npm - @studiocubics/cms - Versions diffs - 0.0.1 → 0.0.3 - Mend

@studiocubics/cms 0.0.1 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (244) hide show

package/dist/clerk/actions/invitations.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { type Invitation } from "@clerk/nextjs/server";
+import type { InvitationCreateState } from "../../ui/System/Invitations/InvitationListActions";
+import type { PaginatedResponse } from "../clerk";
+export declare const invitationListReadAction: (params: ClerkInvitationListParams) => Promise<PaginatedResponse<Invitation[]>>;
+export declare const invitationDeleteAction: (id: string) => Promise<import("@studiocubics/utils").ActionResponse<string, string[]>>;
+export declare function invitationCreateAction(_: InvitationCreateState, formData: FormData): Promise<InvitationCreateState>;

package/dist/clerk/actions/invitations.js ADDED Viewed

@@ -0,0 +1,59 @@
+'use server';
+import { clerkClient } from '@clerk/nextjs/server';
+import { auth } from '../auth.js';
+import { revalidatePath } from 'next/cache';
+import { headers } from 'next/headers';
+import { getInvitationPublicMetadata } from '../rbacConfig.js';
+import { createInvitationSchema } from '../schemas/invitation.js';
+import z from 'zod';
+import { apiRes } from '@studiocubics/utils';
+import { cache } from 'react';
+const invitationListReadAction = cache(async (params) => {
+    const session = await auth();
+    if (!session.hasPermission("invitations", "read")) {
+        throw new Error(apiRes.forbidden);
+    }
+    const client = await clerkClient();
+    const invitationsList = await client.invitations.getInvitationList(params);
+    return invitationsList;
+});
+const invitationDeleteAction = async (id) => {
+    const session = await auth();
+    if (!session.hasPermission("invitations", "delete")) {
+        return apiRes.actionFail(apiRes.forbidden);
+    }
+    if (!id || typeof id !== "string")
+        return apiRes.actionFail(apiRes.wrongType("id", "string"));
+    const client = await clerkClient();
+    await client.invitations.revokeInvitation(id);
+    revalidatePath("/dashboard/security/invitations");
+    return apiRes.actionSuccess();
+};
+async function invitationCreateAction(_, formData) {
+    const session = await auth();
+    if (!session.hasPermission("invitations", "create")) {
+        return apiRes.actionFail(apiRes.forbidden);
+    }
+    const headersList = await headers();
+    const host = headersList.get("host");
+    const protocol = host?.startsWith("localhost") ? "http" : "https";
+    const formDataObj = Object.fromEntries(formData.entries());
+    const { success, data, error } = createInvitationSchema.safeParse(formDataObj);
+    if (!success) {
+        const flattenedError = z.flattenError(error);
+        return apiRes.actionFail(flattenedError.formErrors.join("\n"), flattenedError.fieldErrors);
+    }
+    const publicMetadata = getInvitationPublicMetadata(data.role);
+    const client = await clerkClient();
+    await client.invitations.createInvitation({
+        ...data,
+        redirectUrl: `${protocol}://${host}/auth/signUp`,
+        publicMetadata,
+    });
+    revalidatePath("/dashboard/security/invitations");
+    return apiRes.actionSuccess();
+}
+export { invitationCreateAction, invitationDeleteAction, invitationListReadAction };
+//# sourceMappingURL=invitations.js.map

package/dist/clerk/actions/invitations.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"invitations.js","sources":["../../../src/clerk/actions/invitations.ts"],"sourcesContent":["\"use server\";\n\nimport { clerkClient, type Invitation } from \"@clerk/nextjs/server\";\nimport { auth } from \"../auth\";\nimport { revalidatePath } from \"next/cache\";\nimport { headers } from \"next/headers\";\nimport { getInvitationPublicMetadata } from \"../rbacConfig\";\nimport { createInvitationSchema } from \"../schemas/invitation\";\nimport z from \"zod\";\nimport type { InvitationCreateState } from \"../../ui/System/Invitations/InvitationListActions\";\nimport { apiRes } from \"@studiocubics/utils\";\nimport type { PaginatedResponse } from \"../clerk\";\nimport { cache } from \"react\";\n\nexport const invitationListReadAction = cache(\n async (\n params: ClerkInvitationListParams,\n ): Promise<PaginatedResponse<Invitation[]>> => {\n const session = await auth();\n if (!session.hasPermission(\"invitations\", \"read\")) {\n throw new Error(apiRes.forbidden);\n }\n const client = await clerkClient();\n const invitationsList = await client.invitations.getInvitationList(params);\n return invitationsList;\n },\n);\nexport const invitationDeleteAction = async (id: string) => {\n const session = await auth();\n if (!session.hasPermission(\"invitations\", \"delete\")) {\n return apiRes.actionFail(apiRes.forbidden);\n }\n\n if (!id || typeof id !== \"string\")\n return apiRes.actionFail(apiRes.wrongType(\"id\", \"string\"));\n\n const client = await clerkClient();\n await client.invitations.revokeInvitation(id);\n\n revalidatePath(\"/dashboard/security/invitations\");\n return apiRes.actionSuccess();\n};\n\nexport async function invitationCreateAction(\n _: InvitationCreateState,\n formData: FormData,\n): Promise<InvitationCreateState> {\n const session = await auth();\n if (!session.hasPermission(\"invitations\", \"create\")) {\n return apiRes.actionFail(apiRes.forbidden);\n }\n\n const headersList = await headers();\n const host = headersList.get(\"host\");\n const protocol = host?.startsWith(\"localhost\") ? \"http\" : \"https\";\n\n const formDataObj = Object.fromEntries(formData.entries());\n const { success, data, error } =\n createInvitationSchema.safeParse(formDataObj);\n if (!success) {\n const flattenedError = z.flattenError(error);\n return apiRes.actionFail(\n flattenedError.formErrors.join(\"\\n\"),\n flattenedError.fieldErrors,\n );\n }\n\n const publicMetadata = getInvitationPublicMetadata(data.role);\n const client = await clerkClient();\n await client.invitations.createInvitation({\n ...data,\n redirectUrl: `${protocol}://${host}/auth/signUp`,\n publicMetadata,\n });\n\n revalidatePath(\"/dashboard/security/invitations\");\n return apiRes.actionSuccess();\n}\n"],"names":[],"mappings":";;;;;;;;;;;AAcO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,wBAAwB,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAK,CAC3C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACE,MAAiC,CAAA,CAAA,CAAA,CAAA,CACW;AAC5C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAC5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAE;AACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IACnC;AACA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,WAAW,CAAA,CAAE;IAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;AAC1E,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe;AACxB,CAAC,CAAA;MAEU,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAU,CAAA,CAAA,CAAA,CAAA,CAAI;AACzD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAC5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAE;QACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IAC5C;AAEA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAC,CAAA,CAAE,IAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAE,KAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ;AAC/B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAC;AAE5D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,WAAW,CAAA,CAAE;IAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,EAAE,CAAC;IAE7C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiC,CAAC;AACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE;AAC/B,CAAA;AAEO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAC1C,CAAwB,CAAA,CACxB,QAAkB,CAAA,CAAA;AAElB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAC5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAE;QACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IAC5C;AAEA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,OAAO,CAAA,CAAE;IACnC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAG,CAAC,MAAM,CAAC;AACpC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAI,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO;IAEjE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAE,CAAC;AAC1D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAE,IAAI,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAK,CAAA,CAAE,CAAA,CAAA,CAC5B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAC,WAAW,CAAC;IAC/C,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAE;QACZ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,cAAc,CAAA,CAAA,CAAG,CAAC,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAY,CAAC,KAAK,CAAC;AAC5C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CACtB,cAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,EACpC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,WAAW,CAC3B;IACH;IAEA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,cAAc,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAA2B,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,IAAI,CAAC;AAC7D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,WAAW,CAAA,CAAE;AAClC,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,gBAAgB,CAAC;AACxC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAG,CAAA,CAAA,CAAA,CAAI;AACP,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAA,CAAE,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc;QAChD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc;AACf,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC;IAEF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAiC,CAAC;AACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE;AAC/B;;"}

