 });
 declare const StackAdminApp: StackAdminAppConstructor;
 
-export { type ApiKeySet, type ApiKeySetBase, type ApiKeySetFirstView, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type DomainConfig, type EmailConfig, type GetUserOptions, type HandlerUrls, type OAuthProviderConfig, type Project, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type TokenStoreOptions, type User, stackAppInternalsSymbol };
+export { type ApiKeySet, type ApiKeySetBase, type ApiKeySetFirstView, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type DomainConfig, type EmailConfig, type GetUserOptions, type HandlerUrls, type OAuthProviderConfig, type Permission, type Project, type ServerPermission, type ServerTeam, type ServerTeamMember, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamMember, type TokenStoreOptions, type User, stackAppInternalsSymbol };

package/dist/lib/stack-app.d.ts

@@ -1,7 +1,8 @@
-import { ServerUserJson, ServerUserCustomizableJson, OAuthProviderConfigJson, KnownErrors } from '@stackframe/stack-shared';
-import { ReadonlyTokenStore, UserJson, UserCustomizableJson, ProjectJson, ProductionModeError, EmailConfigJson, DomainConfigJson, ClientProjectJson } from '@stackframe/stack-shared/dist/interface/clientInterface';
+import { ServerUserJson, OAuthProviderConfigJson, KnownErrors } from '@stackframe/stack-shared';
+import { ReadonlyTokenStore, UserJson, UserUpdateJson, ProjectJson, ProductionModeError, TeamJson, EmailConfigJson, DomainConfigJson, ClientProjectJson } from '@stackframe/stack-shared/dist/interface/clientInterface';
 import { ReadonlyJson } from '@stackframe/stack-shared/dist/utils/json';
 import { ProjectUpdateOptions, ApiKeySetCreateOptions } from '@stackframe/stack-shared/dist/interface/adminInterface';
+import { ServerUserUpdateJson, ServerTeamCustomizableJson, ServerPermissionDefinitionCustomizableJson, ServerPermissionDefinitionJson } from '@stackframe/stack-shared/dist/interface/serverInterface';
 