package/dist/clerk/actions/systemUsers.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { type User } from "@clerk/nextjs/server";
+import type { PaginatedResponse } from "../clerk";
+import type { SystemUserRoleUpdateState } from "../../ui/System/SystemUser/SystemUserRoleForm/SystemUserRoleForm";
+import type { SystemUserDetailsUpdateState } from "../../ui/_index";
+export declare const systemUserListReadAction: (params: ClerkUserListParams, removeCurrent?: boolean) => Promise<PaginatedResponse<User[]>>;
+export declare const systemUserReadAction: (id: string) => Promise<User>;
+export declare function systemUserRoleUpdateAction(userId: string, _: SystemUserRoleUpdateState, formData: FormData): Promise<SystemUserRoleUpdateState>;
+export declare function systemUserDetailsUpdateAction(userId: string, _: SystemUserDetailsUpdateState, formData: FormData): Promise<SystemUserDetailsUpdateState>;

package/dist/clerk/actions/systemUsers.js ADDED Viewed

@@ -0,0 +1,64 @@
+'use server';
+import { clerkClient } from '@clerk/nextjs/server';
+import { auth } from '../auth.js';
+import { apiRes } from '@studiocubics/utils';
+import { cache } from 'react';
+const systemUserListReadAction = cache(async (params, removeCurrent = false) => {
+    const session = await auth();
+    if (!session.hasPermission("systemUsers", "read")) {
+        throw new Error(apiRes.forbidden);
+    }
+    const client = await clerkClient();
+    const systemUserList = await client.users.getUserList(params);
+    if (removeCurrent) {
+        systemUserList.data = systemUserList.data.filter((su) => su.id !== session.userId);
+        systemUserList.totalCount--;
+    }
+    return systemUserList;
+});
+const systemUserReadAction = cache(async (id) => {
+    const session = await auth();
+    if (!session.hasPermission("systemUsers", "read")) {
+        throw new Error(apiRes.forbidden);
+    }
+    const client = await clerkClient();
+    const systemUser = await client.users.getUser(id);
+    if (!systemUser) {
+        throw new Error(apiRes.notFound(`System User: ${id}`));
+    }
+    return systemUser;
+});
+async function systemUserRoleUpdateAction(userId, _, formData) {
+    const session = await auth();
+    if (!session.hasPermission("systemUsers", "update")) {
+        throw new Error(apiRes.forbidden);
+    }
+    const role = formData.get("role");
+    console.log("userId", userId);
+    console.log("role", role);
+    return apiRes.actionSuccess();
+    // const client = await clerkClient();
+    // const { publicMetadata } = await client.users.getUser(userId);
+    // const patchedUser = await client.users.updateUserMetadata(userId, {
+    //   publicMetadata: {
+    //     ...publicMetadata,
+    //     role,
+    //   },
+    // });
+    // return apiRes.actionSuccess(patchedUser);
+}
+async function systemUserDetailsUpdateAction(userId, _, formData) {
+    const session = await auth();
+    if (!session.hasPermission("systemUsers", "update")) {
+        throw new Error(apiRes.forbidden);
+    }
+    console.log("firstName", formData.get("firstName"));
+    console.log("lastName", formData.get("firstName"));
+    console.log("imageFile", formData.get("imageFile"));
+    console.log("userId", userId);
+    return apiRes.actionSuccess();
+}
+export { systemUserDetailsUpdateAction, systemUserListReadAction, systemUserReadAction, systemUserRoleUpdateAction };
+//# sourceMappingURL=systemUsers.js.map

package/dist/clerk/actions/systemUsers.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"systemUsers.js","sources":["../../../src/clerk/actions/systemUsers.ts"],"sourcesContent":["\"use server\";\nimport { clerkClient, type User } from \"@clerk/nextjs/server\";\nimport { auth } from \"../auth\";\nimport { apiRes } from \"@studiocubics/utils\";\nimport type { PaginatedResponse } from \"../clerk\";\nimport type { SystemUserRoleUpdateState } from \"../../ui/System/SystemUser/SystemUserRoleForm/SystemUserRoleForm\";\nimport { cache } from \"react\";\nimport type { SystemUserDetailsUpdateState } from \"../../ui/_index\";\n\nexport const systemUserListReadAction = cache(\n async (\n params: ClerkUserListParams,\n removeCurrent: boolean = false,\n ): Promise<PaginatedResponse<User[]>> => {\n const session = await auth();\n\n if (!session.hasPermission(\"systemUsers\", \"read\")) {\n throw new Error(apiRes.forbidden);\n }\n\n const client = await clerkClient();\n const systemUserList = await client.users.getUserList(params);\n\n if (removeCurrent) {\n systemUserList.data = systemUserList.data.filter(\n (su) => su.id !== session.userId,\n );\n systemUserList.totalCount--;\n }\n\n return systemUserList;\n },\n);\n\nexport const systemUserReadAction = cache(async (id: string) => {\n const session = await auth();\n\n if (!session.hasPermission(\"systemUsers\", \"read\")) {\n throw new Error(apiRes.forbidden);\n }\n\n const client = await clerkClient();\n const systemUser = await client.users.getUser(id);\n\n if (!systemUser) {\n throw new Error(apiRes.notFound(`System User: ${id}`));\n }\n\n return systemUser;\n});\n\nexport async function systemUserRoleUpdateAction(\n userId: string,\n _: SystemUserRoleUpdateState,\n formData: FormData,\n): Promise<SystemUserRoleUpdateState> {\n const session = await auth();\n\n if (!session.hasPermission(\"systemUsers\", \"update\")) {\n throw new Error(apiRes.forbidden);\n }\n const role = formData.get(\"role\");\n console.log(\"userId\", userId);\n console.log(\"role\", role);\n return apiRes.actionSuccess();\n\n // const client = await clerkClient();\n // const { publicMetadata } = await client.users.getUser(userId);\n // const patchedUser = await client.users.updateUserMetadata(userId, {\n // publicMetadata: {\n // ...publicMetadata,\n // role,\n // },\n // });\n // return apiRes.actionSuccess(patchedUser);\n}\n\nexport async function systemUserDetailsUpdateAction(\n userId: string,\n _: SystemUserDetailsUpdateState,\n formData: FormData,\n): Promise<SystemUserDetailsUpdateState> {\n const session = await auth();\n\n if (!session.hasPermission(\"systemUsers\", \"update\")) {\n throw new Error(apiRes.forbidden);\n }\n console.log(\"firstName\", formData.get(\"firstName\"));\n console.log(\"lastName\", formData.get(\"firstName\"));\n console.log(\"imageFile\", formData.get(\"imageFile\"));\n\n console.log(\"userId\", userId);\n return apiRes.actionSuccess();\n}\n"],"names":[],"mappings":";;;;;;AASO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAwB,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAK,CAC3C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACE,MAA2B,CAAA,CAC3B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAyB,CAAA,CAAA,CAAA,CAAA,CAAK,CAAA,CAAA,CAAA,CAAA,CACQ;AACtC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAE5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAE;AACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IACnC;AAEA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,WAAW,CAAA,CAAE;IAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;IAE7D,CAAA,CAAA,CAAA,CAAI,aAAa,CAAA,CAAE;QACjB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAG,cAAc,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAC9C,CAAC,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAK,EAAE,CAAC,CAAA,CAAE,KAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,MAAM,CACjC;QACD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAE;IAC7B;AAEA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc;AACvB,CAAC,CAAA;AAGI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,oBAAoB,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,EAAU,CAAA,CAAA,CAAA,CAAA,CAAI;AAC7D,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAE5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAE;AACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IACnC;AAEA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,WAAW,CAAA,CAAE;IAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAE,CAAC;IAEjD,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAE;AACf,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,MAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,aAAA,CAAA,CAAgB,CAAA,CAAE,CAAA,CAAE,CAAC,CAAC;IACxD;AAEA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU;AACnB,CAAC,CAAA;AAEM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,0BAA0B,CAC9C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EACd,CAA4B,CAAA,CAC5B,QAAkB,CAAA,CAAA;AAElB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAE5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAE;AACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IACnC;IACA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAG,CAAC,MAAM,CAAC;AACjC,CAAA,CAAA,CAAA,CAAA,OAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAA,CAAE,MAAM,CAAC;AAC7B,CAAA,CAAA,CAAA,CAAA,OAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAE,IAAI,CAAC;AACzB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE;;;;;;;;;;AAW/B;AAEO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,6BAA6B,CACjD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAc,EACd,CAA+B,CAAA,CAC/B,QAAkB,CAAA,CAAA;AAElB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;IAE5B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAE;AACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAA,CAAK,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,SAAS,CAAC;IACnC;AACA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AACnD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAC;AAEnD,CAAA,CAAA,CAAA,CAAA,OAAO,CAAC,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAA,CAAE,MAAM,CAAC;AAC7B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAA,CAAE;AAC/B;;"}

package/dist/clerk/auth.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { auth as clerkAuth } from "@clerk/nextjs/server";
+import type { Resource, RoleActions } from "./rbacConfig";
+type ClerkAuthResult = Awaited<ReturnType<typeof clerkAuth>>;
+export type AuthWithPermissions = ClerkAuthResult & {
+    hasPermission: (resource: Resource, action: RoleActions, record?: Record<string, any>) => Promise<boolean>;
+};
+export declare function auth(options?: Parameters<typeof clerkAuth>[0]): Promise<AuthWithPermissions>;
+export {};