 type TokenStoreOptions<HasTokenStore extends boolean = boolean> = HasTokenStore extends true ? "cookie" | "nextjs-cookie" | "memory" : HasTokenStore extends false ? null : TokenStoreOptions<true> | TokenStoreOptions<false>;
 type HandlerUrls = {
@@ -42,7 +43,7 @@ type StackClientAppJson<HasTokenStore extends boolean, ProjectId extends string>
 declare const stackAppInternalsSymbol: unique symbol;
 type Auth<T, C> = {
     readonly tokenStore: ReadonlyTokenStore;
-    update(this: T, user: Partial<C>): Promise<void>;
+    update(this: T, user: C): Promise<void>;
     signOut(this: T): Promise<void>;
     sendVerificationEmail(this: T): Promise<KnownErrors["EmailAlreadyVerified"] | undefined>;
     updatePassword(this: T, options: {
@@ -56,7 +57,7 @@ type InternalAuth<T> = {
     useOwnedProjects(this: T): Project[];
     onOwnedProjectsChange(this: T, callback: (projects: Project[]) => void): void;
 };
-type User = {
+type User = ({
     readonly projectId: string;
     readonly id: string;
     readonly displayName: string | null;
@@ -74,25 +75,37 @@ type User = {
     readonly hasPassword: boolean;
     readonly authWithEmail: boolean;
     readonly oauthProviders: readonly string[];
+    hasPermission(this: CurrentUser, scope: Team, permissionId: string): Promise<boolean>;
     toJson(this: CurrentUser): UserJson;
-};
-type CurrentUser = Auth<User, UserCustomizableJson> & User;
+} & AsyncStoreProperty<"team", [id: string], Team | null, false> & AsyncStoreProperty<"teams", [], Team[], true> & Omit<AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
+    direct?: boolean;
+}], Permission | null, false>, "onPermissionChange"> & Omit<AsyncStoreProperty<"permissions", [scope: Team, options?: {
+    direct?: boolean;
+}], Permission[], true>, "onPermissionsChange">);
+type CurrentUser = Auth<User, UserUpdateJson> & User;
 type CurrentInternalUser = CurrentUser & InternalAuth<CurrentUser>;
 /**
  * A user including sensitive fields that should only be used on the server, never sent to the client
  * (such as sensitive information and serverMetadata).
  */
-type ServerUser = Omit<User, "toJson"> & {
+type ServerUser = (Omit<User, 'hasPermission' | 'toJson' | keyof AsyncStoreProperty<"team", [], Team | null, false> | keyof AsyncStoreProperty<"teams", [], Team[], true> | keyof AsyncStoreProperty<"permission", [], Permission[], false> | keyof AsyncStoreProperty<"permissions", [], Permission[], true>> & {
     readonly serverMetadata: ReadonlyJson;
     /**
      * Returns a new user object with the sensitive fields removed.
      */
     getClientUser(this: ServerUser): User;
-    toJson(this: ServerUser): ServerUserJson;
-    update(this: ServerUser, user: Partial<ServerUserCustomizableJson>): Promise<void>;
+    update(this: ServerUser, user: Partial<ServerUserUpdateJson>): Promise<void>;
     delete(this: ServerUser): Promise<void>;
-};
-type CurrentServerUser = Auth<ServerUser, ServerUserCustomizableJson> & Omit<ServerUser, "getClientUser"> & {
+    grantPermission(scope: Team, permissionId: string): Promise<void>;
+    revokePermission(scope: Team, permissionId: string): Promise<void>;
+    hasPermission(scope: Team, permissionId: string): Promise<boolean>;
+    toJson(this: ServerUser): ServerUserJson;
+} & AsyncStoreProperty<"team", [id: string], ServerTeam | null, false> & AsyncStoreProperty<"teams", [], ServerTeam[], true> & Omit<AsyncStoreProperty<"permission", [scope: Team, permissionId: string, options?: {
+    direct?: boolean;
+}], ServerPermission | null, false>, "onPermissionChange"> & Omit<AsyncStoreProperty<"permissions", [scope: Team, options?: {
+    direct?: boolean;
+}], ServerPermission[], true>, "onPermissionsChange">);
+type CurrentServerUser = Auth<ServerUser, ServerUserUpdateJson> & Omit<ServerUser, "getClientUser"> & {
     getClientUser(this: CurrentServerUser): CurrentUser;
 };
 type CurrentInternalServerUser = CurrentServerUser & InternalAuth<CurrentServerUser>;
@@ -111,11 +124,47 @@ type Project = {
         readonly oauthProviders: OAuthProviderConfig[];
         readonly emailConfig?: EmailConfig;
         readonly domains: DomainConfig[];
+        readonly createTeamOnSignUp: boolean;
     };
     update(this: Project, update: ProjectUpdateOptions): Promise<void>;
     toJson(this: Project): ProjectJson;
     getProductionModeErrors(this: Project): ProductionModeError[];
 };
+type Team = {
+    id: string;
+    displayName: string;
+    createdAt: Date;
+    toJson(this: Team): TeamJson;
+};
+type ServerTeam = Team & {
+    listMembers(): Promise<ServerTeamMember[]>;
+    useMembers(): ServerTeamMember[];
+    update(update: Partial<ServerTeamCustomizableJson>): Promise<void>;
+    delete(): Promise<void>;
+    addUser(userId: string): Promise<void>;
+    removeUser(userId: string): Promise<void>;
+};
+type TeamMember = {
+    userId: string;
+    teamId: string;
+    displayName: string | null;
+};
+type ServerTeamMember = TeamMember & {
+    getUser(): Promise<ServerUser>;
+};
+type Permission = {
+    id: string;
+} & ({
+    type: "global";
+} | {
+    type: "team";
+    teamId: string;
+});
+type ServerPermission = Permission & {
+    readonly __databaseUniqueId: string;
+    readonly description?: string;
+    readonly containPermissionIds: string[];
+};
 type ApiKeySetBase = {
     id: string;
     description: string;
@@ -148,12 +197,12 @@ type OAuthProviderConfig = OAuthProviderConfigJson;
 type GetUserOptions = {
     or?: 'redirect' | 'throw' | 'return-null';
 };
-type AsyncStoreProperty<Name extends string, Value, IsMultiple extends boolean> = {
-    [key in `${IsMultiple extends true ? "list" : "get"}${Capitalize<Name>}`]: () => Promise<Value>;