package/dist/clerk/auth.js ADDED Viewed

@@ -0,0 +1,21 @@
+'use server';
+import { auth as auth$1 } from '@clerk/nextjs/server';
+import { hasPermissionForClaims } from './hasPermission.js';
+async function auth(options) {
+    const clerkAuthResult = await auth$1(options);
+    return {
+        ...clerkAuthResult,
+        hasPermission: async (resource, action, record) => {
+            return hasPermissionForClaims({
+                claims: clerkAuthResult.sessionClaims,
+                resource,
+                action,
+                record,
+            });
+        },
+    };
+}
+export { auth };
+//# sourceMappingURL=auth.js.map

package/dist/clerk/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sources":["../../src/clerk/auth.ts"],"sourcesContent":["\"use server\";\nimport { auth as clerkAuth } from \"@clerk/nextjs/server\";\nimport { hasPermissionForClaims } from \"./hasPermission\";\nimport type { Resource, RoleActions } from \"./rbacConfig\";\ntype ClerkAuthResult = Awaited<ReturnType<typeof clerkAuth>>;\n\nexport type AuthWithPermissions = ClerkAuthResult & {\n hasPermission: (\n resource: Resource,\n action: RoleActions,\n record?: Record<string, any>,\n ) => Promise<boolean>;\n};\nexport async function auth(\n options?: Parameters<typeof clerkAuth>[0],\n): Promise<AuthWithPermissions> {\n const clerkAuthResult = await clerkAuth(options);\n\n return {\n ...clerkAuthResult,\n hasPermission: async (\n resource: Resource,\n action: RoleActions,\n record?: Record<string, any>,\n ) => {\n return hasPermissionForClaims({\n claims: clerkAuthResult.sessionClaims,\n resource,\n action,\n record,\n });\n },\n };\n}\n"],"names":["clerkAuth"],"mappings":";;;;AAaO,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAA,CAAI,CACxB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAyC,CAAA,CAAA;AAEzC,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAG,MAAMA,CAAAA,CAAAA,CAAAA,CAAAA,CAAAA,CAAS,CAAC,OAAO,CAAC;IAEhD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO;AACL,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe;QAClB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,EAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CACb,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAkB,EAClB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAmB,CAAA,CACnB,MAA4B,CAAA,CAAA,CAAA,CAAA,CAC1B;AACF,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,sBAAsB,CAAC;gBAC5B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa;gBACrC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ;gBACR,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM;gBACN,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM;AACP,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC;QACJ,CAAC;KACF;AACH;;"}

package/dist/clerk/hasPermission.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+import { type Resource, type RoleActions, type Role } from "./rbacConfig";
+/**
+ * Evaluates RBAC permissions using explicitly provided session claims.
+ *
+ * @returns `true` if the role defined in `sessionClaims.metadata.role`
+ * is allowed to perform `action` on `resource` under RBAC rules.
+ */
+export declare function hasPermissionForClaims(args: {
+    claims: ClerkSessionClaims;
+    resource: Resource;
+    action: RoleActions;
+    record?: Record<string, any>;
+}): Promise<boolean>;
+/**
+ * Evaluates RBAC permissions for the currently authenticated user.
+ *
+ * Use this when you do NOT already have session claims.
+ *
+ * @returns `true` if the current user's role is allowed
+ * to perform `action` on `resource` under RBAC rules.
+ */
+export declare function hasPermission(args: {
+    resource: Resource;
+    action: RoleActions;
+    record?: Record<string, any>;
+}): Promise<boolean>;
+export type PermissionCheckInput = {
+    role: Role;
+    claims: ClerkSessionClaims;
+    resource: Resource;
+    action: RoleActions;
+    record?: Record<string, any>;
+};

package/dist/clerk/hasPermission.js ADDED Viewed

@@ -0,0 +1,78 @@
+'use server';
+import { auth } from '@clerk/nextjs/server';
+import { RBAC_CONFIG } from './rbacConfig.js';
+/**
+ * Evaluates RBAC permissions using explicitly provided session claims.
+ *
+ * @returns `true` if the role defined in `sessionClaims.metadata.role`
+ * is allowed to perform `action` on `resource` under RBAC rules.
+ */
+async function hasPermissionForClaims(args) {
+    if (!("metadata" in args.claims))
+        return false;
+    const role = args.claims?.metadata.role;
+    if (!role)
+        return false;
+    return checkPermissions({ role, ...args });
+}
+/**
+ * Evaluates RBAC permissions for the currently authenticated user.
+ *
+ * Use this when you do NOT already have session claims.
+ *
+ * @returns `true` if the current user's role is allowed
+ * to perform `action` on `resource` under RBAC rules.
+ */
+async function hasPermission(args) {
+    let claims;
+    const a = await auth();
+    claims = a.sessionClaims;
+    const role = claims?.metadata.role;
+    if (!role)
+        return false;
+    return checkPermissions({
+        role,
+        claims,
+        ...args,
+    });
+}
+/**
+ * Core RBAC policy evaluator.
+ *
+ * This is the authorization engine shared by all permission checks.
+ * It does NOT perform authentication or session resolution.
+ *
+ * Rules:
+ * - `isSystem` roles bypass all checks
+ * - permissions are matched by `{ resource, action }`
+ * - optional ownership constraints are enforced via `ownerField`
+ * @param {PermissionCheckInput} args
+ * @returns `true` if at least one permission grants access
+ */
+function checkPermissions(args) {
+    const def = RBAC_CONFIG[args.role];
+    if (!def)
+        return false;
+    // Allow system
+    if (def.isSystem)
+        return true;
+    // Iterate over all permissions
+    for (const p of def.permissions) {
+        if (p.resource !== args.resource)
+            continue;
+        if (!p.actions?.[args.action])
+            continue;
+        // Ownership conditions
+        if (p.conditions?.ownerField && args.record) {
+            const ownerField = p.conditions.ownerField;
+            if (args.record[ownerField] !== args.claims.id)
+                continue;
+        }
+        return true;
+    }
+    return false;
+}
+export { hasPermission, hasPermissionForClaims };
+//# sourceMappingURL=hasPermission.js.map

package/dist/clerk/hasPermission.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"hasPermission.js","sources":["../../src/clerk/hasPermission.ts"],"sourcesContent":["\"use server\";\nimport { auth } from \"@clerk/nextjs/server\";\nimport {\n type Resource,\n type RoleActions,\n type Role,\n RBAC_CONFIG,\n} from \"./rbacConfig\";\n\n/**\n * Evaluates RBAC permissions using explicitly provided session claims.\n *\n * @returns `true` if the role defined in `sessionClaims.metadata.role`\n * is allowed to perform `action` on `resource` under RBAC rules.\n */\nexport async function hasPermissionForClaims(args: {\n claims: ClerkSessionClaims;\n resource: Resource;\n action: RoleActions;\n record?: Record<string, any>;\n}): Promise<boolean> {\n if (!(\"metadata\" in args.claims)) return false;\n const role = args.claims?.metadata.role;\n if (!role) return false;\n return checkPermissions({ role, ...args });\n}\n\n/**\n * Evaluates RBAC permissions for the currently authenticated user.\n *\n * Use this when you do NOT already have session claims.\n *\n * @returns `true` if the current user's role is allowed\n * to perform `action` on `resource` under RBAC rules.\n */\nexport async function hasPermission(args: {\n resource: Resource;\n action: RoleActions;\n record?: Record<string, any>;\n}): Promise<boolean> {\n let claims;\n\n const a = await auth();\n claims = a.sessionClaims;\n\n const role = claims?.metadata.role;\n if (!role) return false;\n return checkPermissions({\n role,\n claims,\n ...args,\n });\n}\nexport type PermissionCheckInput = {\n role: Role;\n claims: ClerkSessionClaims;\n resource: Resource;\n action: RoleActions;\n record?: Record<string, any>;\n};\n\n/**\n * Core RBAC policy evaluator.\n *\n * This is the authorization engine shared by all permission checks.\n * It does NOT perform authentication or session resolution.\n *\n * Rules:\n * - `isSystem` roles bypass all checks\n * - permissions are matched by `{ resource, action }`\n * - optional ownership constraints are enforced via `ownerField`\n * @param {PermissionCheckInput} args\n * @returns `true` if at least one permission grants access\n */\nfunction checkPermissions(args: PermissionCheckInput) {\n const def = RBAC_CONFIG[args.role];\n if (!def) return false;\n\n // Allow system\n if (def.isSystem) return true;\n\n // Iterate over all permissions\n for (const p of def.permissions) {\n if (p.resource !== args.resource) continue;\n if (!p.actions?.[args.action]) continue;\n\n // Ownership conditions\n if (p.conditions?.ownerField && args.record) {\n const ownerField = p.conditions.ownerField;\n if (args.record[ownerField] !== args.claims.id) continue;\n }\n\n return true;\n }\n return false;\n}\n"],"names":[],"mappings":";;;;AASA,CAAA,CAAA;;;;;AAKG,CAAA,CAAA;AACI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAsB,CAAC,CAAA,CAAA,CAAA,CAK5C,CAAA,CAAA;AACC,CAAA,CAAA,CAAA,CAAA,IAAI,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,IAAI,CAAA,CAAA,CAAA,CAAI,CAAC,MAAM,CAAC;AAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAK;IAC9C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAI;AACvC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAI;AAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAK;IACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,gBAAgB,CAAC,CAAA,CAAE,IAAI,CAAA,CAAE,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAI,CAAA,CAAE,CAAC;AAC5C;AAEA,CAAA,CAAA;;;;;;;AAOG,CAAA,CAAA;AACI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAe,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa,CAAC,CAAA,CAAA,CAAA,CAInC,CAAA,CAAA;AACC,CAAA,CAAA,CAAA,CAAA,IAAI,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM;AAEV,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,IAAI,CAAA,CAAE;AACtB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAA,CAAG,CAAC,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAa;AAExB,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAG,MAAM,CAAA,CAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ,CAAC,CAAA,CAAA,CAAA,CAAI;AAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAI;AAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAK;AACvB,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAO,gBAAgB,CAAC;QACtB,CAAA,CAAA,CAAA,CAAI;QACJ,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM;AACN,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,GAAG,CAAA,CAAA,CAAA,CAAI;AACR,CAAA,CAAA,CAAA,CAAA,CAAA,CAAC;AACJ;AASA,CAAA,CAAA;;;;;;;;;;;;AAYG,CAAA,CAAA;AACH,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAS,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAgB,CAAC,CAAA,CAAA,CAAA,CAA0B,CAAA,CAAA;IAClD,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,GAAG,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAW,CAAC,CAAA,CAAA,CAAA,CAAI,CAAC,IAAI,CAAC;AAClC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAG;AAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAK;;IAGtB,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAG,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ;AAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAI;;AAG7B,CAAA,CAAA,CAAA,CAAA,KAAK,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,IAAI,CAAA,CAAA,CAAG,CAAC,WAAW,CAAA,CAAE;AAC/B,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,IAAI,CAAC,CAAC,QAAQ,CAAA,CAAA,CAAA,CAAA,CAAK,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAQ;YAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QAClC,CAAA,CAAA,CAAA,CAAI,CAAC,CAAC,CAAC,OAAO,CAAA,CAAA,CAAG,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC;YAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;;QAG/B,CAAA,CAAA,CAAA,CAAI,CAAC,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAE,UAAU,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAA,CAAE;AAC3C,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,MAAM,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAA,CAAA,CAAG,CAAC,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU;YAC1C,CAAA,CAAA,CAAA,CAAI,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAU,CAAC,CAAA,CAAA,CAAA,CAAA,CAAK,CAAA,CAAA,CAAA,CAAI,CAAC,CAAA,CAAA,CAAA,CAAA,CAAA,CAAM,CAAC,CAAA,CAAE;gBAAE,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA;QAClD;AAEA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAI;IACb;AACA,CAAA,CAAA,CAAA,CAAA,OAAO,CAAA,CAAA,CAAA,CAAA,CAAK;AACd;;"}