+type AsyncStoreProperty<Name extends string, Args extends any[], Value, IsMultiple extends boolean> = {
+    [key in `${IsMultiple extends true ? "list" : "get"}${Capitalize<Name>}`]: (...args: Args) => Promise<Value>;
 } & {
-    [key in `on${Capitalize<Name>}Change`]: (callback: (value: Value) => void) => void;
+    [key in `on${Capitalize<Name>}Change`]: (...tupleArgs: [...args: Args, callback: (value: Value) => void]) => void;
 } & {
-    [key in `use${Capitalize<Name>}`]: () => Value;
+    [key in `use${Capitalize<Name>}`]: (...args: Args) => Value;
 };
 type StackClientAppConstructor = {
     new <TokenStoreType extends string, HasTokenStore extends (TokenStoreType extends {} ? true : boolean), ProjectId extends string>(options: StackClientAppConstructorOptions<HasTokenStore, ProjectId>): StackClientApp<HasTokenStore, ProjectId>;
@@ -188,10 +237,10 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
         toClientJson(): StackClientAppJson<HasTokenStore, ProjectId>;
         setCurrentUser(userJsonPromise: Promise<UserJson | null>): void;
     };
-} & AsyncStoreProperty<"project", ClientProjectJson, false> & {
-    [K in `redirectTo${Capitalize<keyof Omit<HandlerUrls, 'handler' | 'oauthCallback'>>}`]: () => Promise<never>;
+} & AsyncStoreProperty<"project", [], ClientProjectJson, false> & {
+    [K in `redirectTo${Capitalize<keyof Omit<HandlerUrls, 'handler' | 'oauthCallback'>>}`]: () => Promise<void>;
 } & (HasTokenStore extends false ? {} : {
-    redirectToOAuthCallback(): Promise<never>;
+    redirectToOAuthCallback(): Promise<void>;
     useUser(options: GetUserOptions & {
         or: 'redirect';
     }): ProjectCurrentUser<ProjectId>;
@@ -206,22 +255,29 @@ type StackClientApp<HasTokenStore extends boolean = boolean, ProjectId extends s
         or: 'throw';
     }): Promise<ProjectCurrentUser<ProjectId>>;
     getUser(options?: GetUserOptions): Promise<ProjectCurrentUser<ProjectId> | null>;
-    onUserChange: AsyncStoreProperty<"user", CurrentUser | null, false>["onUserChange"];
+    onUserChange: AsyncStoreProperty<"user", [], CurrentUser | null, false>["onUserChange"];
 }));
 declare const StackClientApp: StackClientAppConstructor;
 type StackServerAppConstructor = {
     new <TokenStoreType extends string, HasTokenStore extends (TokenStoreType extends {} ? true : boolean), ProjectId extends string>(options: StackServerAppConstructorOptions<HasTokenStore, ProjectId>): StackServerApp<HasTokenStore, ProjectId>;
     new (options: StackServerAppConstructorOptions<boolean, string>): StackServerApp<boolean, string>;
 };
-type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackClientApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"serverUser", CurrentServerUser | null, false> & AsyncStoreProperty<"serverUsers", ServerUser[], true> & {});
+type StackServerApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackClientApp<HasTokenStore, ProjectId> & {
+    createTeam(data: ServerTeamCustomizableJson): Promise<ServerTeam>;
+    createPermissionDefinition(data: ServerPermissionDefinitionCustomizableJson): Promise<ServerPermission>;
+    updatePermissionDefinition(permissionId: string, data: Partial<ServerPermissionDefinitionCustomizableJson>): Promise<void>;
+    deletePermissionDefinition(permissionId: string): Promise<void>;
+    listPermissionDefinitions(): Promise<ServerPermissionDefinitionJson[]>;
+    usePermissionDefinitions(): ServerPermissionDefinitionJson[];
+} & AsyncStoreProperty<"serverUser", [], CurrentServerUser | null, false> & AsyncStoreProperty<"serverUsers", [], ServerUser[], true> & Omit<AsyncStoreProperty<"team", [id: string], ServerTeam | null, false>, "onTeamChange"> & Omit<AsyncStoreProperty<"teams", [], ServerTeam[], true>, "onTeamsChange">);
 declare const StackServerApp: StackServerAppConstructor;
 type StackAdminAppConstructor = {
     new <HasTokenStore extends boolean, ProjectId extends string>(options: StackAdminAppConstructorOptions<HasTokenStore, ProjectId>): StackAdminApp<HasTokenStore, ProjectId>;
     new (options: StackAdminAppConstructorOptions<boolean, string>): StackAdminApp<boolean, string>;
 };
-type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackServerApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"projectAdmin", Project, false> & AsyncStoreProperty<"apiKeySets", ApiKeySet[], true> & {
+type StackAdminApp<HasTokenStore extends boolean = boolean, ProjectId extends string = string> = (StackServerApp<HasTokenStore, ProjectId> & AsyncStoreProperty<"projectAdmin", [], Project, false> & AsyncStoreProperty<"apiKeySets", [], ApiKeySet[], true> & {
     createApiKeySet(options: ApiKeySetCreateOptions): Promise<ApiKeySetFirstView>;
 });
 declare const StackAdminApp: StackAdminAppConstructor;
 
-export { type ApiKeySet, type ApiKeySetBase, type ApiKeySetFirstView, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type DomainConfig, type EmailConfig, type GetUserOptions, type HandlerUrls, type OAuthProviderConfig, type Project, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type TokenStoreOptions, type User, stackAppInternalsSymbol };
+export { type ApiKeySet, type ApiKeySetBase, type ApiKeySetFirstView, type CurrentInternalServerUser, type CurrentInternalUser, type CurrentServerUser, type CurrentUser, type DomainConfig, type EmailConfig, type GetUserOptions, type HandlerUrls, type OAuthProviderConfig, type Permission, type Project, type ServerPermission, type ServerTeam, type ServerTeamMember, type ServerUser, StackAdminApp, type StackAdminAppConstructorOptions, StackClientApp, type StackClientAppConstructorOptions, type StackClientAppJson, StackServerApp, type StackServerAppConstructorOptions, type Team, type TeamMember, type TokenStoreOptions, type User, stackAppInternalsSymbol };