package/dist/clerk/rbacConfig.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+export declare const roles: readonly ["admin", "manager", "member"];
+export declare const resources: readonly ["systemUsers", "projects", "invitations"];
+export declare const RBAC_CONFIG: {
+    [K in Role]: RoleDoc;
+};
+export type Role = (typeof roles)[number];
+export type Resource = (typeof resources)[number];
+export type RoleActions = "create" | "read" | "update" | "delete";
+export type ResourcePermission = {
+    resource: Resource;
+    actions: Partial<Record<RoleActions, boolean>>;
+    conditions?: {
+        ownerField?: string;
+    };
+};
+export type RoleDoc = {
+    desc?: string;
+    inherits?: string[];
+    isSystem?: boolean;
+    permissions: ResourcePermission[];
+};
+export declare const getInvitationPublicMetadata: (role: Role) => {
+    role: "admin";
+    onboardingComplete: boolean;
+} | {
+    role: "manager";
+    onboardingComplete: boolean;
+} | {
+    role: "member";
+    onboardingComplete: boolean;
+};

package/dist/clerk/rbacConfig.js ADDED Viewed

@@ -0,0 +1,48 @@
+const roles = ["admin", "manager", "member"];
+const resources = ["systemUsers", "projects", "invitations"];
+const RBAC_CONFIG = {
+    admin: {
+        desc: "Full system authority with unrestricted access and management capabilities.",
+        isSystem: true,
+        permissions: [], // system role bypasses all checks
+    },
+    manager: {
+        desc: "Responsible for overseeing teams and resources; can manage existing items and invite users.",
+        inherits: ["member"],
+        permissions: [
+            {
+                resource: "systemUsers",
+                actions: { create: true, read: true, update: true },
+                conditions: { ownerField: "id" },
+            },
+            {
+                resource: "projects",
+                actions: { create: true, read: true, update: true, delete: true },
+            },
+            {
+                resource: "invitations",
+                actions: { create: true, read: true, update: true, delete: true },
+            },
+        ],
+    },
+    member: {
+        desc: "Standard user with read-level access to assigned resources; limited modification rights.",
+        permissions: [
+            { resource: "systemUsers", actions: { read: true } },
+            { resource: "projects", actions: { read: true } },
+        ],
+    },
+};
+const getInvitationPublicMetadata = (role) => {
+    switch (role) {
+        case "admin":
+            return { role, onboardingComplete: true };
+        case "manager":
+            return { role, onboardingComplete: true };
+        default:
+            return { role, onboardingComplete: false };
+    }
+};
+export { RBAC_CONFIG, getInvitationPublicMetadata, resources, roles };
+//# sourceMappingURL=rbacConfig.js.map

package/dist/clerk/rbacConfig.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"rbacConfig.js","sources":["../../src/clerk/rbacConfig.ts"],"sourcesContent":["export const roles = [\"admin\", \"manager\", \"member\"] as const;\nexport const resources = [\"systemUsers\", \"projects\", \"invitations\"] as const;\n\nexport const RBAC_CONFIG: {\n [K in Role]: RoleDoc;\n} = {\n admin: {\n desc: \"Full system authority with unrestricted access and management capabilities.\",\n isSystem: true,\n permissions: [], // system role bypasses all checks\n },\n manager: {\n desc: \"Responsible for overseeing teams and resources; can manage existing items and invite users.\",\n inherits: [\"member\"],\n permissions: [\n {\n resource: \"systemUsers\",\n actions: { create: true, read: true, update: true },\n conditions: { ownerField: \"id\" },\n },\n {\n resource: \"projects\",\n actions: { create: true, read: true, update: true, delete: true },\n },\n {\n resource: \"invitations\",\n actions: { create: true, read: true, update: true, delete: true },\n },\n ],\n },\n member: {\n desc: \"Standard user with read-level access to assigned resources; limited modification rights.\",\n permissions: [\n { resource: \"systemUsers\", actions: { read: true } },\n { resource: \"projects\", actions: { read: true } },\n ],\n },\n} as const;\n\nexport type Role = (typeof roles)[number];\nexport type Resource = (typeof resources)[number];\n\nexport type RoleActions = \"create\" | \"read\" | \"update\" | \"delete\";\n\nexport type ResourcePermission = {\n resource: Resource;\n actions: Partial<Record<RoleActions, boolean>>;\n conditions?: {\n ownerField?: string; // e.g. “creatorId”\n };\n};\nexport type RoleDoc = {\n desc?: string;\n inherits?: string[];\n isSystem?: boolean;\n permissions: ResourcePermission[];\n};\n\nexport const getInvitationPublicMetadata = (role: Role) => {\n switch (role) {\n case \"admin\":\n return { role, onboardingComplete: true };\n case \"manager\":\n return { role, onboardingComplete: true };\n default:\n return { role, onboardingComplete: false };\n }\n};\n"],"names":[],"mappings":"AAAO,MAAM,KAAK,GAAG,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ;AAC3C,MAAM,SAAS,GAAG,CAAC,aAAa,EAAE,UAAU,EAAE,aAAa;AAE3D,MAAM,WAAW,GAEpB;AACF,IAAA,KAAK,EAAE;AACL,QAAA,IAAI,EAAE,6EAA6E;AACnF,QAAA,QAAQ,EAAE,IAAI;QACd,WAAW,EAAE,EAAE;AAChB,KAAA;AACD,IAAA,OAAO,EAAE;AACP,QAAA,IAAI,EAAE,6FAA6F;QACnG,QAAQ,EAAE,CAAC,QAAQ,CAAC;AACpB,QAAA,WAAW,EAAE;AACX,YAAA;AACE,gBAAA,QAAQ,EAAE,aAAa;AACvB,gBAAA,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;AACnD,gBAAA,UAAU,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE;AACjC,aAAA;AACD,YAAA;AACE,gBAAA,QAAQ,EAAE,UAAU;AACpB,gBAAA,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;AAClE,aAAA;AACD,YAAA;AACE,gBAAA,QAAQ,EAAE,aAAa;AACvB,gBAAA,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;AAClE,aAAA;AACF,SAAA;AACF,KAAA;AACD,IAAA,MAAM,EAAE;AACN,QAAA,IAAI,EAAE,0FAA0F;AAChG,QAAA,WAAW,EAAE;YACX,EAAE,QAAQ,EAAE,aAAa,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YACpD,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;AAClD,SAAA;AACF,KAAA;;AAsBI,MAAM,2BAA2B,GAAG,CAAC,IAAU,KAAI;IACxD,QAAQ,IAAI;AACV,QAAA,KAAK,OAAO;AACV,YAAA,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE;AAC3C,QAAA,KAAK,SAAS;AACZ,YAAA,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,IAAI,EAAE;AAC3C,QAAA;AACE,YAAA,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE;;AAEhD;;;;"}

package/dist/clerk/schemas/invitation.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import z from "zod";
+export declare const createInvitationSchema: z.ZodObject<{
+    emailAddress: z.ZodString;
+    expiresInDays: z.ZodOptional<z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodNumber>>;
+    ignoreExisting: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+    notify: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+    role: z.ZodEnum<{
+        admin: "admin";
+        manager: "manager";
+        member: "member";
+    }>;
+}, z.core.$strip>;

package/dist/clerk/schemas/invitation.js ADDED Viewed

@@ -0,0 +1,20 @@
+import z from 'zod';
+import { roles } from '../rbacConfig.js';
+const createInvitationSchema = z.object({
+    emailAddress: z.string(),
+    expiresInDays: z
+        .preprocess((val) => {
+        if (typeof val === "string") {
+            return Number.parseInt(val);
+        }
+        return val;
+    }, z.number())
+        .optional(),
+    ignoreExisting: z.boolean().default(false).optional(),
+    notify: z.boolean().default(true).optional(),
+    role: z.enum(roles),
+});
+export { createInvitationSchema };
+//# sourceMappingURL=invitation.js.map

package/dist/clerk/schemas/invitation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"invitation.js","sources":["../../../src/clerk/schemas/invitation.ts"],"sourcesContent":["import z from \"zod\";\nimport { roles } from \"../rbacConfig\";\n\nexport const createInvitationSchema = z.object({\n emailAddress: z.string(),\n expiresInDays: z\n .preprocess((val) => {\n if (typeof val === \"string\") {\n return Number.parseInt(val);\n }\n return val;\n }, z.number())\n .optional(),\n ignoreExisting: z.boolean().default(false).optional(),\n notify: z.boolean().default(true).optional(),\n role: z.enum(roles),\n});\n"],"names":[],"mappings":";;;AAGO,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;AAC7C,IAAA,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;AACxB,IAAA,aAAa,EAAE;AACZ,SAAA,UAAU,CAAC,CAAC,GAAG,KAAI;AAClB,QAAA,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;AAC3B,YAAA,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC7B;AACA,QAAA,OAAO,GAAG;AACZ,IAAA,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE;AACZ,SAAA,QAAQ,EAAE;AACb,IAAA,cAAc,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,EAAE;AACrD,IAAA,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE;AAC5C,IAAA,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;AACpB,CAAA;;;;"}

package/dist/clerk/schemas/systemUser.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import z from "zod";
+export declare const systemUserUpdateSchema: z.ZodObject<{
+    firstName: z.ZodString;
+    lastName: z.ZodString;
+    imageFile: z.ZodFile;
+}, z.core.$strip>;

package/dist/clerk/toClientSafeUser.d.ts ADDED Viewed

@@ -0,0 +1,48 @@
+import type { User } from "@clerk/nextjs/server";
+/**
+ * Client-safe representation of a Clerk User.
+ *
+ * This intentionally excludes any sensitive or server-only fields
+ * (e.g. privateMetadata, externalAccounts with tokens, etc.)
+ * and contains only JSON-serializable data that is safe to pass
+ * from Server Components to Client Components.
+ */
+export type ClientSafeUser = {
+    id: string;
+    username: string | null;
+    firstName: string | null;
+    lastName: string | null;
+    fullName: string | null;
+    imageUrl: string;
+    primaryEmailAddress: {
+        id: string;
+        emailAddress: string;
+        verified: boolean;
+    };
+    emailAddresses: Array<{
+        id: string;
+        emailAddress: string;
+        verified: boolean;
+    }>;
+    publicMetadata: CustomJwtSessionClaims["metadata"];
+    createdAt: Date | null;
+    updatedAt: Date | null;
+    lastSignInAt: Date | null;
+};
+/**
+ * Converts a Clerk `User` (server-side) into a client-safe, serializable object.
+ *
+ * Why this exists:
+ * - The Clerk `User` class contains methods and non-serializable fields.
+ * - Passing it directly to a Client Component will break React Server Components.
+ * - This function strips the object down to stable, safe primitives only.
+ *
+ * Rules enforced here:
+ * - No functions
+ * - No circular references
+ * - No private or sensitive data
+ *
+ * @param user Clerk User instance from `@clerk/nextjs/server`
+ * @returns ClientSafeUser plain object
+ */
+export declare function toClientSafeUser(user: User): ClientSafeUser;

package/dist/clerk/toClientSafeUser.js ADDED Viewed

@@ -0,0 +1,46 @@
+/**
+ * Converts a Clerk `User` (server-side) into a client-safe, serializable object.
+ *
+ * Why this exists:
+ * - The Clerk `User` class contains methods and non-serializable fields.
+ * - Passing it directly to a Client Component will break React Server Components.
+ * - This function strips the object down to stable, safe primitives only.
+ *
+ * Rules enforced here:
+ * - No functions
+ * - No circular references
+ * - No private or sensitive data
+ *
+ * @param user Clerk User instance from `@clerk/nextjs/server`
+ * @returns ClientSafeUser plain object
+ */
+function toClientSafeUser(user) {
+    const pea = user.emailAddresses.find((ea) => ea.id == user.primaryEmailAddressId);
+    if (!pea)
+        throw new Error("Missing primaryEmailAddress");
+    return {
+        id: user.id,
+        username: user.username,
+        firstName: user.firstName,
+        lastName: user.lastName,
+        fullName: user.fullName,
+        imageUrl: user.imageUrl,
+        primaryEmailAddress: {
+            id: pea.id,
+            emailAddress: pea.emailAddress,
+            verified: pea.verification?.status === "verified",
+        },
+        emailAddresses: user.emailAddresses.map((email) => ({
+            id: email.id,
+            emailAddress: email.emailAddress,
+            verified: email.verification?.status === "verified",
+        })),
+        publicMetadata: user.publicMetadata ?? {},
+        createdAt: new Date(user.createdAt),
+        updatedAt: new Date(user.updatedAt),
+        lastSignInAt: user.lastSignInAt ? new Date(user.lastSignInAt) : null,
+    };
+}
+export { toClientSafeUser };
+//# sourceMappingURL=toClientSafeUser.js.map

package/dist/clerk/toClientSafeUser.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"toClientSafeUser.js","sources":["../../src/clerk/toClientSafeUser.ts"],"sourcesContent":["import type { User } from \"@clerk/nextjs/server\";\n\n/**\n * Client-safe representation of a Clerk User.\n *\n * This intentionally excludes any sensitive or server-only fields\n * (e.g. privateMetadata, externalAccounts with tokens, etc.)\n * and contains only JSON-serializable data that is safe to pass\n * from Server Components to Client Components.\n */\nexport type ClientSafeUser = {\n id: string;\n username: string | null;\n firstName: string | null;\n lastName: string | null;\n fullName: string | null;\n imageUrl: string;\n primaryEmailAddress: {\n id: string;\n emailAddress: string;\n verified: boolean;\n };\n emailAddresses: Array<{\n id: string;\n emailAddress: string;\n verified: boolean;\n }>;\n publicMetadata: CustomJwtSessionClaims[\"metadata\"];\n createdAt: Date | null;\n updatedAt: Date | null;\n lastSignInAt: Date | null;\n};\n\n/**\n * Converts a Clerk `User` (server-side) into a client-safe, serializable object.\n *\n * Why this exists:\n * - The Clerk `User` class contains methods and non-serializable fields.\n * - Passing it directly to a Client Component will break React Server Components.\n * - This function strips the object down to stable, safe primitives only.\n *\n * Rules enforced here:\n * - No functions\n * - No circular references\n * - No private or sensitive data\n *\n * @param user Clerk User instance from `@clerk/nextjs/server`\n * @returns ClientSafeUser plain object\n */\nexport function toClientSafeUser(user: User): ClientSafeUser {\n const pea = user.emailAddresses.find(\n (ea) => ea.id == user.primaryEmailAddressId\n );\n if (!pea) throw new Error(\"Missing primaryEmailAddress\");\n return {\n id: user.id,\n username: user.username,\n firstName: user.firstName,\n lastName: user.lastName,\n fullName: user.fullName,\n imageUrl: user.imageUrl,\n primaryEmailAddress: {\n id: pea.id,\n emailAddress: pea.emailAddress,\n verified: pea.verification?.status === \"verified\",\n },\n emailAddresses: user.emailAddresses.map((email) => ({\n id: email.id,\n emailAddress: email.emailAddress,\n verified: email.verification?.status === \"verified\",\n })),\n publicMetadata: user.publicMetadata ?? {},\n createdAt: new Date(user.createdAt),\n updatedAt: new Date(user.updatedAt),\n lastSignInAt: user.lastSignInAt ? new Date(user.lastSignInAt) : null,\n };\n}\n"],"names":[],"mappings":"AAiCA;;;;;;;;;;;;;;;AAeG;AACG,SAAU,gBAAgB,CAAC,IAAU,EAAA;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAClC,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,IAAI,CAAC,qBAAqB,CAC5C;AACD,IAAA,IAAI,CAAC,GAAG;AAAE,QAAA,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC;IACxD,OAAO;QACL,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;AACvB,QAAA,mBAAmB,EAAE;YACnB,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,YAAY,EAAE,GAAG,CAAC,YAAY;AAC9B,YAAA,QAAQ,EAAE,GAAG,CAAC,YAAY,EAAE,MAAM,KAAK,UAAU;AAClD,SAAA;AACD,QAAA,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,KAAK,MAAM;YAClD,EAAE,EAAE,KAAK,CAAC,EAAE;YACZ,YAAY,EAAE,KAAK,CAAC,YAAY;AAChC,YAAA,QAAQ,EAAE,KAAK,CAAC,YAAY,EAAE,MAAM,KAAK,UAAU;AACpD,SAAA,CAAC,CAAC;AACH,QAAA,cAAc,EAAE,IAAI,CAAC,cAAc,IAAI,EAAE;AACzC,QAAA,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;AACnC,QAAA,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC;AACnC,QAAA,YAAY,EAAE,IAAI,CAAC,YAAY,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,IAAI;KACrE;AACH;;;;"}

package/dist/constants/defaults.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import type { ListItemProps, TabProps } from "@studiocubics/components";
+export declare const defaultNavLinks: ListItemProps[];
+export declare const defaultSecurityLinks: TabProps[];
+export declare const fontH: import("next/dist/compiled/@next/font").NextFontWithVariable;
+export declare const fontP: import("next/dist/compiled/@next/font").NextFontWithVariable;
+export declare const defaultBodyClassName: string;